| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Malewarebytes meldet ccleaner.exe sei infiziert?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.10.2012, 14:28
| #1 |
 |  Malewarebytes meldet ccleaner.exe sei infiziert? Hi T-B´ler. Erhielt soeben im Log angefügte Meldung. Weiß nicht, was zu tun ist. Dank und Gruß Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Datenbank Version: v2012.10.24.01 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 8.0.6001.19328 TIM :: TIM-PC [Administrator] 24.10.2012 12:47:29 mbam-log-2012-10-24 (15-24-15).txt Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|N:\|) Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 453240 Laufzeit: 2 Stunde(n), 33 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 1 HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccleaner.exe (Security.Hijack) -> Keine Aktion durchgeführt. Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Hallo erneut. Hat o.g. Meldung ggf. noch was mit meinem Beitrag "Hab da wohl mal nen Problem namens BKA Trojaner auf Vista" von letzter Woche zu tun????? Dank und Gruß Hallo erneut. Hat o.g. Meldung ggf. noch was mit meinem Beitrag "Hab da wohl mal nen Problem namens BKA Trojaner auf Vista" von letzter Woche zu tun????? Dank und Gruß |
|
25.10.2012, 12:56
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Malewarebytes meldet ccleaner.exe sei infiziert? Systemscan mit OTL
__________________Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
__________________ |
|
25.10.2012, 16:19
| #3 |
| | Malewarebytes meldet ccleaner.exe sei infiziert? Hi cosinus.
__________________Danke für deine Zeit. Hoffe du kannst mir helfen. Anbei die erwünschten Reports. Danke und GrußOTL Logfile: Code:
ATTFilter OTL logfile created on: 25.10.2012 17:07:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19328) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,43% Memory free 6,21 Gb Paging File | 4,99 Gb Available in Paging File | 80,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 445,76 Gb Total Space | 355,05 Gb Free Space | 79,65% Space Free | Partition Type: NTFS Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32 Drive N: | 465,76 Gb Total Space | 245,64 Gb Free Space | 52,74% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\TIM\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH) PRC - C:\Windows\System32\libusbd-nt.exe (libusb-Win32) PRC - C:\Windows\SCARDS32.EXE (SCM Microsystems) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (TVECapSvc) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe () SRV - (TVESched) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe () SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH) SRV - (libusbd) -- C:\Windows\System32\libusbd-nt.exe (libusb-Win32) SRV - (TWKSCARDSRV) -- C:\Windows\SCARDS32.EXE (SCM Microsystems) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys File not found DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found DRV - (a3nlf88y) -- File not found DRV - (A2DDA) -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys File not found DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (SCR3XX2K) -- C:\Windows\System32\drivers\SCR3XX2K.sys (SCM Microsystems Inc.) DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation) DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (NXP Semiconductors Germany GmbH) DRV - (s217unic) -- C:\Windows\System32\drivers\s217unic.sys (MCCI) DRV - (s217mgmt) -- C:\Windows\System32\drivers\s217mgmt.sys (MCCI Corporation) DRV - (s217obex) -- C:\Windows\System32\drivers\s217obex.sys (MCCI Corporation) DRV - (s217nd5) -- C:\Windows\System32\drivers\s217nd5.sys (MCCI Corporation) DRV - (s217mdm) -- C:\Windows\System32\drivers\s217mdm.sys (MCCI Corporation) DRV - (s217bus) -- C:\Windows\System32\drivers\s217bus.sys (MCCI Corporation) DRV - (s217mdfl) -- C:\Windows\System32\drivers\s217mdfl.sys (MCCI Corporation) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (EthDriver) -- C:\Windows\System32\drivers\DLKRT32.sys (D-Link Corp.) DRV - (WINFLASH) -- C:\Medion\WinFlash.sys () DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (CHIPDRIVE USB SmartCardReader) -- C:\Windows\System32\drivers\TwkUsb2K.sys (SCM Microsystems Inc.) DRV - (libusb0) -- C:\Windows\System32\drivers\libusb0.sys () DRV - (TWKSER2K) -- C:\Windows\System32\drivers\TWKSER2K.sys (SCM Microsystems Inc.) DRV - (TwkPCSC) -- C:\Windows\System32\drivers\TWKPCSC.SYS (Towitoko AG) DRV - (TWKPNP) -- C:\Windows\System32\drivers\TWKPNP.SYS (Towitoko AG) DRV - (TwkMs) -- C:\Windows\System32\drivers\TWKMS.SYS (Towitoko AG) DRV - (CA561) -- C:\Windows\System32\drivers\SPCA561.SYS (SP) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.02.19 14:52:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.18 13:18:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.18 13:16:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.10.19 14:29:02 | 000,000,000 | ---D | M] [2012.10.18 13:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.12.28 11:43:09 | 000,000,848 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 192.168.1.4 WDTVLIVE O1 - Hosts: 192.168.1.5 ROBIN-PC O1 - Hosts: 192.168.1.6 MACUGRUW O1 - Hosts: 192.168.1.8 MACUGRU O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{575D3576-698F-4DFB-9FC5-1905460B78C5}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEE6A5AB-FE86-4756-951D-03A58BB529EF}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6C86ACC-9D86-48DA-9444-166FFE310E11}: DhcpNameServer = 192.168.178.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O24 - Desktop WallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\ccleaner.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\inteldh.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\shell.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.10.25 17:04:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.23 13:42:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2012.10.23 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.10.22 22:46:32 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Chromium [2012.10.22 19:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012.10.20 16:53:08 | 000,000,000 | ---D | C] -- C:\Users\TIM\.swt [2012.10.20 10:55:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.10.20 10:55:57 | 000,000,000 | -HSD | C] -- \Config.Msi [2012.10.19 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\CANON_INC [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2012.10.19 17:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Immersion [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Total Immersion [2012.10.18 17:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012.10.18 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.18 13:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.10.18 13:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.18 13:06:09 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.18 13:06:09 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.18 13:06:09 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.18 13:06:09 | 010,837,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.18 13:06:09 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.18 13:06:09 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.18 13:06:09 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.18 13:06:09 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.18 13:06:09 | 000,888,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.18 12:49:57 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.10.18 12:49:57 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.10.18 12:18:14 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:18:14 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:16:52 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 11:36:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2012.10.18 11:36:41 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.10.18 11:36:41 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.10.14 17:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012.10.14 16:24:49 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Corporation [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Windows Live [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2012.10.13 11:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe(4) [2012.10.13 10:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.12 15:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(45) [2012.10.09 14:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2012.10.09 14:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013 [2012.10.09 14:57:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2012.10.08 21:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2012.10.08 21:03:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\Anti-Malware [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.07 22:09:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2012.10.07 21:50:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2012.10.07 21:50:34 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Samsung [2012.10.07 21:50:24 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\samsung [2012.10.07 21:45:07 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2012.10.07 21:41:50 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Downloaded Installations [2012.10.06 11:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems [2012.10.05 21:01:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.10.05 16:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\PC TuneUp Tools [2012.10.04 10:30:36 | 000,000,000 | ---D | C] -- C:\Users\TIM\Desktop\SD Cards [2012.10.02 18:09:44 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.10.02 17:18:57 | 000,054,776 | ---- | C] (Codejock Software) -- C:\Windows\System32\cjResource.dll [2012.10.02 17:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\EGK Viewer [2012.10.02 16:58:01 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx [2012.10.02 16:58:01 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6de.dll [2012.10.02 16:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chipcardmaster [2012.10.02 16:58:00 | 000,059,392 | ---- | C] (Bjørnar Henden) -- C:\Windows\isxdl.dll [2012.10.02 16:58:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\gzip.dll [2012.10.02 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Chipcardmaster [2012.10.02 16:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster [2012.10.02 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Projects [2012.10.02 13:15:52 | 000,430,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.09.30 12:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.09.30 12:34:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.09.29 20:49:33 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Oblivion [2012.09.29 20:49:33 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\My Games [2012.09.29 20:27:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012.09.29 20:21:47 | 002,557,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.09.29 20:21:47 | 000,062,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.09.29 20:21:12 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2012.09.29 20:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.09.29 20:20:05 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.09.29 20:20:05 | 001,009,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.09.29 20:20:05 | 000,883,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll [2012.09.29 20:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.09.29 20:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- C:\Medion [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- \Medion [2012.09.29 18:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2012.09.29 17:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2012.09.29 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\.phase-6 [2012.09.29 15:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6 [2012.09.29 15:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase6 [2012.09.29 15:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\phase-6 [2012.09.29 15:13:27 | 000,000,000 | ---D | C] -- C:\Users\TIM\Hörbücher [2012.09.29 11:15:59 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\Nutz [2012.09.29 11:12:45 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Games [2012.09.29 00:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2012.09.28 23:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2012.09.28 23:34:19 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Macromedia [2012.09.28 23:28:04 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.09.28 23:28:04 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.09.28 23:22:32 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.09.28 22:51:05 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.09.28 22:27:40 | 000,320,512 | ---- | C] (SCM Microsystems) -- C:\Windows\System32\TWKDIAG.CPL [2012.09.28 22:27:40 | 000,264,192 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDS32.EXE [2012.09.28 22:27:40 | 000,259,584 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDSRV.EXE [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CT32.DLL [2012.09.28 22:27:40 | 000,070,656 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV32.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CT.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDLL32.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (SCM Microsystems) -- C:\Windows\GEN_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_NT.DLL [2012.09.28 22:27:40 | 000,058,368 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD32.DLL [2012.09.28 22:27:40 | 000,052,736 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV.DLL [2012.09.28 22:27:40 | 000,041,728 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDRVDLL.DLL [2012.09.28 22:27:40 | 000,037,376 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD.DLL [2012.09.28 22:27:40 | 000,012,906 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKUSB.SYS [2012.09.28 22:27:40 | 000,011,676 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPCSC.SYS [2012.09.28 22:27:40 | 000,005,550 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPNP.SYS [2012.09.28 22:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIPDRIVE [2012.09.28 22:27:38 | 000,864,851 | ---- | C] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 21:43:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012.09.28 21:41:53 | 000,230,912 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM9C.DLL [2012.09.28 21:41:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll [2012.09.28 21:40:24 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2012.09.28 21:40:08 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012.09.28 21:40:06 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2012.09.28 21:39:54 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.09.28 21:39:53 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.09.28 21:39:53 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012.09.28 21:39:53 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012.09.28 21:39:52 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.09.28 21:39:52 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.09.28 21:39:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012.09.28 21:39:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012.09.28 21:39:50 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.09.28 21:39:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012.09.28 21:39:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.09.28 21:39:49 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2012.09.28 21:39:49 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.09.28 21:39:49 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.09.28 21:39:49 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.09.28 21:39:49 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012.09.28 21:39:48 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012.09.28 21:39:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012.09.28 21:39:27 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012.09.28 21:39:27 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012.09.28 21:39:27 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012.09.28 21:39:27 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012.09.28 21:39:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012.09.28 21:39:23 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2012.09.28 21:39:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012.09.28 21:39:22 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012.09.28 21:38:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012.09.28 21:27:22 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2012.09.28 21:12:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012.09.28 21:12:10 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012.09.28 21:11:36 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012.09.28 21:11:36 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012.09.28 21:11:36 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012.09.28 21:11:15 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012.09.28 21:11:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012.09.28 21:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.28 21:07:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.28 21:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.09.28 21:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\SCM Microsystems [2012.09.28 21:04:21 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SCM Microsystems CHIPDRIVE Tools [2012.09.28 19:57:09 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Apple [2012.09.28 19:39:42 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Thunderbird [2012.09.28 19:33:37 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Mozilla [2012.09.28 19:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN [2012.09.28 19:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\avmwlanstick [2012.09.28 19:28:47 | 000,004,352 | R--- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmeject.sys [2012.09.28 19:26:38 | 000,586,752 | ---- | C] (AVM GmbH) -- C:\Windows\System32\drivers\fwlanusbn.sys [2012.09.28 19:26:38 | 000,078,336 | ---- | C] (AVM Berlin) -- C:\Windows\System32\fwusbnci.dll [2012.09.28 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Adobe [2012.09.28 19:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.09.28 19:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.09.28 19:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012.09.28 19:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2012.09.28 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup [2012.09.28 19:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.09.28 19:09:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.09.28 19:09:25 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.09.28 19:09:25 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.09.28 19:09:25 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.09.28 19:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- C:\.fseventsd [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- \.fseventsd [2012.09.26 20:57:14 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzdecode.ax [2012.09.26 20:57:14 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.dll [2012.09.26 20:57:14 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\Windows\System32\MSLUR71.dll [2012.09.26 20:57:14 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\Windows\System32\muzoggsp.ax [2012.09.26 20:57:14 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\Windows\System32\MSCLib.dll [2012.09.26 20:57:14 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\Windows\System32\muzwmts.dll [2012.09.26 20:57:14 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.exe [2012.09.26 20:57:14 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\Windows\System32\MSFLib.dll [2012.09.26 20:57:14 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzaf1.dll [2012.09.26 20:57:14 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmpgsp.ax [2012.09.26 20:57:14 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\Windows\System32\muzeffect.ax [2012.09.26 20:57:14 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\Windows\System32\MaDRM.dll [2012.09.26 20:57:14 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmp4sp.ax [2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek) -- C:\Windows\System32\MK_Lyric.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\Windows\System32\MTXSYNCICON.dll [2012.09.26 20:57:14 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MaJGUILib.dll [2012.09.26 20:57:14 | 000,045,320 | ---- | C] (MARKANY) -- C:\Windows\System32\MAMACExtract.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MaXMLProto.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MACXMLProto.dll [2012.09.26 20:57:14 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\Windows\System32\MTTELECHIP.dll [2012.09.26 20:57:14 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\Windows\System32\MASetupCleaner.exe [2012.09.25 21:22:29 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\ApplicationHistory [2012.09.25 21:22:26 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\TVEnhance [2012.09.25 21:22:16 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.09.25 21:22:16 | 000,000,000 | R--D | C] -- C:\Users\TIM\Searches [2012.09.25 21:22:16 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.09.25 21:22:12 | 000,000,000 | R--D | C] -- C:\Users\TIM\Contacts [2012.09.25 21:22:11 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\VirtualStore [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Vorlagen [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\AppData\Local\Verlauf [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\AppData\Local\Temporary Internet Files [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Startmenü [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\SendTo [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Recent [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Netzwerkumgebung [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Lokale Einstellungen [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Documents\Eigene Videos [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Documents\Eigene Musik [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Eigene Dateien [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Documents\Eigene Bilder [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Druckumgebung [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Cookies [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\AppData\Local\Anwendungsdaten [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Anwendungsdaten [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Videos [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Saved Games [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Links [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Favorites [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Downloads [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Documents [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Desktop [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.09.25 21:21:56 | 000,000,000 | -H-D | C] -- C:\Users\TIM\AppData [2012.09.25 21:21:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Temp [2012.09.25 21:21:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.25 17:10:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C14BE3A1-7541-42F6-935E-22B317B092E6}.job [2012.10.25 17:09:00 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B06D0B9E-F49B-4947-82CA-302808DCB46D}.job [2012.10.25 17:04:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.25 16:42:57 | 000,000,260 | ---- | M] () -- C:\Windows\scardsrv.ini [2012.10.25 16:42:52 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.25 16:42:52 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.25 16:42:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.25 16:42:33 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.25 11:15:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.23 16:18:51 | 000,018,944 | ---- | M] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.10.23 13:42:30 | 000,706,256 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.23 13:42:30 | 000,661,242 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.23 13:42:30 | 000,160,122 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.23 13:42:30 | 000,130,998 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.22 12:34:24 | 000,372,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.20 16:52:58 | 000,001,062 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.10.20 16:52:58 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | M] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 14:27:33 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 12:16:40 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 12:16:38 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:16:38 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.10.18 12:16:38 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:15:34 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.18 12:15:34 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.17 00:12:24 | 000,192,907 | ---- | M] () -- C:\Users\TIM\Documents\Picture 1.jpg [2012.10.08 19:02:30 | 000,004,464 | ---- | M] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:48:25 | 000,000,595 | ---- | M] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.07 14:31:13 | 000,002,176 | ---- | M] () -- C:\Windows\HBCIKRNL.INI [2012.10.05 16:34:21 | 000,000,000 | ---- | M] () -- C:\Windows\a1b60r.dll [2012.10.05 16:33:45 | 000,000,013 | ---- | M] () -- C:\Windows\a1b59.dll [2012.10.03 00:20:00 | 019,906,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.03 00:20:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.03 00:20:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.10.03 00:20:00 | 012,501,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.03 00:20:00 | 010,837,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.03 00:20:00 | 007,697,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.03 00:20:00 | 006,127,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.03 00:20:00 | 002,574,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.03 00:20:00 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2012.10.03 00:20:00 | 001,867,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.03 00:20:00 | 001,009,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.10.03 00:20:00 | 000,888,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.03 00:20:00 | 000,012,865 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2012.10.02 21:29:41 | 002,557,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.10.02 21:29:41 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2012.10.02 21:29:41 | 000,062,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.10.02 21:29:22 | 002,853,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2012.10.02 21:28:53 | 003,965,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2012.10.02 18:09:44 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | M] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 13:15:52 | 000,430,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:48:05 | 000,032,514 | ---- | M] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:28:02 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.29 18:12:14 | 000,000,450 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | M] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 10:53:03 | 000,031,420 | ---- | M] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 23:19:18 | 000,000,680 | RHS- | M] () -- C:\Users\TIM\ntuser.pol [2012.09.28 22:27:46 | 000,002,776 | ---- | M] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:38 | 000,864,851 | ---- | M] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 19:10:13 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | M] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | M] () -- C:\._.DS_Store [2012.09.26 20:57:22 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll [2012.09.26 20:57:14 | 000,974,848 | ---- | M] () -- C:\Windows\System32\cis-2.4.dll [2012.09.26 20:57:14 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzdecode.ax [2012.09.26 20:57:14 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.dll [2012.09.26 20:57:14 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\System32\MSLUR71.dll [2012.09.26 20:57:14 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\Windows\System32\muzoggsp.ax [2012.09.26 20:57:14 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\System32\MSCLib.dll [2012.09.26 20:57:14 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\System32\muzwmts.dll [2012.09.26 20:57:14 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.exe [2012.09.26 20:57:14 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\System32\MSFLib.dll [2012.09.26 20:57:14 | 000,143,360 | ---- | M] () -- C:\Windows\System32\3DAudio.ax [2012.09.26 20:57:14 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzaf1.dll [2012.09.26 20:57:14 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzmpgsp.ax [2012.09.26 20:57:14 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\Windows\System32\muzeffect.ax [2012.09.26 20:57:14 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\System32\MaDRM.dll [2012.09.26 20:57:14 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzmp4sp.ax [2012.09.26 20:57:14 | 000,081,920 | ---- | M] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | M] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\System32\MK_Lyric.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\System32\MTXSYNCICON.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.09.26 20:57:14 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MaJGUILib.dll [2012.09.26 20:57:14 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\System32\MAMACExtract.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MaXMLProto.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MACXMLProto.dll [2012.09.26 20:57:14 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\System32\MTTELECHIP.dll [2012.09.26 20:57:14 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\Windows\System32\MASetupCleaner.exe [2012.09.25 21:22:29 | 000,000,091 | ---- | M] () -- C:\Users\TIM\AppData\Local\fusioncache.dat [2012.09.25 19:36:15 | 000,000,039 | ---- | M] () -- C:\Windows\WININIT.INI [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.22 12:33:55 | 000,372,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.20 16:52:58 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | C] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 13:16:04 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.10.18 12:49:56 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 11:32:21 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.17 00:13:25 | 000,192,907 | ---- | C] () -- C:\Users\TIM\Documents\Picture 1.jpg [2012.10.08 19:02:28 | 000,004,464 | ---- | C] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:49:29 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012.10.08 00:49:29 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012.10.08 00:49:29 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax [2012.10.08 00:48:25 | 000,000,595 | ---- | C] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.05 21:01:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.05 16:34:21 | 000,000,000 | ---- | C] () -- C:\Windows\a1b60r.dll [2012.10.05 16:33:45 | 000,000,013 | ---- | C] () -- C:\Windows\a1b59.dll [2012.10.02 18:09:44 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 16:58:00 | 000,001,263 | ---- | C] () -- C:\Windows\isxdlge2.ini [2012.09.30 18:15:04 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:47:56 | 000,032,514 | ---- | C] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:20:05 | 000,012,865 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2012.09.29 18:05:51 | 000,000,450 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 15:20:59 | 000,001,062 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | C] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 12:40:47 | 000,018,944 | ---- | C] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.29 10:52:59 | 000,031,420 | ---- | C] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 22:27:46 | 000,002,776 | ---- | C] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:41 | 000,000,260 | ---- | C] () -- C:\Windows\scardsrv.ini [2012.09.28 21:08:05 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.28 21:04:30 | 000,002,176 | ---- | C] () -- C:\Windows\HBCIKRNL.INI [2012.09.28 19:28:53 | 000,013,189 | R--- | C] () -- C:\Windows\instwcli.inf [2012.09.28 19:26:38 | 000,015,565 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin [2012.09.28 19:19:33 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.28 19:18:54 | 000,001,806 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.09.28 19:10:13 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- \.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- C:\._.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- \._.DS_Store [2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.09.26 20:57:14 | 000,143,360 | ---- | C] () -- C:\Windows\System32\3DAudio.ax [2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.09.25 21:22:29 | 000,000,091 | ---- | C] () -- C:\Users\TIM\AppData\Local\fusioncache.dat [2012.09.25 21:22:16 | 000,000,948 | ---- | C] () -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.09.25 21:22:06 | 000,000,680 | RHS- | C] () -- C:\Users\TIM\ntuser.pol [2012.09.25 19:36:15 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI [2010.01.30 18:52:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.02.19 15:33:15 | 000,000,512 | ---- | C] () -- \TVE.iss [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008.02.19 12:09:21 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2008.02.19 12:09:20 | 000,333,257 | RHS- | C] () -- \bootmgr [2006.11.02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006.11.02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.10.2012 17:07:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,43% Memory free
6,21 Gb Paging File | 4,99 Gb Available in Paging File | 80,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 355,05 Gb Free Space | 79,65% Space Free | Partition Type: NTFS
Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32
Drive N: | 465,76 Gb Total Space | 245,64 Gb Free Space | 52,74% Space Free | Partition Type: NTFS
Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [UnzipThemAll] -- "C:\Program Files\UnzipThemAll\UnzipThemAll.exe" "%1" (Hervé Thouzard)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009699C5-57E6-46FA-9601-64035CDA6579}" = rport=10243 | protocol=6 | dir=out | app=system |
"{02B19D77-266C-4116-8326-E080DC71949A}" = rport=139 | protocol=6 | dir=out | app=system |
"{0E01D114-3B35-42D3-864F-9F08D9DDE325}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{106933CF-BA83-4CEB-BC6A-CAAA2146AD95}" = rport=137 | protocol=17 | dir=out | app=system |
"{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{1EB86C72-6671-44C5-9281-0A2B9C738160}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25A4CA32-8173-4909-A12D-62F5583DC3DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{356F29C8-6299-4BC6-9DE6-ED280856E373}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B3C08F6-C4D1-459E-85D0-4D467343FF3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F3ECE08-D866-4AD0-858C-4C64EE7D03CE}" = rport=138 | protocol=17 | dir=out | app=system |
"{4B05DD1F-BAE6-4BC0-9662-FDD97F169F4B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53B8359E-D36F-4F47-98C9-CE1F362511A4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{594FD98C-C8CA-40BD-994F-9A6BD1C5B728}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5956E2AB-C49E-4F1E-A87D-00C196C7A5E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63032B01-18C9-4B1C-AB68-82E4912F85DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7252BD88-2EC6-4C4E-8E49-821D4D2DD930}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{73F5FA9B-47D2-484D-8157-FB58202796D2}" = lport=137 | protocol=17 | dir=in | app=system |
"{7E76F2BF-9655-41A7-8E60-8127D8BB1062}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D44297F-DA5E-457A-A0AB-7356DA4B8A1D}" = rport=1723 | protocol=6 | dir=out | app=system |
"{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{92962189-9CF4-4E1A-828D-5CEAF54C497E}" = lport=138 | protocol=17 | dir=in | app=system |
"{9317E70F-B91F-41BF-9228-25AA224D3914}" = lport=445 | protocol=6 | dir=in | app=system |
"{95772350-19D1-43F0-BBC2-C12252AD3AA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BD1BE4F-EA1C-48D5-83FD-5B012C1ED070}" = rport=445 | protocol=6 | dir=out | app=system |
"{9DE8496F-EDC6-4D27-8240-479FE06E84AD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A9B035F7-1AC4-4845-AEDD-0676409F1A82}" = rport=1701 | protocol=17 | dir=out | app=system |
"{B550BCBD-7EDB-40EE-BD18-23F8C294FA8A}" = lport=1723 | protocol=6 | dir=in | app=system |
"{C86E5EA4-B9DE-46F5-8023-71A381104FE4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C901F090-AD82-4546-B5A3-7FACC1582659}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CB249367-3037-42D1-8398-2EAB631FDAFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D48767FB-CBB3-47DB-B32E-1C5229B96A19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7C6D559-003B-457B-B704-648EB478A8BC}" = lport=1701 | protocol=17 | dir=in | app=system |
"{F8160F25-D3EE-428F-9E6F-B27C15A53895}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049D8063-B1A1-453D-8E8C-641915077263}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107FDF09-5668-4C39-B6C2-AE0CCC02FC46}" = protocol=6 | dir=out | app=system |
"{15B8E0E7-A20F-4CA8-A60B-73186071F47E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20028EB4-015E-45BB-9BF4-0FA2400C87E5}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{23141A48-3CA1-44E7-80E9-5BC4993C0C06}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{30320846-E6FF-40B3-BBEE-1DB9405D337C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3CB17FFF-E1E3-4A49-9A93-35E4D3B8324B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44459E08-CB2F-4496-A48F-ABB8A863FF63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F729969-C49F-48A4-9793-386678AD269C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{63ACEDD0-E493-454A-BF57-762ECA97EB53}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{700753F8-0BC6-469F-8CAE-6069CDCC0371}" = dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{73A07CE6-080D-427A-BC85-512F9317C404}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73C75508-F1BD-4A28-BB67-56C57C79A573}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{7D17CE5A-AB47-44FF-81FD-413FC8FD79E2}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{862A87AE-FEBD-498A-BCE4-D11C1C415E06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E3061DA-46FD-46E9-840D-25DBA16D30C2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A82DA86D-AA7E-460D-A5FF-A843C7F52EB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5A9E8A1-4646-41C1-919A-CCC1FC15FCEF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BEB8776E-1940-443C-B0CB-5C7603B59201}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CABE30E3-6097-46BD-B413-C4FDA9D7B423}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{EDCBD877-8AD3-4C88-B35E-10478C257DE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F16DA657-8928-4778-8937-BB90910F5002}" = dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{FB0CBA55-13A8-40B5-8221-598E452745FE}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{FD71DFC9-4F00-4D29-9CF7-0358D90EA796}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{00B83EF6-D298-4114-8DD8-31E663638168}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{1905459F-A6A5-4FDC-9D30-FAB14546B545}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{418F097D-401B-4BA1-9662-E45ED29F5918}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"TCP Query User{432CE6B8-B6A6-4FAA-9A18-013BDD739706}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0DC4FA62-F5F6-49D6-8618-01E50FD67A27}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"UDP Query User{544927E7-5267-402F-80A6-60961B85149A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{78AA94A3-AF76-476C-AE1D-F16D8526E9C5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9E94EC24-F753-47B9-9AEF-7A69AA3EEA65}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}" = TVsweeper 3
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE VCD
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"{AA898D01-D4E3-43C6-8E25-70CA660B9F16}" = CHIPDRIVE extern/intern/micro treiber 3.1
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF118D79-F61B-4379-A059-5A3250324326}" = SCR3xxx Smart Card Reader
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"Chipcardmaster_is1" = Chipcardmaster 7.04
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"EOS USB WIA Driver" = EOS USB WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"InstallShield_{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IsoBuster_is1" = IsoBuster 3.0
"LetsTrade" = LetsTrade Komponenten
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"phase-6" = phase-6 2.3.1d
"phase-6 Feeding Tool" = phase-6 Feeding Tool 1.1.4
"PROSetDX" = Intel(R) Network Connections 13.5.32.0
"RarZilla Free Unrar" = RarZilla Free Unrar
"RealPlayer 6.0" = RealPlayer
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"TwkSCard" = CHIPDRIVE - Gerätetreiber V2.14.41
"UnzipThemAll_is1" = UnzipThemAll 1.3
"VLC media player" = VLC media player 2.0.3
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"X10Hardware" = X10 Hardware(TM)
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zak McKracken - Between Time and Space" = Zak McKracken - Between Time and Space
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.10.2012 11:39:21 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 02:51:32 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4,
Zeitstempel 0x5059905e, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel
0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x0343f088, Prozess-ID 0x970,
Anwendungsstartzeit 01cdae8f3db99f72.
Error - 20.10.2012 02:51:39 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ehRecvr.exe, Version 6.0.6001.18000, Zeitstempel
0x47919381, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x11ac, Anwendungsstartzeit
01cdae8f573d8382.
Error - 20.10.2012 02:51:52 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x13cc, Anwendungsstartzeit
01cdae8f62745d50.
Error - 20.10.2012 02:52:14 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:45:28 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1268, Anwendungsstartzeit
01cdaed18a4525e7.
Error - 20.10.2012 10:45:55 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:47:07 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4,
Zeitstempel 0x5059905e, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel
0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x01d39b50, Prozess-ID 0x97c,
Anwendungsstartzeit 01cdaed166bda897.
Error - 20.10.2012 12:38:35 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1130, Anwendungsstartzeit
01cdaee156e69858.
Error - 20.10.2012 12:38:46 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ehRecvr.exe, Version 6.0.6001.18000, Zeitstempel
0x47919381, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00066626, Prozess-ID 0x137c, Anwendungsstartzeit
01cdaee15d4c90a8.
Error - 20.10.2012 12:39:39 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 25.03.2008 14:36:13 | Computer Name = Robin-PC | Source = ehRecvr | ID = 3
Description =
Error - 23.01.2009 12:44:33 | Computer Name = Robin-PC | Source = ehSched | ID = 5
Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80080005
[ System Events ]
Error - 24.10.2012 05:43:46 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.10.2012 05:43:50 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.10.2012 15:29:25 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.10.2012 15:29:25 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.10.2012 17:10:00 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.10.2012 17:10:00 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.10.2012 04:21:01 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.10.2012 04:21:01 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.10.2012 10:44:12 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.10.2012 10:44:12 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
< End of report >
|
|
25.10.2012, 16:42
| #4 |
| | Malewarebytes meldet ccleaner.exe sei infiziert? Hi cosinus. Danke für deine Zeit. Hoffe du kannst mir helfen. Anbei die erwünschten Reports. Danke und Gruß OTL Logfile: Code:
ATTFilter OTL logfile created on: 25.10.2012 17:07:17 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.19328) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,43% Memory free 6,21 Gb Paging File | 4,99 Gb Available in Paging File | 80,37% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 445,76 Gb Total Space | 355,05 Gb Free Space | 79,65% Space Free | Partition Type: NTFS Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32 Drive N: | 465,76 Gb Total Space | 245,64 Gb Free Space | 52,74% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\TIM\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Defender\MSASCui.exe (Microsoft Corporation) PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Programme\Medion\MEDIONbox\Program\GCS.exe (Empolis GmbH) PRC - C:\Windows\System32\libusbd-nt.exe (libusb-Win32) PRC - C:\Windows\SCARDS32.EXE (SCM Microsystems) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (No Company Name) ========== MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (TVECapSvc) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe () SRV - (TVESched) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe () SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (GnabService) -- c:\Programme\Common Files\Gnab\Service\ServiceController.exe (Empolis GmbH) SRV - (libusbd) -- C:\Windows\System32\libusbd-nt.exe (libusb-Win32) SRV - (TWKSCARDSRV) -- C:\Windows\SCARDS32.EXE (SCM Microsystems) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys File not found DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found DRV - (a3nlf88y) -- File not found DRV - (A2DDA) -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys File not found DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (SCR3XX2K) -- C:\Windows\System32\drivers\SCR3XX2K.sys (SCM Microsystems Inc.) DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation) DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (NXP Semiconductors Germany GmbH) DRV - (s217unic) -- C:\Windows\System32\drivers\s217unic.sys (MCCI) DRV - (s217mgmt) -- C:\Windows\System32\drivers\s217mgmt.sys (MCCI Corporation) DRV - (s217obex) -- C:\Windows\System32\drivers\s217obex.sys (MCCI Corporation) DRV - (s217nd5) -- C:\Windows\System32\drivers\s217nd5.sys (MCCI Corporation) DRV - (s217mdm) -- C:\Windows\System32\drivers\s217mdm.sys (MCCI Corporation) DRV - (s217bus) -- C:\Windows\System32\drivers\s217bus.sys (MCCI Corporation) DRV - (s217mdfl) -- C:\Windows\System32\drivers\s217mdfl.sys (MCCI Corporation) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (EthDriver) -- C:\Windows\System32\drivers\DLKRT32.sys (D-Link Corp.) DRV - (WINFLASH) -- C:\Medion\WinFlash.sys () DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (CHIPDRIVE USB SmartCardReader) -- C:\Windows\System32\drivers\TwkUsb2K.sys (SCM Microsystems Inc.) DRV - (libusb0) -- C:\Windows\System32\drivers\libusb0.sys () DRV - (TWKSER2K) -- C:\Windows\System32\drivers\TWKSER2K.sys (SCM Microsystems Inc.) DRV - (TwkPCSC) -- C:\Windows\System32\drivers\TWKPCSC.SYS (Towitoko AG) DRV - (TWKPNP) -- C:\Windows\System32\drivers\TWKPNP.SYS (Towitoko AG) DRV - (TwkMs) -- C:\Windows\System32\drivers\TWKMS.SYS (Towitoko AG) DRV - (CA561) -- C:\Windows\System32\drivers\SPCA561.SYS (SP) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Upgrade to Google Chrome IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = Google IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.02.19 14:52:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.18 13:18:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.18 13:16:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.10.19 14:29:02 | 000,000,000 | ---D | M] [2012.10.18 13:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.12.28 11:43:09 | 000,000,848 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 192.168.1.4 WDTVLIVE O1 - Hosts: 192.168.1.5 ROBIN-PC O1 - Hosts: 192.168.1.6 MACUGRUW O1 - Hosts: 192.168.1.8 MACUGRU O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O4 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{575D3576-698F-4DFB-9FC5-1905460B78C5}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEE6A5AB-FE86-4756-951D-03A58BB529EF}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6C86ACC-9D86-48DA-9444-166FFE310E11}: DhcpNameServer = 192.168.178.1 O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O24 - Desktop WallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\ccleaner.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\inteldh.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\presentationhost.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O27 - HKLM IFEO\shell.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software) O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.10.25 17:04:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.23 13:42:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2012.10.23 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.10.22 22:46:32 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Chromium [2012.10.22 19:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012.10.20 16:53:08 | 000,000,000 | ---D | C] -- C:\Users\TIM\.swt [2012.10.20 10:55:57 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2012.10.20 10:55:57 | 000,000,000 | -HSD | C] -- \Config.Msi [2012.10.19 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\CANON_INC [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2012.10.19 17:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Immersion [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Total Immersion [2012.10.18 17:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012.10.18 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.18 13:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.10.18 13:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.18 13:06:09 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.18 13:06:09 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.18 13:06:09 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.18 13:06:09 | 010,837,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.18 13:06:09 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.18 13:06:09 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.18 13:06:09 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.18 13:06:09 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.18 13:06:09 | 000,888,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.18 12:49:57 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.10.18 12:49:57 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.10.18 12:18:14 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:18:14 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:16:52 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 11:36:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2012.10.18 11:36:41 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.10.18 11:36:41 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.10.14 17:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012.10.14 16:24:49 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Corporation [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Windows Live [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2012.10.13 11:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe(4) [2012.10.13 10:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.12 15:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(45) [2012.10.09 14:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2012.10.09 14:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013 [2012.10.09 14:57:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2012.10.08 21:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2012.10.08 21:03:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\Anti-Malware [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.07 22:09:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2012.10.07 21:50:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2012.10.07 21:50:34 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Samsung [2012.10.07 21:50:24 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\samsung [2012.10.07 21:45:07 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2012.10.07 21:41:50 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Downloaded Installations [2012.10.06 11:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems [2012.10.05 21:01:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.10.05 16:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\PC TuneUp Tools [2012.10.04 10:30:36 | 000,000,000 | ---D | C] -- C:\Users\TIM\Desktop\SD Cards [2012.10.02 18:09:44 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.10.02 17:18:57 | 000,054,776 | ---- | C] (Codejock Software) -- C:\Windows\System32\cjResource.dll [2012.10.02 17:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\EGK Viewer [2012.10.02 16:58:01 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx [2012.10.02 16:58:01 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6de.dll [2012.10.02 16:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chipcardmaster [2012.10.02 16:58:00 | 000,059,392 | ---- | C] (Bjørnar Henden) -- C:\Windows\isxdl.dll [2012.10.02 16:58:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\gzip.dll [2012.10.02 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Chipcardmaster [2012.10.02 16:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster [2012.10.02 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Projects [2012.10.02 13:15:52 | 000,430,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.09.30 12:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.09.30 12:34:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.09.29 20:49:33 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Oblivion [2012.09.29 20:49:33 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\My Games [2012.09.29 20:27:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012.09.29 20:21:47 | 002,557,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.09.29 20:21:47 | 000,062,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.09.29 20:21:12 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2012.09.29 20:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.09.29 20:20:05 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.09.29 20:20:05 | 001,009,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.09.29 20:20:05 | 000,883,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll [2012.09.29 20:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.09.29 20:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- C:\Medion [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- \Medion [2012.09.29 18:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2012.09.29 17:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2012.09.29 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\.phase-6 [2012.09.29 15:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6 [2012.09.29 15:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase6 [2012.09.29 15:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\phase-6 [2012.09.29 15:13:27 | 000,000,000 | ---D | C] -- C:\Users\TIM\Hörbücher [2012.09.29 11:15:59 | 000,000,000 | ---D | C] -- C:\Users\TIM\Documents\Nutz [2012.09.29 11:12:45 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Games [2012.09.29 00:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2012.09.28 23:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2012.09.28 23:34:19 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Macromedia [2012.09.28 23:28:04 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.09.28 23:28:04 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.09.28 23:22:32 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.09.28 22:51:05 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.09.28 22:27:40 | 000,320,512 | ---- | C] (SCM Microsystems) -- C:\Windows\System32\TWKDIAG.CPL [2012.09.28 22:27:40 | 000,264,192 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDS32.EXE [2012.09.28 22:27:40 | 000,259,584 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDSRV.EXE [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CT32.DLL [2012.09.28 22:27:40 | 000,070,656 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV32.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CT.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDLL32.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (SCM Microsystems) -- C:\Windows\GEN_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_NT.DLL [2012.09.28 22:27:40 | 000,058,368 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD32.DLL [2012.09.28 22:27:40 | 000,052,736 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV.DLL [2012.09.28 22:27:40 | 000,041,728 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDRVDLL.DLL [2012.09.28 22:27:40 | 000,037,376 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD.DLL [2012.09.28 22:27:40 | 000,012,906 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKUSB.SYS [2012.09.28 22:27:40 | 000,011,676 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPCSC.SYS [2012.09.28 22:27:40 | 000,005,550 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPNP.SYS [2012.09.28 22:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIPDRIVE [2012.09.28 22:27:38 | 000,864,851 | ---- | C] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 21:43:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012.09.28 21:41:53 | 000,230,912 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM9C.DLL [2012.09.28 21:41:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll [2012.09.28 21:40:24 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2012.09.28 21:40:08 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012.09.28 21:40:06 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2012.09.28 21:39:54 | 000,630,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.09.28 21:39:53 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.09.28 21:39:53 | 000,387,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2012.09.28 21:39:53 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2012.09.28 21:39:52 | 001,469,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl [2012.09.28 21:39:52 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2012.09.28 21:39:51 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2012.09.28 21:39:51 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2012.09.28 21:39:50 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.09.28 21:39:50 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll [2012.09.28 21:39:50 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.09.28 21:39:49 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2012.09.28 21:39:49 | 000,184,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.09.28 21:39:49 | 000,164,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.09.28 21:39:49 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.09.28 21:39:49 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll [2012.09.28 21:39:48 | 000,174,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2012.09.28 21:39:48 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe [2012.09.28 21:39:27 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012.09.28 21:39:27 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012.09.28 21:39:27 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012.09.28 21:39:27 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012.09.28 21:39:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012.09.28 21:39:23 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2012.09.28 21:39:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012.09.28 21:39:22 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012.09.28 21:38:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012.09.28 21:27:22 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2012.09.28 21:12:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012.09.28 21:12:10 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012.09.28 21:11:36 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012.09.28 21:11:36 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012.09.28 21:11:36 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012.09.28 21:11:15 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012.09.28 21:11:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012.09.28 21:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.28 21:07:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.28 21:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.09.28 21:04:21 | 000,000,000 | ---D | C] -- C:\Program Files\SCM Microsystems [2012.09.28 21:04:21 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SCM Microsystems CHIPDRIVE Tools [2012.09.28 19:57:09 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Apple [2012.09.28 19:39:42 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Thunderbird [2012.09.28 19:33:37 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Mozilla [2012.09.28 19:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN [2012.09.28 19:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\avmwlanstick [2012.09.28 19:28:47 | 000,004,352 | R--- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmeject.sys [2012.09.28 19:26:38 | 000,586,752 | ---- | C] (AVM GmbH) -- C:\Windows\System32\drivers\fwlanusbn.sys [2012.09.28 19:26:38 | 000,078,336 | ---- | C] (AVM Berlin) -- C:\Windows\System32\fwusbnci.dll [2012.09.28 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Adobe [2012.09.28 19:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.09.28 19:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.09.28 19:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012.09.28 19:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2012.09.28 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup [2012.09.28 19:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.09.28 19:09:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.09.28 19:09:25 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.09.28 19:09:25 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.09.28 19:09:25 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.09.28 19:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- C:\.fseventsd [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- \.fseventsd [2012.09.26 20:57:14 | 000,569,344 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzdecode.ax [2012.09.26 20:57:14 | 000,491,520 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.dll [2012.09.26 20:57:14 | 000,352,256 | ---- | C] (Sample Corporation) -- C:\Windows\System32\MSLUR71.dll [2012.09.26 20:57:14 | 000,258,048 | ---- | C] ((c) PeeringPortal) -- C:\Windows\System32\muzoggsp.ax [2012.09.26 20:57:14 | 000,245,760 | ---- | C] (Teruten Inc.) -- C:\Windows\System32\MSCLib.dll [2012.09.26 20:57:14 | 000,200,704 | ---- | C] ( (c) MusicCity) -- C:\Windows\System32\muzwmts.dll [2012.09.26 20:57:14 | 000,172,032 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.exe [2012.09.26 20:57:14 | 000,155,648 | ---- | C] (Teruten Inc.) -- C:\Windows\System32\MSFLib.dll [2012.09.26 20:57:14 | 000,135,168 | ---- | C] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzaf1.dll [2012.09.26 20:57:14 | 000,131,072 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmpgsp.ax [2012.09.26 20:57:14 | 000,122,880 | ---- | C] ((c) MUSICCITY) -- C:\Windows\System32\muzeffect.ax [2012.09.26 20:57:14 | 000,118,784 | ---- | C] ((주)마크애니) -- C:\Windows\System32\MaDRM.dll [2012.09.26 20:57:14 | 000,110,592 | ---- | C] ((c) MusicCity) -- C:\Windows\System32\muzmp4sp.ax [2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek) -- C:\Windows\System32\MK_Lyric.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] (Marktek Inc.) -- C:\Windows\System32\MTXSYNCICON.dll [2012.09.26 20:57:14 | 000,049,152 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MaJGUILib.dll [2012.09.26 20:57:14 | 000,045,320 | ---- | C] (MARKANY) -- C:\Windows\System32\MAMACExtract.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MaXMLProto.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | C] ((주) 마크애니) -- C:\Windows\System32\MACXMLProto.dll [2012.09.26 20:57:14 | 000,040,960 | ---- | C] (Telechips Inc.,) -- C:\Windows\System32\MTTELECHIP.dll [2012.09.26 20:57:14 | 000,024,576 | ---- | C] ((주)마크애니) -- C:\Windows\System32\MASetupCleaner.exe [2012.09.25 21:22:29 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\ApplicationHistory [2012.09.25 21:22:26 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\TVEnhance [2012.09.25 21:22:16 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [2012.09.25 21:22:16 | 000,000,000 | R--D | C] -- C:\Users\TIM\Searches [2012.09.25 21:22:16 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [2012.09.25 21:22:12 | 000,000,000 | R--D | C] -- C:\Users\TIM\Contacts [2012.09.25 21:22:11 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\VirtualStore [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Vorlagen [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\AppData\Local\Verlauf [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\AppData\Local\Temporary Internet Files [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Startmenü [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\SendTo [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Recent [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Netzwerkumgebung [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Lokale Einstellungen [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Documents\Eigene Videos [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Documents\Eigene Musik [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Eigene Dateien [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Documents\Eigene Bilder [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Druckumgebung [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Cookies [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\AppData\Local\Anwendungsdaten [2012.09.25 21:22:05 | 000,000,000 | -HSD | C] -- C:\Users\TIM\Anwendungsdaten [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Videos [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Saved Games [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Links [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Favorites [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Downloads [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Documents [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\Desktop [2012.09.25 21:21:56 | 000,000,000 | R--D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories [2012.09.25 21:21:56 | 000,000,000 | -H-D | C] -- C:\Users\TIM\AppData [2012.09.25 21:21:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Temp [2012.09.25 21:21:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.25 17:10:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C14BE3A1-7541-42F6-935E-22B317B092E6}.job [2012.10.25 17:09:00 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B06D0B9E-F49B-4947-82CA-302808DCB46D}.job [2012.10.25 17:04:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.25 16:42:57 | 000,000,260 | ---- | M] () -- C:\Windows\scardsrv.ini [2012.10.25 16:42:52 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.25 16:42:52 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.25 16:42:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.25 16:42:33 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.25 11:15:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.23 16:18:51 | 000,018,944 | ---- | M] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.10.23 13:42:30 | 000,706,256 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.23 13:42:30 | 000,661,242 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.23 13:42:30 | 000,160,122 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.23 13:42:30 | 000,130,998 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.22 12:34:24 | 000,372,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.20 16:52:58 | 000,001,062 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.10.20 16:52:58 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | M] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 14:27:33 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 12:16:40 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 12:16:38 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:16:38 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.10.18 12:16:38 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:15:34 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.18 12:15:34 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.17 00:12:24 | 000,192,907 | ---- | M] () -- C:\Users\TIM\Documents\Picture 1.jpg [2012.10.08 19:02:30 | 000,004,464 | ---- | M] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:48:25 | 000,000,595 | ---- | M] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.07 14:31:13 | 000,002,176 | ---- | M] () -- C:\Windows\HBCIKRNL.INI [2012.10.05 16:34:21 | 000,000,000 | ---- | M] () -- C:\Windows\a1b60r.dll [2012.10.05 16:33:45 | 000,000,013 | ---- | M] () -- C:\Windows\a1b59.dll [2012.10.03 00:20:00 | 019,906,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.03 00:20:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.03 00:20:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.10.03 00:20:00 | 012,501,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.03 00:20:00 | 010,837,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.03 00:20:00 | 007,697,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.03 00:20:00 | 006,127,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.03 00:20:00 | 002,574,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.03 00:20:00 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2012.10.03 00:20:00 | 001,867,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.03 00:20:00 | 001,009,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.10.03 00:20:00 | 000,888,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.03 00:20:00 | 000,012,865 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2012.10.02 21:29:41 | 002,557,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.10.02 21:29:41 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2012.10.02 21:29:41 | 000,062,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.10.02 21:29:22 | 002,853,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2012.10.02 21:28:53 | 003,965,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2012.10.02 18:09:44 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | M] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 13:15:52 | 000,430,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:48:05 | 000,032,514 | ---- | M] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:28:02 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.29 18:12:14 | 000,000,450 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | M] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 10:53:03 | 000,031,420 | ---- | M] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 23:19:18 | 000,000,680 | RHS- | M] () -- C:\Users\TIM\ntuser.pol [2012.09.28 22:27:46 | 000,002,776 | ---- | M] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:38 | 000,864,851 | ---- | M] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 19:10:13 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | M] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | M] () -- C:\._.DS_Store [2012.09.26 20:57:22 | 004,659,712 | ---- | M] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll [2012.09.26 20:57:14 | 000,974,848 | ---- | M] () -- C:\Windows\System32\cis-2.4.dll [2012.09.26 20:57:14 | 000,569,344 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzdecode.ax [2012.09.26 20:57:14 | 000,491,520 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.dll [2012.09.26 20:57:14 | 000,352,256 | ---- | M] (Sample Corporation) -- C:\Windows\System32\MSLUR71.dll [2012.09.26 20:57:14 | 000,258,048 | ---- | M] ((c) PeeringPortal) -- C:\Windows\System32\muzoggsp.ax [2012.09.26 20:57:14 | 000,245,760 | ---- | M] (Teruten Inc.) -- C:\Windows\System32\MSCLib.dll [2012.09.26 20:57:14 | 000,200,704 | ---- | M] ( (c) MusicCity) -- C:\Windows\System32\muzwmts.dll [2012.09.26 20:57:14 | 000,172,032 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzapp.exe [2012.09.26 20:57:14 | 000,155,648 | ---- | M] (Teruten Inc.) -- C:\Windows\System32\MSFLib.dll [2012.09.26 20:57:14 | 000,143,360 | ---- | M] () -- C:\Windows\System32\3DAudio.ax [2012.09.26 20:57:14 | 000,135,168 | ---- | M] (Musiccity Co.Ltd.) -- C:\Windows\System32\muzaf1.dll [2012.09.26 20:57:14 | 000,131,072 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzmpgsp.ax [2012.09.26 20:57:14 | 000,122,880 | ---- | M] ((c) MUSICCITY) -- C:\Windows\System32\muzeffect.ax [2012.09.26 20:57:14 | 000,118,784 | ---- | M] ((주)마크애니) -- C:\Windows\System32\MaDRM.dll [2012.09.26 20:57:14 | 000,110,592 | ---- | M] ((c) MusicCity) -- C:\Windows\System32\muzmp4sp.ax [2012.09.26 20:57:14 | 000,081,920 | ---- | M] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | M] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek) -- C:\Windows\System32\MK_Lyric.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] (Marktek Inc.) -- C:\Windows\System32\MTXSYNCICON.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | M] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.09.26 20:57:14 | 000,049,152 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MaJGUILib.dll [2012.09.26 20:57:14 | 000,045,320 | ---- | M] (MARKANY) -- C:\Windows\System32\MAMACExtract.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MaXMLProto.dll [2012.09.26 20:57:14 | 000,045,056 | ---- | M] ((주) 마크애니) -- C:\Windows\System32\MACXMLProto.dll [2012.09.26 20:57:14 | 000,040,960 | ---- | M] (Telechips Inc.,) -- C:\Windows\System32\MTTELECHIP.dll [2012.09.26 20:57:14 | 000,024,576 | ---- | M] ((주)마크애니) -- C:\Windows\System32\MASetupCleaner.exe [2012.09.25 21:22:29 | 000,000,091 | ---- | M] () -- C:\Users\TIM\AppData\Local\fusioncache.dat [2012.09.25 19:36:15 | 000,000,039 | ---- | M] () -- C:\Windows\WININIT.INI [1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ] [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.22 12:33:55 | 000,372,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.20 16:52:58 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | C] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 13:16:04 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.10.18 12:49:56 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 11:32:21 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.17 00:13:25 | 000,192,907 | ---- | C] () -- C:\Users\TIM\Documents\Picture 1.jpg [2012.10.08 19:02:28 | 000,004,464 | ---- | C] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:49:29 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012.10.08 00:49:29 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012.10.08 00:49:29 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax [2012.10.08 00:48:25 | 000,000,595 | ---- | C] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.05 21:01:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.05 16:34:21 | 000,000,000 | ---- | C] () -- C:\Windows\a1b60r.dll [2012.10.05 16:33:45 | 000,000,013 | ---- | C] () -- C:\Windows\a1b59.dll [2012.10.02 18:09:44 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 16:58:00 | 000,001,263 | ---- | C] () -- C:\Windows\isxdlge2.ini [2012.09.30 18:15:04 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:47:56 | 000,032,514 | ---- | C] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:20:05 | 000,012,865 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2012.09.29 18:05:51 | 000,000,450 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 15:20:59 | 000,001,062 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | C] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 12:40:47 | 000,018,944 | ---- | C] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.29 10:52:59 | 000,031,420 | ---- | C] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 22:27:46 | 000,002,776 | ---- | C] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:41 | 000,000,260 | ---- | C] () -- C:\Windows\scardsrv.ini [2012.09.28 21:08:05 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.28 21:04:30 | 000,002,176 | ---- | C] () -- C:\Windows\HBCIKRNL.INI [2012.09.28 19:28:53 | 000,013,189 | R--- | C] () -- C:\Windows\instwcli.inf [2012.09.28 19:26:38 | 000,015,565 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin [2012.09.28 19:19:33 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.28 19:18:54 | 000,001,806 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.09.28 19:10:13 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- \.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- C:\._.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- \._.DS_Store [2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.09.26 20:57:14 | 000,143,360 | ---- | C] () -- C:\Windows\System32\3DAudio.ax [2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.09.25 21:22:29 | 000,000,091 | ---- | C] () -- C:\Users\TIM\AppData\Local\fusioncache.dat [2012.09.25 21:22:16 | 000,000,948 | ---- | C] () -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk [2012.09.25 21:22:06 | 000,000,680 | RHS- | C] () -- C:\Users\TIM\ntuser.pol [2012.09.25 19:36:15 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI [2010.01.30 18:52:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.02.19 15:33:15 | 000,000,512 | ---- | C] () -- \TVE.iss [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008.02.19 12:09:21 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2008.02.19 12:09:20 | 000,333,257 | RHS- | C] () -- \bootmgr [2006.11.02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006.11.02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 25.10.2012 17:07:17 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,87 Gb Available Physical Memory | 62,43% Memory free
6,21 Gb Paging File | 4,99 Gb Available in Paging File | 80,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 355,05 Gb Free Space | 79,65% Space Free | Partition Type: NTFS
Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32
Drive N: | 465,76 Gb Total Space | 245,64 Gb Free Space | 52,74% Space Free | Partition Type: NTFS
Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [UnzipThemAll] -- "C:\Program Files\UnzipThemAll\UnzipThemAll.exe" "%1" (Hervé Thouzard)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009699C5-57E6-46FA-9601-64035CDA6579}" = rport=10243 | protocol=6 | dir=out | app=system |
"{02B19D77-266C-4116-8326-E080DC71949A}" = rport=139 | protocol=6 | dir=out | app=system |
"{0E01D114-3B35-42D3-864F-9F08D9DDE325}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{106933CF-BA83-4CEB-BC6A-CAAA2146AD95}" = rport=137 | protocol=17 | dir=out | app=system |
"{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{1EB86C72-6671-44C5-9281-0A2B9C738160}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25A4CA32-8173-4909-A12D-62F5583DC3DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{356F29C8-6299-4BC6-9DE6-ED280856E373}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B3C08F6-C4D1-459E-85D0-4D467343FF3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F3ECE08-D866-4AD0-858C-4C64EE7D03CE}" = rport=138 | protocol=17 | dir=out | app=system |
"{4B05DD1F-BAE6-4BC0-9662-FDD97F169F4B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53B8359E-D36F-4F47-98C9-CE1F362511A4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{594FD98C-C8CA-40BD-994F-9A6BD1C5B728}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5956E2AB-C49E-4F1E-A87D-00C196C7A5E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63032B01-18C9-4B1C-AB68-82E4912F85DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7252BD88-2EC6-4C4E-8E49-821D4D2DD930}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{73F5FA9B-47D2-484D-8157-FB58202796D2}" = lport=137 | protocol=17 | dir=in | app=system |
"{7E76F2BF-9655-41A7-8E60-8127D8BB1062}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D44297F-DA5E-457A-A0AB-7356DA4B8A1D}" = rport=1723 | protocol=6 | dir=out | app=system |
"{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{92962189-9CF4-4E1A-828D-5CEAF54C497E}" = lport=138 | protocol=17 | dir=in | app=system |
"{9317E70F-B91F-41BF-9228-25AA224D3914}" = lport=445 | protocol=6 | dir=in | app=system |
"{95772350-19D1-43F0-BBC2-C12252AD3AA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BD1BE4F-EA1C-48D5-83FD-5B012C1ED070}" = rport=445 | protocol=6 | dir=out | app=system |
"{9DE8496F-EDC6-4D27-8240-479FE06E84AD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A9B035F7-1AC4-4845-AEDD-0676409F1A82}" = rport=1701 | protocol=17 | dir=out | app=system |
"{B550BCBD-7EDB-40EE-BD18-23F8C294FA8A}" = lport=1723 | protocol=6 | dir=in | app=system |
"{C86E5EA4-B9DE-46F5-8023-71A381104FE4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C901F090-AD82-4546-B5A3-7FACC1582659}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CB249367-3037-42D1-8398-2EAB631FDAFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D48767FB-CBB3-47DB-B32E-1C5229B96A19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7C6D559-003B-457B-B704-648EB478A8BC}" = lport=1701 | protocol=17 | dir=in | app=system |
"{F8160F25-D3EE-428F-9E6F-B27C15A53895}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049D8063-B1A1-453D-8E8C-641915077263}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107FDF09-5668-4C39-B6C2-AE0CCC02FC46}" = protocol=6 | dir=out | app=system |
"{15B8E0E7-A20F-4CA8-A60B-73186071F47E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20028EB4-015E-45BB-9BF4-0FA2400C87E5}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{23141A48-3CA1-44E7-80E9-5BC4993C0C06}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{30320846-E6FF-40B3-BBEE-1DB9405D337C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3CB17FFF-E1E3-4A49-9A93-35E4D3B8324B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44459E08-CB2F-4496-A48F-ABB8A863FF63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F729969-C49F-48A4-9793-386678AD269C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{63ACEDD0-E493-454A-BF57-762ECA97EB53}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{700753F8-0BC6-469F-8CAE-6069CDCC0371}" = dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{73A07CE6-080D-427A-BC85-512F9317C404}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73C75508-F1BD-4A28-BB67-56C57C79A573}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{7D17CE5A-AB47-44FF-81FD-413FC8FD79E2}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{862A87AE-FEBD-498A-BCE4-D11C1C415E06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E3061DA-46FD-46E9-840D-25DBA16D30C2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A82DA86D-AA7E-460D-A5FF-A843C7F52EB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5A9E8A1-4646-41C1-919A-CCC1FC15FCEF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BEB8776E-1940-443C-B0CB-5C7603B59201}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CABE30E3-6097-46BD-B413-C4FDA9D7B423}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{EDCBD877-8AD3-4C88-B35E-10478C257DE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F16DA657-8928-4778-8937-BB90910F5002}" = dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{FB0CBA55-13A8-40B5-8221-598E452745FE}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{FD71DFC9-4F00-4D29-9CF7-0358D90EA796}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{00B83EF6-D298-4114-8DD8-31E663638168}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{1905459F-A6A5-4FDC-9D30-FAB14546B545}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{418F097D-401B-4BA1-9662-E45ED29F5918}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"TCP Query User{432CE6B8-B6A6-4FAA-9A18-013BDD739706}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0DC4FA62-F5F6-49D6-8618-01E50FD67A27}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"UDP Query User{544927E7-5267-402F-80A6-60961B85149A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{78AA94A3-AF76-476C-AE1D-F16D8526E9C5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9E94EC24-F753-47B9-9AEF-7A69AA3EEA65}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{27FDF949-69CE-435A-8372-339F72336AC5}" = MEDIONbox
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}" = TVsweeper 3
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE VCD
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"{AA898D01-D4E3-43C6-8E25-70CA660B9F16}" = CHIPDRIVE extern/intern/micro treiber 3.1
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF118D79-F61B-4379-A059-5A3250324326}" = SCR3xxx Smart Card Reader
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"Chipcardmaster_is1" = Chipcardmaster 7.04
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"EOS USB WIA Driver" = EOS USB WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"InstallShield_{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IsoBuster_is1" = IsoBuster 3.0
"LetsTrade" = LetsTrade Komponenten
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"phase-6" = phase-6 2.3.1d
"phase-6 Feeding Tool" = phase-6 Feeding Tool 1.1.4
"PROSetDX" = Intel(R) Network Connections 13.5.32.0
"RarZilla Free Unrar" = RarZilla Free Unrar
"RealPlayer 6.0" = RealPlayer
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"TwkSCard" = CHIPDRIVE - Gerätetreiber V2.14.41
"UnzipThemAll_is1" = UnzipThemAll 1.3
"VLC media player" = VLC media player 2.0.3
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"X10Hardware" = X10 Hardware(TM)
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zak McKracken - Between Time and Space" = Zak McKracken - Between Time and Space
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.10.2012 11:39:21 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 02:51:32 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4,
Zeitstempel 0x5059905e, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel
0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x0343f088, Prozess-ID 0x970,
Anwendungsstartzeit 01cdae8f3db99f72.
Error - 20.10.2012 02:51:39 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ehRecvr.exe, Version 6.0.6001.18000, Zeitstempel
0x47919381, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000005, Fehleroffset 0x000665c9, Prozess-ID 0x11ac, Anwendungsstartzeit
01cdae8f573d8382.
Error - 20.10.2012 02:51:52 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x13cc, Anwendungsstartzeit
01cdae8f62745d50.
Error - 20.10.2012 02:52:14 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:45:28 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1268, Anwendungsstartzeit
01cdaed18a4525e7.
Error - 20.10.2012 10:45:55 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:47:07 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4,
Zeitstempel 0x5059905e, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel
0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x01d39b50, Prozess-ID 0x97c,
Anwendungsstartzeit 01cdaed166bda897.
Error - 20.10.2012 12:38:35 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1130, Anwendungsstartzeit
01cdaee156e69858.
Error - 20.10.2012 12:38:46 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ehRecvr.exe, Version 6.0.6001.18000, Zeitstempel
0x47919381, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00066626, Prozess-ID 0x137c, Anwendungsstartzeit
01cdaee15d4c90a8.
Error - 20.10.2012 12:39:39 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
[ Media Center Events ]
Error - 25.03.2008 14:36:13 | Computer Name = Robin-PC | Source = ehRecvr | ID = 3
Description =
Error - 23.01.2009 12:44:33 | Computer Name = Robin-PC | Source = ehSched | ID = 5
Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80080005
[ System Events ]
Error - 24.10.2012 05:43:46 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.10.2012 05:43:50 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.10.2012 15:29:25 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.10.2012 15:29:25 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 24.10.2012 17:10:00 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 24.10.2012 17:10:00 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.10.2012 04:21:01 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.10.2012 04:21:01 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 25.10.2012 10:44:12 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 25.10.2012 10:44:12 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
< End of report >
|
|
25.10.2012, 19:58
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes meldet ccleaner.exe sei infiziert? Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
25.10.2012, 21:11
| #6 |
| | Malewarebytes meldet ccleaner.exe sei infiziert? Hallo cosinus. ComboFix ist durch. Report hängt unten an. Vielen Dank für deine Mühe und Zeit! LG Combofix Logfile: Code:
ATTFilter ComboFix 12-10-25.02 - TIM 25.10.2012 21:45:16.1.4 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.3069.1559 [GMT 2:00]
ausgeführt von:: c:\users\TIM\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\a1b59.dll
c:\windows\a1b60r.dll
c:\windows\IsUn0407.exe
c:\windows\security\Database\tmp.edb
c:\windows\system32\muzapp.exe
c:\windows\system32\suf7DBB.tmp
c:\windows\unin0407.exe
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_nvsvc
.
.
((((((((((((((((((((((( Dateien erstellt von 2012-09-25 bis 2012-10-25 ))))))))))))))))))))))))))))))
.
.
2012-10-25 19:54 . 2012-10-25 19:57 -------- d-----w- c:\users\TIM\AppData\Local\temp
2012-10-23 11:42 . 2012-10-23 11:42 -------- d--h--w- c:\programdata\CanonIJScan
2012-10-23 11:41 . 2012-10-23 11:41 -------- d-----w- c:\users\TIM\AppData\Roaming\Ulead Systems
2012-10-23 09:46 . 2012-10-17 00:32 6918632 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{D0B52024-7D57-4154-8B5C-F700D203977A}\mpengine.dll
2012-10-22 20:46 . 2012-10-22 20:46 -------- d-----w- c:\users\TIM\AppData\Local\Chromium
2012-10-22 20:40 . 2012-10-22 20:40 -------- d-----w- c:\users\TIM\AppData\Roaming\The Creative Assembly
2012-10-22 17:42 . 2012-10-23 09:38 -------- d-----w- c:\program files\Common Files\Steam
2012-10-22 10:20 . 2012-10-22 10:20 -------- d-----w- c:\users\TIM\AppData\Roaming\Nero
2012-10-20 14:53 . 2012-10-20 14:53 -------- d-----w- c:\users\TIM\.swt
2012-10-19 15:45 . 2012-10-19 15:45 -------- d-----w- c:\users\TIM\AppData\Local\CANON_INC
2012-10-19 15:18 . 2012-10-19 15:45 -------- d-----w- c:\program files\Canon
2012-10-19 15:12 . 2012-10-19 15:17 -------- d-----w- c:\program files\Common Files\Canon
2012-10-18 19:38 . 2012-10-18 19:38 -------- d-----w- c:\users\TIM\AppData\Roaming\Total Immersion
2012-10-18 19:37 . 2012-10-18 19:37 -------- d-----w- c:\program files\Total Immersion
2012-10-18 11:18 . 2012-10-11 01:05 96224 ----a-w- c:\program files\Mozilla Firefox\webapprt-stub.exe
2012-10-18 11:18 . 2012-10-11 01:05 157272 ----a-w- c:\program files\Mozilla Firefox\webapp-uninstaller.exe
2012-10-18 11:06 . 2012-10-02 22:20 888168 ----a-w- c:\windows\system32\nvdispgenco32.dll
2012-10-18 11:06 . 2012-10-02 22:20 7697768 ----a-w- c:\windows\system32\nvcuda.dll
2012-10-18 11:06 . 2012-10-02 22:20 6127464 ----a-w- c:\windows\system32\nvopencl.dll
2012-10-18 11:06 . 2012-10-02 22:20 2574696 ----a-w- c:\windows\system32\nvcuvid.dll
2012-10-18 11:06 . 2012-10-02 22:20 19906920 ----a-w- c:\windows\system32\nvoglv32.dll
2012-10-18 11:06 . 2012-10-02 22:20 1867112 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-10-18 11:06 . 2012-10-02 22:20 17559912 ----a-w- c:\windows\system32\nvcompiler.dll
2012-10-18 11:06 . 2012-10-02 22:20 12501352 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-10-18 11:06 . 2012-10-02 22:20 10837352 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-10-18 10:49 . 2012-09-19 09:29 31584 ----a-w- c:\windows\system32\TURegOpt.exe
2012-10-18 10:49 . 2012-09-19 09:29 21344 ----a-w- c:\windows\system32\authuitu.dll
2012-10-18 10:18 . 2012-10-18 10:16 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-10-18 10:16 . 2012-10-18 10:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2012-10-18 09:38 . 2012-06-02 00:02 985088 ----a-w- c:\windows\system32\crypt32.dll
2012-10-18 09:38 . 2012-06-02 00:02 98304 ----a-w- c:\windows\system32\cryptnet.dll
2012-10-18 09:38 . 2012-06-02 00:02 133120 ----a-w- c:\windows\system32\cryptsvc.dll
2012-10-18 09:38 . 2012-08-24 15:53 172544 ----a-w- c:\windows\system32\wintrust.dll
2012-10-18 09:36 . 2012-09-13 13:28 2048 ----a-w- c:\windows\system32\tzres.dll
2012-10-18 09:36 . 2012-08-29 11:27 3602816 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-10-18 09:36 . 2012-08-29 11:27 3550080 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-10-14 15:11 . 2012-10-14 15:11 -------- d-----w- c:\program files\Lavalys
2012-10-14 14:24 . 2012-10-14 14:24 -------- d-----w- c:\users\TIM\AppData\Local\Microsoft Corporation
2012-10-14 13:00 . 2012-10-14 13:00 -------- d-----w- c:\users\TIM\AppData\Local\Windows Live
2012-10-14 13:00 . 2012-10-14 13:00 -------- d-----w- c:\program files\Common Files\Windows Live
2012-10-12 13:20 . 2012-10-12 13:20 -------- d-----w- c:\program files\Mozilla Firefox(45)
2012-10-09 12:59 . 2012-10-18 10:49 -------- d-----w- c:\program files\TuneUp Utilities 2013
2012-10-09 12:57 . 2012-10-18 11:56 -------- d-sh--w- c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2012-10-09 10:08 . 2012-10-09 10:08 -------- d-----w- c:\users\TIM\AppData\Roaming\NVIDIA
2012-10-08 17:02 . 2012-10-08 17:02 4464 ----a-w- c:\windows\system32\cc_20121008_190221.reg
2012-10-07 22:49 . 2012-10-07 22:49 -------- d-----w- c:\program files\Xvid
2012-10-07 22:49 . 2007-06-28 16:55 77824 ----a-w- c:\windows\system32\xvid.ax
2012-10-07 22:49 . 2007-06-28 16:54 180224 ----a-w- c:\windows\system32\xvidvfw.dll
2012-10-07 22:49 . 2007-06-28 16:52 765952 ----a-w- c:\windows\system32\xvidcore.dll
2012-10-07 19:50 . 2012-10-07 19:50 -------- d-----w- c:\users\TIM\AppData\Local\Samsung
2012-10-07 19:50 . 2012-10-07 22:15 -------- d-----w- c:\users\TIM\AppData\Roaming\Samsung
2012-10-07 19:45 . 2012-09-26 18:57 4659712 ----a-w- c:\windows\system32\Redemption.dll
2012-10-07 19:43 . 2012-10-07 22:15 -------- d-----w- c:\programdata\Samsung
2012-10-07 19:43 . 2012-10-07 19:46 -------- d-----w- c:\program files\Samsung
2012-10-07 19:41 . 2012-10-18 11:56 -------- d-----w- c:\users\TIM\AppData\Local\Downloaded Installations
2012-10-05 14:29 . 2012-10-07 12:17 -------- d-----w- c:\program files\PC TuneUp Tools
2012-10-02 16:12 . 2012-10-02 16:12 -------- d-----w- c:\users\TIM\AppData\Roaming\OpenOffice.org
2012-10-02 15:37 . 2012-10-02 15:55 -------- d-----w- c:\users\TIM\AppData\Roaming\GhostPainting
2012-10-02 15:18 . 2012-02-01 15:10 54776 ----a-w- c:\windows\system32\cjResource.dll
2012-10-02 15:18 . 2012-10-02 15:36 -------- d-----w- c:\program files\EGK Viewer
2012-10-02 14:58 . 2005-04-15 17:58 1351392 ----a-w- c:\windows\system32\comctl32.ocx
2012-10-02 14:58 . 2000-10-02 09:27 125712 ----a-w- c:\windows\system32\vb6de.dll
2012-10-02 14:58 . 2012-10-18 10:17 -------- d-----w- c:\users\TIM\AppData\Roaming\Chipcardmaster
2012-10-02 14:58 . 2012-10-02 14:58 -------- d-----w- c:\program files\Chipcardmaster
2012-10-02 14:58 . 2011-03-20 22:05 32256 ----a-w- c:\windows\gzip.dll
2012-10-02 14:58 . 2005-03-11 17:42 59392 ----a-w- c:\windows\isxdl.dll
2012-10-02 14:41 . 2012-10-02 14:41 -------- d-----w- c:\program files\Smart Projects
2012-10-02 11:15 . 2012-10-02 11:15 430952 ----a-w- c:\windows\system32\nvStreaming.exe
2012-09-30 10:35 . 2012-10-09 12:59 -------- d-----w- c:\users\TIM\AppData\Roaming\TuneUp Software
2012-09-30 10:34 . 2012-10-09 12:59 -------- d-----w- c:\programdata\TuneUp Software
2012-09-30 10:34 . 2012-10-18 11:56 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936}
2012-09-30 10:15 . 2012-10-05 08:42 -------- d-----w- c:\users\TIM\AppData\Roaming\GlarySoft
2012-09-30 09:53 . 2012-09-30 09:53 0 ------w- c:\windows\SCARDSRV.TMP
2012-09-29 19:47 . 2012-09-29 19:48 32514 ----a-w- c:\windows\system32\cc_20120929_214733.reg
2012-09-29 18:49 . 2012-09-29 18:49 -------- d-----w- c:\users\TIM\AppData\Local\Oblivion
2012-09-29 18:27 . 2012-09-29 18:28 -------- d--h--w- c:\program files\Temp
2012-09-29 18:23 . 2012-10-18 10:19 -------- d-----w- c:\users\UpdatusUser
2012-09-29 18:21 . 2012-10-02 19:29 645992 ----a-w- c:\windows\system32\nvvsvc.exe
2012-09-29 18:21 . 2012-10-02 19:29 62312 ----a-w- c:\windows\system32\nvshext.dll
2012-09-29 18:21 . 2012-10-02 19:29 2557288 ----a-w- c:\windows\system32\nvsvcr.dll
2012-09-29 18:21 . 2012-05-04 22:59 61248 ----a-w- c:\windows\system32\OpenCL.dll
2012-09-29 18:20 . 2012-09-29 18:20 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-09-29 18:20 . 2012-10-02 22:20 15309160 ----a-w- c:\windows\system32\nvd3dum.dll
2012-09-29 18:20 . 2012-10-02 22:20 1009512 ----a-w- c:\windows\system32\nvdispco32.dll
2012-09-29 18:20 . 2012-05-04 22:59 883008 ----a-w- c:\windows\system32\nvgenco32.dll
2012-09-29 18:19 . 2012-10-18 11:07 -------- d-----w- c:\program files\NVIDIA Corporation
2012-09-29 18:16 . 2007-09-29 21:03 308248 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-09-29 18:16 . 2012-10-05 15:08 -------- d-----w- c:\users\TIM\AppData\Roaming\InstallShield
2012-09-29 18:14 . 2012-09-29 18:41 -------- d-----w- C:\Medion
2012-09-29 16:05 . 2005-04-03 21:02 69714 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2012-09-29 16:05 . 2005-04-03 21:01 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2012-09-29 16:05 . 2005-04-03 21:00 184320 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2012-09-29 16:05 . 2005-04-03 20:59 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2012-09-29 16:05 . 2005-04-03 21:02 753664 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2012-09-29 16:04 . 2012-09-29 16:04 200836 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2012-09-29 16:04 . 2012-09-29 16:04 331908 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2012-09-29 15:27 . 2012-09-29 15:27 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2012-09-29 13:22 . 2012-09-29 13:24 -------- d-----w- c:\users\TIM\.phase-6
2012-09-29 13:21 . 2012-09-29 13:21 -------- d--h--r- c:\users\TIM\AppData\Roaming\SecuROM
2012-09-29 13:20 . 2012-10-20 16:44 -------- d-----w- c:\programdata\Phase6
2012-09-29 13:20 . 2012-09-29 13:21 -------- d-----w- c:\program files\phase-6
2012-09-29 13:13 . 2012-09-29 13:39 -------- d-----w- c:\users\TIM\Hörbücher
2012-09-29 11:42 . 2012-10-25 18:20 -------- d-----w- c:\users\TIM\AppData\Roaming\vlc
2012-09-29 09:16 . 2012-09-29 09:16 -------- d-----w- c:\users\TIM\AppData\Roaming\NevoSoft
2012-09-29 09:12 . 2012-10-05 09:48 -------- d-----w- c:\users\TIM\AppData\Local\Microsoft Games
2012-09-29 08:52 . 2012-09-29 08:53 31420 ----a-w- c:\windows\system32\cc_20120929_105239.reg
2012-09-28 22:14 . 2012-09-28 22:14 -------- d-----w- c:\users\TIM\AppData\Roaming\Leadertech
2012-09-28 22:13 . 2012-10-04 05:17 -------- d-----w- c:\programdata\LogiShrd
2012-09-28 22:13 . 2012-09-28 22:13 -------- d-----w- c:\program files\Logitech
2012-09-28 21:58 . 2012-09-28 22:14 -------- d-----w- c:\program files\Common Files\logishrd
2012-09-28 21:34 . 2012-09-28 21:34 -------- d-----w- c:\users\TIM\AppData\Local\Macromedia
2012-09-28 21:29 . 2012-02-29 15:11 5120 ----a-w- c:\windows\system32\wmi.dll
2012-09-28 21:29 . 2012-02-29 15:09 157696 ----a-w- c:\windows\system32\imagehlp.dll
2012-09-28 21:29 . 2012-02-29 13:32 12800 ----a-w- c:\windows\system32\drivers\fs_rec.sys
2012-09-28 21:28 . 2012-10-18 10:15 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-09-28 21:28 . 2012-10-18 10:15 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-09-28 21:22 . 2012-09-28 21:22 -------- d-----w- c:\windows\PCHEALTH
2012-09-28 20:51 . 2012-07-04 14:02 2047488 ----a-w- c:\windows\system32\win32k.sys
2012-09-28 19:43 . 2012-09-28 19:43 -------- d--h--w- c:\programdata\CanonBJ
2012-09-28 19:42 . 2009-12-21 18:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP9C.DLL
2012-09-28 19:42 . 2009-12-21 18:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD9C.DLL
2012-09-28 19:41 . 2009-12-21 18:00 230912 ----a-w- c:\windows\system32\CNMLM9C.DLL
2012-09-28 19:41 . 2011-10-14 16:03 189952 ----a-w- c:\windows\system32\winmm.dll
2012-09-28 19:41 . 2011-10-14 16:00 23552 ----a-w- c:\windows\system32\mciseq.dll
2012-09-28 19:41 . 2012-05-11 15:57 623616 ----a-w- c:\windows\system32\localspl.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-10-18 10:16 . 2010-10-14 14:37 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-10-02 22:20 . 2008-01-29 08:22 2428776 ----a-w- c:\windows\system32\nvapi.dll
2012-10-02 19:29 . 2008-01-29 08:22 108392 ----a-w- c:\windows\system32\nvmctray.dll
2012-10-02 19:29 . 2008-01-29 08:22 2853224 ----a-w- c:\windows\system32\nvsvc.dll
2012-10-02 19:28 . 2008-01-29 08:22 3965288 ----a-w- c:\windows\system32\nvcpl.dll
2012-09-29 18:28 . 2008-02-19 11:26 319456 ----a-w- c:\windows\DIFxAPI.dll
2012-10-11 01:05 . 2012-09-28 17:19 261600 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2012-09-28 386336]
"AVMWlanClient"="c:\program files\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-10-03 178712]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
phase-6 Reminder.lnk - c:\program files\phase-6\phase-6\reminder\reminder.exe [2012-10-16 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"Monitor"=c:\windows\PixArt\PAC207\Monitor.exe
.
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files\Emsisoft Anti-Malware\a2ddax86.sys [x]
R3 a2acc;a2acc;c:\program files\EMSISOFT ANTI-MALWARE\a2accx86.sys [x]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\Common Files\Adobe\ARM\1.0\armsvc.exe [x]
S3 3xHybrid;Philips SAA713x PCI Card;c:\windows\system32\DRIVERS\3xHybrid.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2012-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-28 10:15]
.
2012-10-25 c:\windows\Tasks\User_Feed_Synchronization-{B06D0B9E-F49B-4947-82CA-302808DCB46D}.job
- c:\windows\system32\msfeedssync.exe [2012-09-28 08:30]
.
2012-10-25 c:\windows\Tasks\User_Feed_Synchronization-{C14BE3A1-7541-42F6-935E-22B317B092E6}.job
- c:\windows\system32\msfeedssync.exe [2012-09-28 08:30]
.
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.aldi.com/
mSearch Bar = hxxp://www.google.com/ie
uInternet Settings,ProxyOverride = fritz.box
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites
LSP: c:\windows\system32\wpclsp.dll
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\TIM\AppData\Roaming\Mozilla\Firefox\Profiles\g90hhbyl.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://www.freenet.de/
FF - ExtSQL: 2012-10-05 10:33; optout@google.com; c:\users\TIM\AppData\Roaming\Mozilla\Firefox\Profiles\g90hhbyl.default\extensions\optout@google.com.xpi
FF - ExtSQL: 2012-10-18 11:29; {fd639891-5cc6-45ae-9055-a7a6abb5a7a9}; c:\users\TIM\AppData\Roaming\Mozilla\Firefox\Profiles\g90hhbyl.default\extensions\{fd639891-5cc6-45ae-9055-a7a6abb5a7a9}
FF - ExtSQL: 2012-10-23 12:00; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - user.js: network.http.max-connections-per-server - 8
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.homepage.dontask - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
SafeBoot-mcmscsvc
SafeBoot-MCODS
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-10-25 21:57
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\SecuROM\License information*]
"datasecu"=hex:f7,0b,7f,b5,af,98,a2,40,0c,f1,89,6b,1e,99,e7,29,35,af,b3,d5,42,
c0,60,3c,d3,e5,c1,7c,12,83,fe,e8,e1,bf,90,57,46,d3,98,66,f1,76,50,76,38,6d,\
"rkeysecu"=hex:1a,c2,35,4c,a1,ff,3d,2c,58,1d,5f,96,ef,18,74,89
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files\Avira\AntiVir Desktop\sched.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\avmwlanstick\WlanNetService.exe
c:\windows\system32\libusbd-nt.exe
c:\program files\CyberLink\Shared Files\RichVideo.exe
c:\program files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
c:\program files\Medion\MEDIONbox\Program\GCS.exe
c:\windows\SCARDS32.EXE
c:\progra~1\COMMON~1\X10\Common\x10nets.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
c:\windows\ehome\ehmsas.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-10-25 22:03:38 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2012-10-25 20:03
.
Vor Suchlauf: 9 Verzeichnis(se), 381.049.520.128 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 380.781.260.800 Bytes frei
.
- - End Of File - - B9E356CEAF4042A0A70E8A8592F3743F
Sorry. Ich weiß nicht, warum immer alles doppelt gepostet wird!? Geändert von cosinus (26.10.2012 um 12:24 Uhr) Grund: doppelmoppel entfernt |
|
25.10.2012, 22:39
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes meldet ccleaner.exe sei infiziert? Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
25.10.2012, 23:00
| #8 |
| | Malewarebytes meldet ccleaner.exe sei infiziert? Hi cosinus. Hier der Report. Danke Code:
ATTFilter 23:54:39.0714 3544 TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47
23:54:40.0120 3544 ============================================================
23:54:40.0120 3544 Current date / time: 2012/10/25 23:54:40.0120
23:54:40.0120 3544 SystemInfo:
23:54:40.0120 3544
23:54:40.0120 3544 OS Version: 6.0.6002 ServicePack: 2.0
23:54:40.0120 3544 Product type: Workstation
23:54:40.0120 3544 ComputerName: TIM-PC
23:54:40.0120 3544 UserName: TIM
23:54:40.0120 3544 Windows directory: C:\Windows
23:54:40.0120 3544 System windows directory: C:\Windows
23:54:40.0120 3544 Processor architecture: Intel x86
23:54:40.0120 3544 Number of processors: 4
23:54:40.0120 3544 Page size: 0x1000
23:54:40.0120 3544 Boot type: Normal boot
23:54:40.0120 3544 ============================================================
23:54:40.0479 3544 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:54:40.0525 3544 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:54:40.0557 3544 ============================================================
23:54:40.0557 3544 \Device\Harddisk0\DR0:
23:54:40.0557 3544 MBR partitions:
23:54:40.0557 3544 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x37B83800
23:54:40.0572 3544 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x37B8420D, BlocksNum 0x2800A34
23:54:40.0572 3544 \Device\Harddisk1\DR1:
23:54:40.0588 3544 MBR partitions:
23:54:40.0588 3544 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
23:54:40.0588 3544 ============================================================
23:54:40.0619 3544 C: <-> \Device\Harddisk0\DR0\Partition1
23:54:40.0619 3544 E: <-> \Device\Harddisk0\DR0\Partition2
23:54:40.0635 3544 N: <-> \Device\Harddisk1\DR1\Partition1
23:54:40.0635 3544 ============================================================
23:54:40.0635 3544 Initialize success
23:54:40.0635 3544 ============================================================
23:55:44.0000 6096 ============================================================
23:55:44.0000 6096 Scan started
23:55:44.0000 6096 Mode: Manual; SigCheck; TDLFS;
23:55:44.0000 6096 ============================================================
23:55:44.0180 6096 ================ Scan system memory ========================
23:55:44.0180 6096 System memory - ok
23:55:44.0180 6096 ================ Scan services =============================
23:55:44.0365 6096 [ 651C54AC4EC5C5397C5AFF5D575CA45B ] 3xHybrid C:\Windows\system32\DRIVERS\3xHybrid.sys
23:55:44.0515 6096 3xHybrid - ok
23:55:44.0520 6096 a2acc - ok
23:55:44.0525 6096 A2DDA - ok
23:55:44.0560 6096 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:55:44.0580 6096 ACPI - ok
23:55:44.0635 6096 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:55:44.0645 6096 AdobeARMservice - ok
23:55:44.0735 6096 [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:55:44.0750 6096 AdobeFlashPlayerUpdateSvc - ok
23:55:44.0810 6096 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:55:44.0835 6096 adp94xx - ok
23:55:44.0875 6096 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:55:44.0895 6096 adpahci - ok
23:55:44.0935 6096 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:55:44.0950 6096 adpu160m - ok
23:55:44.0965 6096 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:55:44.0980 6096 adpu320 - ok
23:55:45.0000 6096 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:55:45.0030 6096 AeLookupSvc - ok
23:55:45.0055 6096 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
23:55:45.0095 6096 AFD - ok
23:55:45.0115 6096 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:55:45.0125 6096 agp440 - ok
23:55:45.0140 6096 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:55:45.0155 6096 aic78xx - ok
23:55:45.0165 6096 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:55:45.0200 6096 ALG - ok
23:55:45.0210 6096 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
23:55:45.0220 6096 aliide - ok
23:55:45.0230 6096 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:55:45.0245 6096 amdagp - ok
23:55:45.0255 6096 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
23:55:45.0270 6096 amdide - ok
23:55:45.0280 6096 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:55:45.0320 6096 AmdK7 - ok
23:55:45.0335 6096 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:55:45.0370 6096 AmdK8 - ok
23:55:45.0435 6096 [ 98A8B7D168D035FEFDEFA18F759115F6 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:55:45.0445 6096 AntiVirSchedulerService - ok
23:55:45.0495 6096 [ AAACAE485AE81D0A449FBC754880C791 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:55:45.0505 6096 AntiVirService - ok
23:55:45.0510 6096 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:55:45.0550 6096 Appinfo - ok
23:55:45.0555 6096 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
23:55:45.0570 6096 arc - ok
23:55:45.0590 6096 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:55:45.0600 6096 arcsas - ok
23:55:45.0710 6096 [ 2FE0D5DB69014980A970D3BF9A85D2B1 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:55:45.0725 6096 aspnet_state - ok
23:55:45.0735 6096 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:55:45.0760 6096 AsyncMac - ok
23:55:45.0775 6096 [ 2D9C903DC76A66813D350A562DE40ED9 ] atapi C:\Windows\system32\drivers\atapi.sys
23:55:45.0795 6096 atapi - ok
23:55:45.0825 6096 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:55:45.0845 6096 AudioEndpointBuilder - ok
23:55:45.0855 6096 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:55:45.0875 6096 Audiosrv - ok
23:55:45.0905 6096 [ 583B68234A159BA64090F3CAE7360F03 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:55:45.0915 6096 avgntflt - ok
23:55:45.0935 6096 [ C499333D8915597FE415F0058EFFD7D2 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:55:45.0945 6096 avipbb - ok
23:55:45.0955 6096 [ 52EC5F852B42136C513B9009A3C27891 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:55:45.0965 6096 avkmgr - ok
23:55:46.0000 6096 [ C6F4C466B654C1BE98AF31418BB5AC30 ] AVM WLAN Connection Service C:\Program Files\avmwlanstick\WlanNetService.exe
23:55:46.0015 6096 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - warning
23:55:46.0015 6096 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic (1)
23:55:46.0035 6096 [ 263CF9D248FD5E020A1333ED4F7EAA88 ] avmeject C:\Windows\system32\drivers\avmeject.sys
23:55:46.0040 6096 avmeject ( UnsignedFile.Multi.Generic ) - warning
23:55:46.0040 6096 avmeject - detected UnsignedFile.Multi.Generic (1)
23:55:46.0060 6096 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
23:55:46.0085 6096 Beep - ok
23:55:46.0110 6096 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
23:55:46.0155 6096 BFE - ok
23:55:46.0230 6096 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\system32\qmgr.dll
23:55:46.0265 6096 BITS - ok
23:55:46.0295 6096 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:55:46.0330 6096 blbdrive - ok
23:55:46.0345 6096 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:55:46.0395 6096 bowser - ok
23:55:46.0425 6096 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:55:46.0440 6096 BrFiltLo - ok
23:55:46.0455 6096 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:55:46.0480 6096 BrFiltUp - ok
23:55:46.0505 6096 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:55:46.0525 6096 Browser - ok
23:55:46.0545 6096 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:55:46.0595 6096 Brserid - ok
23:55:46.0610 6096 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:55:46.0660 6096 BrSerWdm - ok
23:55:46.0675 6096 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:55:46.0735 6096 BrUsbMdm - ok
23:55:46.0750 6096 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:55:46.0785 6096 BrUsbSer - ok
23:55:46.0810 6096 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:55:46.0845 6096 BTHMODEM - ok
23:55:46.0880 6096 [ 50DED7C73E0FB40693EDAB8CAD7C46E7 ] CA561 C:\Windows\system32\Drivers\SPCA561.SYS
23:55:46.0905 6096 CA561 - ok
23:55:46.0910 6096 catchme - ok
23:55:46.0915 6096 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:55:46.0950 6096 cdfs - ok
23:55:46.0985 6096 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:55:47.0005 6096 cdrom - ok
23:55:47.0035 6096 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
23:55:47.0065 6096 CertPropSvc - ok
23:55:47.0090 6096 [ AEEE1FC75382147FE6AFD2F1250B7C7C ] CHIPDRIVE USB SmartCardReader C:\Windows\system32\DRIVERS\TwkUsb2K.sys
23:55:47.0105 6096 CHIPDRIVE USB SmartCardReader ( UnsignedFile.Multi.Generic ) - warning
23:55:47.0105 6096 CHIPDRIVE USB SmartCardReader - detected UnsignedFile.Multi.Generic (1)
23:55:47.0120 6096 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
23:55:47.0155 6096 circlass - ok
23:55:47.0195 6096 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
23:55:47.0210 6096 CLFS - ok
23:55:47.0260 6096 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:55:47.0270 6096 clr_optimization_v2.0.50727_32 - ok
23:55:47.0300 6096 [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:55:47.0315 6096 clr_optimization_v4.0.30319_32 - ok
23:55:47.0330 6096 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:55:47.0340 6096 cmdide - ok
23:55:47.0355 6096 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:55:47.0370 6096 Compbatt - ok
23:55:47.0370 6096 COMSysApp - ok
23:55:47.0375 6096 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:55:47.0390 6096 crcdisk - ok
23:55:47.0405 6096 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:55:47.0435 6096 Crusoe - ok
23:55:47.0480 6096 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:55:47.0505 6096 CryptSvc - ok
23:55:47.0535 6096 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:55:47.0560 6096 DcomLaunch - ok
23:55:47.0575 6096 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:55:47.0610 6096 DfsC - ok
23:55:47.0680 6096 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
23:55:47.0765 6096 DFSR - ok
23:55:47.0785 6096 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:55:47.0810 6096 Dhcp - ok
23:55:47.0830 6096 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
23:55:47.0840 6096 disk - ok
23:55:47.0875 6096 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:55:47.0905 6096 Dnscache - ok
23:55:47.0940 6096 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:55:47.0960 6096 dot3svc - ok
23:55:47.0975 6096 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
23:55:48.0015 6096 DPS - ok
23:55:48.0040 6096 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:55:48.0070 6096 drmkaud - ok
23:55:48.0110 6096 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:55:48.0135 6096 DXGKrnl - ok
23:55:48.0180 6096 [ ABFD0739BDA1A9295B872A4B27326B9C ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
23:55:48.0190 6096 e1express - ok
23:55:48.0210 6096 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:55:48.0235 6096 E1G60 - ok
23:55:48.0250 6096 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:55:48.0275 6096 EapHost - ok
23:55:48.0285 6096 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:55:48.0300 6096 Ecache - ok
23:55:48.0445 6096 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:55:48.0475 6096 ehRecvr - ok
23:55:48.0480 6096 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:55:48.0500 6096 ehSched - ok
23:55:48.0530 6096 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:55:48.0555 6096 ehstart - ok
23:55:48.0575 6096 [ 084A13F18856D610D44D3109A9D2ACDE ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
23:55:48.0575 6096 Suspicious file (Forged): C:\Windows\system32\Drivers\ElbyCDIO.sys. Real md5: 084A13F18856D610D44D3109A9D2ACDE, Fake md5: 62DCC3B67422BE4088387597E4CB3516
23:55:48.0580 6096 ElbyCDIO ( ForgedFile.Multi.Generic ) - warning
23:55:48.0580 6096 ElbyCDIO - detected ForgedFile.Multi.Generic (1)
23:55:48.0600 6096 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:55:48.0620 6096 elxstor - ok
23:55:48.0660 6096 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:55:48.0680 6096 EMDMgmt - ok
23:55:48.0710 6096 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:55:48.0750 6096 ErrDev - ok
23:55:48.0775 6096 [ 82FCA8431CAB05C7D135F169F15355C1 ] EthDriver C:\Windows\system32\DRIVERS\DLKRT32.sys
23:55:48.0805 6096 EthDriver - ok
23:55:48.0855 6096 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
23:55:48.0875 6096 EventSystem - ok
23:55:48.0905 6096 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
23:55:48.0940 6096 exfat - ok
23:55:48.0960 6096 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:55:48.0990 6096 fastfat - ok
23:55:49.0005 6096 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:55:49.0025 6096 fdc - ok
23:55:49.0050 6096 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:55:49.0075 6096 fdPHost - ok
23:55:49.0085 6096 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:55:49.0125 6096 FDResPub - ok
23:55:49.0130 6096 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:55:49.0145 6096 FileInfo - ok
23:55:49.0160 6096 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:55:49.0185 6096 Filetrace - ok
23:55:49.0235 6096 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
23:55:49.0275 6096 FLEXnet Licensing Service - ok
23:55:49.0315 6096 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:55:49.0335 6096 flpydisk - ok
23:55:49.0370 6096 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:55:49.0380 6096 FltMgr - ok
23:55:49.0425 6096 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
23:55:49.0495 6096 FontCache - ok
23:55:49.0555 6096 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:55:49.0565 6096 FontCache3.0.0.0 - ok
23:55:49.0585 6096 [ 790A4CA68F44BE35967B3DF61F3E4675 ] FsUsbExDisk C:\Windows\system32\FsUsbExDisk.SYS
23:55:49.0595 6096 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
23:55:49.0595 6096 FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)
23:55:49.0620 6096 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:55:49.0665 6096 Fs_Rec - ok
23:55:49.0730 6096 [ 34403847D2E224A96B94A123B9AE55A0 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
23:55:49.0785 6096 fwlanusbn - ok
23:55:49.0815 6096 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:55:49.0830 6096 gagp30kx - ok
23:55:49.0845 6096 [ E43455D5445848A309E62C9A5763B68E ] ggflt C:\Windows\system32\DRIVERS\ggflt.sys
23:55:49.0855 6096 ggflt - ok
23:55:49.0870 6096 [ 04B0167F64B21BA39B5CA1ECDDF383BC ] ggsemc C:\Windows\system32\DRIVERS\ggsemc.sys
23:55:49.0880 6096 ggsemc - ok
23:55:49.0920 6096 [ 51B2D8629E1A0F463682F365D56325CB ] GnabService c:\program files\common files\gnab\service\servicecontroller.exe
23:55:49.0935 6096 GnabService ( UnsignedFile.Multi.Generic ) - warning
23:55:49.0935 6096 GnabService - detected UnsignedFile.Multi.Generic (1)
23:55:49.0975 6096 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
23:55:50.0005 6096 gpsvc - ok
23:55:50.0060 6096 [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:55:50.0090 6096 HdAudAddService - ok
23:55:50.0135 6096 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:55:50.0160 6096 HDAudBus - ok
23:55:50.0190 6096 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:55:50.0225 6096 HidBth - ok
23:55:50.0240 6096 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:55:50.0280 6096 HidIr - ok
23:55:50.0325 6096 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
23:55:50.0345 6096 hidserv - ok
23:55:50.0370 6096 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:55:50.0390 6096 HidUsb - ok
23:55:50.0425 6096 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:55:50.0450 6096 hkmsvc - ok
23:55:50.0470 6096 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:55:50.0480 6096 HpCISSs - ok
23:55:50.0510 6096 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:55:50.0550 6096 HTTP - ok
23:55:50.0585 6096 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:55:50.0600 6096 i2omp - ok
23:55:50.0635 6096 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:55:50.0650 6096 i8042prt - ok
23:55:50.0700 6096 [ 72B53E9C8924949DEC8F3799BCBA2251 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
23:55:50.0715 6096 IAANTMON - ok
23:55:50.0755 6096 [ E5A0034847537EAEE3C00349D5C34C5F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:55:50.0765 6096 iaStor - ok
23:55:50.0790 6096 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:55:50.0805 6096 iaStorV - ok
23:55:50.0855 6096 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
23:55:50.0875 6096 IDriverT ( UnsignedFile.Multi.Generic ) - warning
23:55:50.0875 6096 IDriverT - detected UnsignedFile.Multi.Generic (1)
23:55:50.0930 6096 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:55:50.0975 6096 idsvc - ok
23:55:51.0005 6096 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:55:51.0015 6096 iirsp - ok
23:55:51.0035 6096 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
23:55:51.0060 6096 IKEEXT - ok
23:55:51.0065 6096 IntcAzAudAddService - ok
23:55:51.0095 6096 [ 7F440F8CED849FCDFA85BB3521B4F048 ] IntelDH C:\Windows\system32\Drivers\IntelDH.sys
23:55:51.0115 6096 IntelDH - ok
23:55:51.0135 6096 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
23:55:51.0145 6096 intelide - ok
23:55:51.0160 6096 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:55:51.0195 6096 intelppm - ok
23:55:51.0220 6096 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:55:51.0240 6096 IPBusEnum - ok
23:55:51.0255 6096 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:55:51.0285 6096 IpFilterDriver - ok
23:55:51.0315 6096 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:55:51.0345 6096 iphlpsvc - ok
23:55:51.0350 6096 IpInIp - ok
23:55:51.0375 6096 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:55:51.0410 6096 IPMIDRV - ok
23:55:51.0425 6096 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:55:51.0450 6096 IPNAT - ok
23:55:51.0455 6096 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:55:51.0485 6096 IRENUM - ok
23:55:51.0500 6096 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:55:51.0510 6096 isapnp - ok
23:55:51.0540 6096 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:55:51.0555 6096 iScsiPrt - ok
23:55:51.0565 6096 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:55:51.0580 6096 iteatapi - ok
23:55:51.0590 6096 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:55:51.0600 6096 iteraid - ok
23:55:51.0620 6096 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:55:51.0635 6096 kbdclass - ok
23:55:51.0650 6096 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:55:51.0680 6096 kbdhid - ok
23:55:51.0715 6096 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
23:55:51.0730 6096 KeyIso - ok
23:55:51.0745 6096 [ 566C5FD480FDBCE3BA5CF9FBCFFAEA9A ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
23:55:51.0775 6096 KMWDFILTER - ok
23:55:51.0800 6096 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:55:51.0825 6096 KSecDD - ok
23:55:51.0845 6096 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:55:51.0885 6096 KtmRm - ok
23:55:51.0940 6096 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
23:55:51.0970 6096 LanmanServer - ok
23:55:52.0005 6096 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:55:52.0040 6096 LanmanWorkstation - ok
23:55:52.0065 6096 [ E2F1DCF4A68CC6CF694FBFBA1842F4CD ] libusb0 C:\Windows\system32\drivers\libusb0.sys
23:55:52.0075 6096 libusb0 ( UnsignedFile.Multi.Generic ) - warning
23:55:52.0075 6096 libusb0 - detected UnsignedFile.Multi.Generic (1)
23:55:52.0100 6096 [ 8B4B572753419FE601220526205F9455 ] libusbd C:\Windows\system32\libusbd-nt.exe
23:55:52.0105 6096 libusbd ( UnsignedFile.Multi.Generic ) - warning
23:55:52.0105 6096 libusbd - detected UnsignedFile.Multi.Generic (1)
23:55:52.0120 6096 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:55:52.0152 6096 lltdio - ok
23:55:52.0183 6096 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:55:52.0214 6096 lltdsvc - ok
23:55:52.0214 6096 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:55:52.0261 6096 lmhosts - ok
23:55:52.0276 6096 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:55:52.0292 6096 LSI_FC - ok
23:55:52.0308 6096 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:55:52.0323 6096 LSI_SAS - ok
23:55:52.0339 6096 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:55:52.0339 6096 LSI_SCSI - ok
23:55:52.0354 6096 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
23:55:52.0386 6096 luafv - ok
23:55:52.0401 6096 [ 9FB982DE1C8DD769F8ED681DD878B12F ] lvpopflt C:\Windows\system32\DRIVERS\lvpopflt.sys
23:55:52.0417 6096 lvpopflt - ok
23:55:52.0448 6096 [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2Mon.sys
23:55:52.0464 6096 LVPr2Mon - ok
23:55:52.0495 6096 [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23:55:52.0495 6096 LVPrcSrv - ok
23:55:52.0510 6096 [ 37072EC9299E825F4335CC554B6FAC6A ] LVRS C:\Windows\system32\DRIVERS\lvrs.sys
23:55:52.0526 6096 LVRS - ok
23:55:52.0916 6096 [ A240E42A7402E927A71B6E8AA4629B13 ] LVUVC C:\Windows\system32\DRIVERS\lvuvc.sys
23:55:53.0212 6096 LVUVC - ok
23:55:53.0244 6096 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:55:53.0259 6096 Mcx2Svc - ok
23:55:53.0259 6096 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
23:55:53.0275 6096 megasas - ok
23:55:53.0290 6096 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:55:53.0322 6096 MegaSR - ok
23:55:53.0353 6096 [ BAFDD5E28BAEA99D7F4772AF2F5EC7EE ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys
23:55:53.0368 6096 mfeavfk - ok
23:55:53.0400 6096 [ 1D003E3056A43D881597D6763E83B943 ] mfebopk C:\Windows\system32\drivers\mfebopk.sys
23:55:53.0415 6096 mfebopk - ok
23:55:53.0446 6096 [ 3F138A1C8A0659F329F242D1E389B2CF ] mfehidk C:\Windows\system32\drivers\mfehidk.sys
23:55:53.0462 6096 mfehidk - ok
23:55:53.0478 6096 [ 41FE2F288E05A6C8AB85DD56770FFBAD ] mferkdk C:\Windows\system32\drivers\mferkdk.sys
23:55:53.0493 6096 mferkdk - ok
23:55:53.0524 6096 [ 096B52EA918AA909BA5903D79E129005 ] mfesmfk C:\Windows\system32\drivers\mfesmfk.sys
23:55:53.0524 6096 mfesmfk - ok
23:55:53.0540 6096 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:55:53.0571 6096 MMCSS - ok
23:55:53.0587 6096 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:55:53.0618 6096 Modem - ok
23:55:53.0634 6096 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:55:53.0665 6096 monitor - ok
23:55:53.0680 6096 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:55:53.0696 6096 mouclass - ok
23:55:53.0696 6096 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:55:53.0727 6096 mouhid - ok
23:55:53.0743 6096 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:55:53.0758 6096 MountMgr - ok
23:55:53.0805 6096 [ 4D7F2682D29B92A6251B17957AA0B985 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:55:53.0821 6096 MozillaMaintenance - ok
23:55:53.0836 6096 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
23:55:53.0852 6096 mpio - ok
23:55:53.0868 6096 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:55:53.0883 6096 mpsdrv - ok
23:55:53.0914 6096 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
23:55:53.0946 6096 MpsSvc - ok
23:55:53.0961 6096 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:55:53.0977 6096 Mraid35x - ok
23:55:54.0008 6096 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:55:54.0024 6096 MRxDAV - ok
23:55:54.0039 6096 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:55:54.0086 6096 mrxsmb - ok
23:55:54.0133 6096 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:55:54.0148 6096 mrxsmb10 - ok
23:55:54.0148 6096 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:55:54.0164 6096 mrxsmb20 - ok
23:55:54.0180 6096 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
23:55:54.0195 6096 msahci - ok
23:55:54.0211 6096 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:55:54.0226 6096 msdsm - ok
23:55:54.0273 6096 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
23:55:54.0289 6096 MSDTC - ok
23:55:54.0304 6096 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:55:54.0336 6096 Msfs - ok
23:55:54.0336 6096 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:55:54.0351 6096 msisadrv - ok
23:55:54.0382 6096 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:55:54.0398 6096 MSiSCSI - ok
23:55:54.0398 6096 msiserver - ok
23:55:54.0414 6096 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:55:54.0445 6096 MSKSSRV - ok
23:55:54.0460 6096 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:55:54.0476 6096 MSPCLOCK - ok
23:55:54.0492 6096 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:55:54.0523 6096 MSPQM - ok
23:55:54.0554 6096 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:55:54.0570 6096 MsRPC - ok
23:55:54.0585 6096 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:55:54.0601 6096 mssmbios - ok
23:55:54.0616 6096 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:55:54.0632 6096 MSTEE - ok
23:55:54.0648 6096 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
23:55:54.0663 6096 Mup - ok
23:55:54.0679 6096 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
23:55:54.0694 6096 napagent - ok
23:55:54.0726 6096 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:55:54.0757 6096 NativeWifiP - ok
23:55:54.0788 6096 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:55:54.0804 6096 NDIS - ok
23:55:54.0819 6096 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:55:54.0850 6096 NdisTapi - ok
23:55:54.0882 6096 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:55:54.0897 6096 Ndisuio - ok
23:55:54.0897 6096 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:55:54.0928 6096 NdisWan - ok
23:55:54.0928 6096 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:55:54.0944 6096 NDProxy - ok
23:55:54.0944 6096 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:55:54.0975 6096 NetBIOS - ok
23:55:55.0022 6096 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:55:55.0053 6096 netbt - ok
23:55:55.0053 6096 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
23:55:55.0069 6096 Netlogon - ok
23:55:55.0084 6096 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:55:55.0116 6096 Netman - ok
23:55:55.0178 6096 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:55:55.0194 6096 NetMsmqActivator - ok
23:55:55.0194 6096 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:55:55.0209 6096 NetPipeActivator - ok
23:55:55.0225 6096 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:55:55.0256 6096 netprofm - ok
23:55:55.0287 6096 [ 9BA2F93E4F01EC58E722B36639E0CE5D ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
23:55:55.0334 6096 netr28u - ok
23:55:55.0365 6096 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:55:55.0381 6096 NetTcpActivator - ok
23:55:55.0381 6096 [ E8B9164DA7701C1E595647C3A3AFA766 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:55:55.0396 6096 NetTcpPortSharing - ok
23:55:55.0428 6096 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:55:55.0428 6096 nfrd960 - ok
23:55:55.0443 6096 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:55:55.0474 6096 NlaSvc - ok
23:55:55.0474 6096 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:55:55.0506 6096 Npfs - ok
23:55:55.0506 6096 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:55:55.0537 6096 nsi - ok
23:55:55.0537 6096 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:55:55.0568 6096 nsiproxy - ok
23:55:55.0615 6096 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:55:55.0662 6096 Ntfs - ok
23:55:55.0708 6096 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:55:55.0755 6096 ntrigdigi - ok
23:55:55.0755 6096 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:55:55.0786 6096 Null - ok
23:55:56.0348 6096 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:55:56.0910 6096 nvlddmkm - ok
23:55:56.0941 6096 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:55:56.0956 6096 nvraid - ok
23:55:56.0956 6096 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:55:56.0972 6096 nvstor - ok
23:55:57.0050 6096 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
23:55:57.0097 6096 nvUpdatusService - ok
23:55:57.0144 6096 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:55:57.0159 6096 nv_agp - ok
23:55:57.0159 6096 NwlnkFlt - ok
23:55:57.0159 6096 NwlnkFwd - ok
23:55:57.0206 6096 [ 6F310E890D46E246E0E261A63D9B36B4 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:55:57.0222 6096 ohci1394 - ok
23:55:57.0268 6096 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:55:57.0331 6096 p2pimsvc - ok
23:55:57.0362 6096 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
23:55:57.0378 6096 p2psvc - ok
23:55:57.0409 6096 [ DCA942C0A19A0AD2ABCD9ACF94EB4B10 ] PAC207 C:\Windows\system32\DRIVERS\PFC027.SYS
23:55:57.0471 6096 PAC207 - ok
23:55:57.0502 6096 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
23:55:57.0549 6096 Parport - ok
23:55:57.0580 6096 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:55:57.0596 6096 partmgr - ok
23:55:57.0612 6096 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:55:57.0643 6096 Parvdm - ok
23:55:57.0674 6096 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:55:57.0690 6096 PcaSvc - ok
23:55:57.0705 6096 pccsmcfd - ok
23:55:57.0705 6096 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
23:55:57.0721 6096 pci - ok
23:55:57.0736 6096 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
23:55:57.0752 6096 pciide - ok
23:55:57.0768 6096 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:55:57.0783 6096 pcmcia - ok
23:55:57.0814 6096 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:55:57.0924 6096 PEAUTH - ok
23:55:57.0970 6096 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
23:55:58.0048 6096 pla - ok
23:55:58.0158 6096 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:55:58.0173 6096 PlugPlay - ok
23:55:58.0189 6096 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:55:58.0204 6096 PNRPAutoReg - ok
23:55:58.0251 6096 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:55:58.0282 6096 PNRPsvc - ok
23:55:58.0314 6096 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:55:58.0345 6096 PolicyAgent - ok
23:55:58.0360 6096 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:55:58.0392 6096 PptpMiniport - ok
23:55:58.0407 6096 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\drivers\processr.sys
23:55:58.0423 6096 Processor - ok
23:55:58.0438 6096 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
23:55:58.0454 6096 ProfSvc - ok
23:55:58.0470 6096 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:55:58.0470 6096 ProtectedStorage - ok
23:55:58.0501 6096 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:55:58.0532 6096 PSched - ok
23:55:58.0579 6096 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:55:58.0626 6096 ql2300 - ok
23:55:58.0657 6096 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:55:58.0672 6096 ql40xx - ok
23:55:58.0688 6096 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:55:58.0704 6096 QWAVE - ok
23:55:58.0704 6096 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:55:58.0735 6096 QWAVEdrv - ok
23:55:58.0750 6096 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:55:58.0766 6096 RasAcd - ok
23:55:58.0782 6096 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:55:58.0813 6096 RasAuto - ok
23:55:58.0844 6096 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:55:58.0875 6096 Rasl2tp - ok
23:55:58.0906 6096 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
23:55:58.0922 6096 RasMan - ok
23:55:58.0938 6096 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:55:58.0953 6096 RasPppoe - ok
23:55:58.0969 6096 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:55:58.0984 6096 RasSstp - ok
23:55:59.0000 6096 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:55:59.0047 6096 rdbss - ok
23:55:59.0062 6096 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:55:59.0078 6096 RDPCDD - ok
23:55:59.0094 6096 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:55:59.0125 6096 rdpdr - ok
23:55:59.0125 6096 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:55:59.0156 6096 RDPENCDD - ok
23:55:59.0187 6096 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:55:59.0203 6096 RDPWD - ok
23:55:59.0265 6096 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:55:59.0281 6096 RemoteAccess - ok
23:55:59.0312 6096 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:55:59.0328 6096 RemoteRegistry - ok
23:55:59.0374 6096 [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:55:59.0390 6096 RichVideo - ok
23:55:59.0406 6096 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:55:59.0421 6096 RpcLocator - ok
23:55:59.0437 6096 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
23:55:59.0452 6096 RpcSs - ok
23:55:59.0468 6096 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:55:59.0499 6096 rspndr - ok
23:55:59.0515 6096 [ 0266151DE3F36429F6AC3C4B28085061 ] s217bus C:\Windows\system32\DRIVERS\s217bus.sys
23:55:59.0530 6096 s217bus - ok
23:55:59.0546 6096 [ A43C0AF0E46BE7EF0C7E8CCF0F058600 ] s217mdfl C:\Windows\system32\DRIVERS\s217mdfl.sys
23:55:59.0546 6096 s217mdfl - ok
23:55:59.0562 6096 [ 005F5DED1ED8F8A9D2399D765EAD20F1 ] s217mdm C:\Windows\system32\DRIVERS\s217mdm.sys
23:55:59.0577 6096 s217mdm - ok
23:55:59.0593 6096 [ DE9562AD0C91E1857D11F65A91EE1A47 ] s217mgmt C:\Windows\system32\DRIVERS\s217mgmt.sys
23:55:59.0593 6096 s217mgmt - ok
23:55:59.0624 6096 [ 11CC5D7F992799E7E75D018E9C018563 ] s217nd5 C:\Windows\system32\DRIVERS\s217nd5.sys
23:55:59.0640 6096 s217nd5 - ok
23:55:59.0655 6096 [ 0F9F4045799AFB66B85EEF999D0609EC ] s217obex C:\Windows\system32\DRIVERS\s217obex.sys
23:55:59.0655 6096 s217obex - ok
23:55:59.0671 6096 [ 1C91E1023F07B6407D84B5A43537D984 ] s217unic C:\Windows\system32\DRIVERS\s217unic.sys
23:55:59.0686 6096 s217unic - ok
23:55:59.0702 6096 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
23:55:59.0702 6096 SamSs - ok
23:55:59.0718 6096 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:55:59.0733 6096 sbp2port - ok
23:55:59.0764 6096 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:55:59.0796 6096 SCardSvr - ok
23:55:59.0827 6096 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
23:55:59.0874 6096 Schedule - ok
23:55:59.0905 6096 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:55:59.0920 6096 SCPolicySvc - ok
23:55:59.0936 6096 [ 624795DF1993B955B0C0A03A4612F2EC ] SCR3XX2K C:\Windows\system32\DRIVERS\SCR3XX2K.sys
23:55:59.0952 6096 SCR3XX2K - ok
23:55:59.0967 6096 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:56:00.0014 6096 SDRSVC - ok
23:56:00.0030 6096 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:56:00.0076 6096 secdrv - ok
23:56:00.0092 6096 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:56:00.0123 6096 seclogon - ok
23:56:00.0123 6096 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\system32\sens.dll
23:56:00.0154 6096 SENS - ok
23:56:00.0186 6096 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:56:00.0217 6096 Serenum - ok
23:56:00.0217 6096 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:56:00.0248 6096 Serial - ok
23:56:00.0264 6096 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:56:00.0279 6096 sermouse - ok
23:56:00.0326 6096 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
23:56:00.0357 6096 SessionEnv - ok
23:56:00.0373 6096 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:56:00.0404 6096 sffdisk - ok
23:56:00.0435 6096 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:56:00.0466 6096 sffp_mmc - ok
23:56:00.0466 6096 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:56:00.0498 6096 sffp_sd - ok
23:56:00.0513 6096 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:56:00.0544 6096 sfloppy - ok
23:56:00.0576 6096 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:56:00.0607 6096 SharedAccess - ok
23:56:00.0669 6096 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:56:00.0700 6096 ShellHWDetection - ok
23:56:00.0716 6096 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:56:00.0732 6096 sisagp - ok
23:56:00.0747 6096 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:56:00.0763 6096 SiSRaid2 - ok
23:56:00.0778 6096 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:56:00.0794 6096 SiSRaid4 - ok
23:56:00.0872 6096 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
23:56:00.0997 6096 slsvc - ok
23:56:01.0028 6096 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:56:01.0059 6096 SLUINotify - ok
23:56:01.0090 6096 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:56:01.0106 6096 Smb - ok
23:56:01.0137 6096 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:56:01.0153 6096 SNMPTRAP - ok
23:56:01.0168 6096 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:56:01.0184 6096 spldr - ok
23:56:01.0200 6096 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
23:56:01.0246 6096 Spooler - ok
23:56:01.0278 6096 [ 71E276F6D189413266EA22171806597B ] sptd C:\Windows\system32\Drivers\sptd.sys
23:56:01.0278 6096 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 71E276F6D189413266EA22171806597B
23:56:01.0278 6096 sptd ( LockedFile.Multi.Generic ) - warning
23:56:01.0278 6096 sptd - detected LockedFile.Multi.Generic (1)
23:56:01.0293 6096 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:56:01.0340 6096 srv - ok
23:56:01.0340 6096 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:56:01.0387 6096 srv2 - ok
23:56:01.0480 6096 [ BF94A7553EF257D70CB2287BF7A3BCE1 ] srvcPVR C:\Program Files\Sceneo\AbsolutTV\Services\PVR\PVRService.exe
23:56:01.0512 6096 srvcPVR ( UnsignedFile.Multi.Generic ) - warning
23:56:01.0512 6096 srvcPVR - detected UnsignedFile.Multi.Generic (1)
23:56:01.0512 6096 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:56:01.0527 6096 srvnet - ok
23:56:01.0543 6096 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:56:01.0574 6096 SSDPSRV - ok
23:56:01.0590 6096 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:56:01.0605 6096 ssmdrv - ok
23:56:01.0605 6096 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:56:01.0636 6096 SstpSvc - ok
23:56:01.0668 6096 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:56:01.0683 6096 Stereo Service - ok
23:56:01.0746 6096 [ EF70B3D22B4BFFDA6EA851ECB063EFAA ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
23:56:01.0777 6096 StillCam - ok
23:56:01.0808 6096 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
23:56:01.0824 6096 stisvc - ok
23:56:01.0855 6096 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:56:01.0870 6096 swenum - ok
23:56:01.0902 6096 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
23:56:01.0917 6096 swprv - ok
23:56:01.0948 6096 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:56:01.0948 6096 Symc8xx - ok
23:56:01.0964 6096 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:56:01.0980 6096 Sym_hi - ok
23:56:01.0980 6096 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:56:01.0995 6096 Sym_u3 - ok
23:56:02.0026 6096 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
23:56:02.0089 6096 SysMain - ok
23:56:02.0104 6096 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:56:02.0120 6096 TabletInputService - ok
23:56:02.0167 6096 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:56:02.0182 6096 TapiSrv - ok
23:56:02.0214 6096 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:56:02.0245 6096 TBS - ok
23:56:02.0323 6096 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:56:02.0416 6096 Tcpip - ok
23:56:02.0432 6096 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:56:02.0448 6096 Tcpip6 - ok
23:56:02.0479 6096 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:56:02.0526 6096 tcpipreg - ok
23:56:02.0526 6096 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:56:02.0557 6096 TDPIPE - ok
23:56:02.0572 6096 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:56:02.0604 6096 TDTCP - ok
23:56:02.0619 6096 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:56:02.0635 6096 tdx - ok
23:56:02.0635 6096 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:56:02.0650 6096 TermDD - ok
23:56:02.0682 6096 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
23:56:02.0697 6096 TermService - ok
23:56:02.0713 6096 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
23:56:02.0728 6096 Themes - ok
23:56:02.0744 6096 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:56:02.0760 6096 THREADORDER - ok
23:56:02.0775 6096 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:56:02.0806 6096 TrkWks - ok
23:56:02.0853 6096 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:56:02.0869 6096 TrustedInstaller - ok
23:56:02.0884 6096 TSHWMDTCP - ok
23:56:02.0900 6096 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:56:02.0916 6096 tssecsrv - ok
23:56:03.0025 6096 [ 7D133CB3A08BDFAE656A6580D4A6ED14 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
23:56:03.0103 6096 TuneUp.UtilitiesSvc - ok
23:56:03.0134 6096 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
23:56:03.0134 6096 TuneUpUtilitiesDrv - ok
23:56:03.0150 6096 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:56:03.0165 6096 tunmp - ok
23:56:03.0196 6096 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:56:03.0228 6096 tunnel - ok
23:56:03.0337 6096 [ DEC8ACEBD9CD1F3DD6F4F3A6308D8B94 ] TVECapSvc C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe
23:56:03.0337 6096 TVECapSvc ( UnsignedFile.Multi.Generic ) - warning
23:56:03.0337 6096 TVECapSvc - detected UnsignedFile.Multi.Generic (1)
23:56:03.0368 6096 [ 7A5A6987397F78B1606BDB5C407D3574 ] TVESched C:\Program Files\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe
23:56:03.0368 6096 TVESched ( UnsignedFile.Multi.Generic ) - warning
23:56:03.0368 6096 TVESched - detected UnsignedFile.Multi.Generic (1)
23:56:03.0399 6096 [ 8C7D0928B76DC2B8235995A01CE33037 ] TwkMs C:\Windows\system32\drivers\TwkMs.sys
23:56:03.0399 6096 TwkMs ( UnsignedFile.Multi.Generic ) - warning
23:56:03.0399 6096 TwkMs - detected UnsignedFile.Multi.Generic (1)
23:56:03.0415 6096 [ 9C88DCFDF817F6541A61D789360E6964 ] TwkPCSC C:\Windows\system32\drivers\TwkPCSC.sys
23:56:03.0415 6096 TwkPCSC ( UnsignedFile.Multi.Generic ) - warning
23:56:03.0415 6096 TwkPCSC - detected UnsignedFile.Multi.Generic (1)
23:56:03.0430 6096 [ 85ACF8CD52B3B488FF58F1F25509CA5F ] TWKPNP C:\Windows\system32\DRIVERS\TWKPNP.SYS
23:56:03.0430 6096 TWKPNP ( UnsignedFile.Multi.Generic ) - warning
23:56:03.0430 6096 TWKPNP - detected UnsignedFile.Multi.Generic (1)
23:56:03.0462 6096 [ FE8F7C30289D6FB95ED62B6C8C5DD2F8 ] TWKSCARDSRV C:\Windows\SCARDS32.EXE
23:56:03.0462 6096 TWKSCARDSRV ( UnsignedFile.Multi.Generic ) - warning
23:56:03.0462 6096 TWKSCARDSRV - detected UnsignedFile.Multi.Generic (1)
23:56:03.0493 6096 [ BE910ACEAB65FA3AE67AE98B19FCAC4B ] TWKSER2K C:\Windows\system32\DRIVERS\TWKSER2K.sys
23:56:03.0508 6096 TWKSER2K ( UnsignedFile.Multi.Generic ) - warning
23:56:03.0508 6096 TWKSER2K - detected UnsignedFile.Multi.Generic (1)
23:56:03.0508 6096 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:56:03.0524 6096 uagp35 - ok
23:56:03.0555 6096 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:56:03.0586 6096 udfs - ok
23:56:03.0618 6096 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:56:03.0633 6096 UI0Detect - ok
23:56:03.0664 6096 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:56:03.0664 6096 uliagpkx - ok
23:56:03.0696 6096 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:56:03.0711 6096 uliahci - ok
23:56:03.0727 6096 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:56:03.0727 6096 UlSata - ok
23:56:03.0758 6096 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:56:03.0758 6096 ulsata2 - ok
23:56:03.0774 6096 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:56:03.0789 6096 umbus - ok
23:56:03.0805 6096 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:56:03.0836 6096 upnphost - ok
23:56:03.0867 6096 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:56:03.0898 6096 usbaudio - ok
23:56:03.0930 6096 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:56:03.0945 6096 usbccgp - ok
23:56:03.0961 6096 [ 32C068EAF37C92D7194EEE1FAA1E7853 ] USBCCID C:\Windows\system32\DRIVERS\usbccid.sys
23:56:03.0976 6096 USBCCID - ok
23:56:03.0992 6096 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:56:04.0023 6096 usbcir - ok
23:56:04.0070 6096 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:56:04.0086 6096 usbehci - ok
23:56:04.0101 6096 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:56:04.0132 6096 usbhub - ok
23:56:04.0132 6096 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:56:04.0179 6096 usbohci - ok
23:56:04.0210 6096 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:56:04.0226 6096 usbprint - ok
23:56:04.0257 6096 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:56:04.0273 6096 usbscan - ok
23:56:04.0288 6096 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:56:04.0320 6096 USBSTOR - ok
23:56:04.0320 6096 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:56:04.0351 6096 usbuhci - ok
23:56:04.0351 6096 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:56:04.0382 6096 usbvideo - ok
23:56:04.0398 6096 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
23:56:04.0413 6096 UxSms - ok
23:56:04.0444 6096 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
23:56:04.0476 6096 vds - ok
23:56:04.0491 6096 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:56:04.0522 6096 vga - ok
23:56:04.0538 6096 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:56:04.0569 6096 VgaSave - ok
23:56:04.0569 6096 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:56:04.0585 6096 viaagp - ok
23:56:04.0600 6096 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:56:04.0632 6096 ViaC7 - ok
23:56:04.0647 6096 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
23:56:04.0663 6096 viaide - ok
23:56:04.0710 6096 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:56:04.0710 6096 volmgr - ok
23:56:04.0725 6096 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:56:04.0741 6096 volmgrx - ok
23:56:04.0756 6096 [ 147281C01FCB1DF9252DE2A10D5E7093 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:56:04.0772 6096 volsnap - ok
23:56:04.0788 6096 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:56:04.0803 6096 vsmraid - ok
23:56:04.0834 6096 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
23:56:04.0928 6096 VSS - ok
23:56:04.0944 6096 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
23:56:04.0975 6096 W32Time - ok
23:56:04.0975 6096 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:56:05.0037 6096 WacomPen - ok
23:56:05.0053 6096 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:56:05.0084 6096 Wanarp - ok
23:56:05.0084 6096 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:56:05.0100 6096 Wanarpv6 - ok
23:56:05.0115 6096 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:56:05.0146 6096 wcncsvc - ok
23:56:05.0162 6096 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:56:05.0193 6096 WcsPlugInService - ok
23:56:05.0209 6096 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
23:56:05.0224 6096 Wd - ok
23:56:05.0256 6096 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:56:05.0271 6096 Wdf01000 - ok
23:56:05.0302 6096 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:56:05.0334 6096 WdiServiceHost - ok
23:56:05.0334 6096 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:56:05.0349 6096 WdiSystemHost - ok
23:56:05.0380 6096 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
23:56:05.0396 6096 WebClient - ok
23:56:05.0443 6096 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:56:05.0458 6096 Wecsvc - ok
23:56:05.0474 6096 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:56:05.0521 6096 wercplsupport - ok
23:56:05.0552 6096 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
23:56:05.0568 6096 WerSvc - ok
23:56:05.0599 6096 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:56:05.0614 6096 WinDefend - ok
23:56:05.0692 6096 [ 01F2026F3C5B9C87CF77A9D233C2D39B ] WINFLASH C:\Medion\WinFlash.sys
23:56:05.0708 6096 WINFLASH - ok
23:56:05.0708 6096 WinHttpAutoProxySvc - ok
23:56:05.0755 6096 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:56:05.0786 6096 Winmgmt - ok
23:56:05.0817 6096 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:56:05.0880 6096 WinRM - ok
23:56:05.0926 6096 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:56:05.0973 6096 Wlansvc - ok
23:56:06.0020 6096 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:56:06.0036 6096 WmiAcpi - ok
23:56:06.0082 6096 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:56:06.0098 6096 wmiApSrv - ok
23:56:06.0114 6096 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:56:06.0192 6096 WMPNetworkSvc - ok
23:56:06.0223 6096 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:56:06.0254 6096 WPCSvc - ok
23:56:06.0285 6096 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:56:06.0301 6096 WPDBusEnum - ok
23:56:06.0316 6096 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:56:06.0348 6096 WpdUsb - ok
23:56:06.0426 6096 [ 762CD41257671CE9DD1B57967537E0D9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:56:06.0472 6096 WPFFontCache_v0400 - ok
23:56:06.0488 6096 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:56:06.0519 6096 ws2ifsl - ok
23:56:06.0550 6096 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
23:56:06.0582 6096 wscsvc - ok
23:56:06.0582 6096 WSearch - ok
23:56:06.0644 6096 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:56:06.0706 6096 wuauserv - ok
23:56:06.0738 6096 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:56:06.0753 6096 WUDFRd - ok
23:56:06.0784 6096 [ 575A4190D989F64732119E4114045A4F ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:56:06.0800 6096 wudfsvc - ok
23:56:06.0831 6096 [ AB2D77BF7222B007717ABB61B15F9AE2 ] X10Hid C:\Windows\system32\Drivers\x10hid.sys
23:56:06.0847 6096 X10Hid - ok
23:56:06.0878 6096 [ 5A0C788C5BC5F2C993CB60940ADCF95E ] x10nets C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
23:56:06.0878 6096 x10nets ( UnsignedFile.Multi.Generic ) - warning
23:56:06.0878 6096 x10nets - detected UnsignedFile.Multi.Generic (1)
23:56:06.0878 6096 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
23:56:06.0894 6096 XUIF - ok
23:56:06.0909 6096 ================ Scan global ===============================
23:56:06.0972 6096 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:56:06.0987 6096 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:56:07.0018 6096 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:56:07.0050 6096 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:56:07.0050 6096 [Global] - ok
23:56:07.0050 6096 ================ Scan MBR ==================================
23:56:07.0065 6096 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:56:07.0471 6096 \Device\Harddisk0\DR0 - ok
23:56:07.0518 6096 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
23:56:07.0596 6096 \Device\Harddisk1\DR1 - ok
23:56:07.0596 6096 ================ Scan VBR ==================================
23:56:07.0611 6096 [ 91624FFF3E7E790527C2ABA9C18B7C17 ] \Device\Harddisk0\DR0\Partition1
23:56:07.0611 6096 \Device\Harddisk0\DR0\Partition1 - ok
23:56:07.0611 6096 [ D491D77E5C0E73B0C53AE159820BF6B3 ] \Device\Harddisk0\DR0\Partition2
23:56:07.0611 6096 \Device\Harddisk0\DR0\Partition2 - ok
23:56:07.0627 6096 [ DCD60B126F6DA7FAC3675CFC13FEFB25 ] \Device\Harddisk1\DR1\Partition1
23:56:07.0627 6096 \Device\Harddisk1\DR1\Partition1 - ok
23:56:07.0627 6096 ============================================================
23:56:07.0627 6096 Scan finished
23:56:07.0627 6096 ============================================================
23:56:07.0627 5960 Detected object count: 19
23:56:07.0627 5960 Actual detected object count: 19
23:56:39.0622 5960 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 AVM WLAN Connection Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 avmeject ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 avmeject ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 CHIPDRIVE USB SmartCardReader ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 CHIPDRIVE USB SmartCardReader ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 ElbyCDIO ( ForgedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 ElbyCDIO ( ForgedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 GnabService ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 GnabService ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 libusb0 ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 libusb0 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 libusbd ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 libusbd ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:56:39.0622 5960 srvcPVR ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0622 5960 srvcPVR ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 TVECapSvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 TVECapSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 TVESched ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 TVESched ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 TwkMs ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 TwkMs ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 TwkPCSC ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 TwkPCSC ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 TWKPNP ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 TWKPNP ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 TWKSCARDSRV ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 TWKSCARDSRV ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 TWKSER2K ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 TWKSER2K ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:56:39.0638 5960 x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
23:56:39.0638 5960 x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip
Geändert von cosinus (26.10.2012 um 12:22 Uhr) Grund: CODE-Tags... |
|
26.10.2012, 12:40
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes meldet ccleaner.exe sei infiziert? Bitte nun Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten. GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus. aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
26.10.2012, 16:03
| #10 |
| | Malewarebytes meldet ccleaner.exe sei infiziert? Hallo cosinus. MBR ist durch und hängt an. GMER stürzte ab. Abgesicherter Neustart lies es laufen. Es endete und machte sofort nen Neustart!? Log kann ich nicht finden. Was nu? Dank und Gruß aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software Run date: 2012-10-26 15:32:54 ----------------------------- 15:32:54.794 OS Version: Windows 6.0.6002 Service Pack 2 15:32:54.794 Number of processors: 4 586 0xF0B 15:32:54.794 ComputerName: TIM-PC UserName: TIM 15:33:19.860 Initialize success 15:34:36.290 AVAST engine defs: 12102600 15:35:03.543 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 15:35:03.543 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3 15:35:03.559 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2 15:35:03.559 Disk 1 Vendor: ST350082 SD45 Size: 476940MB BusType: 3 15:35:03.574 Disk 0 MBR read successfully 15:35:03.574 Disk 0 MBR scan 15:35:03.605 Disk 0 Windows VISTA default MBR code 15:35:03.621 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 456455 MB offset 2048 15:35:03.621 Disk 0 Partition - 00 0F Extended LBA 20481 MB offset 934822350 15:35:03.652 Disk 0 Partition 2 00 0B FAT32 MSDOS5.0 20481 MB offset 934822413 15:35:03.652 Disk 0 scanning sectors +976768065 15:35:03.699 Disk 0 scanning C:\Windows\system32\drivers 15:35:12.139 Service scanning 15:35:25.820 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32 15:35:31.327 Modules scanning 15:35:35.133 Disk 0 trace - called modules: 15:35:35.149 ntkrnlpa.exe CLASSPNP.SYS disk.sys iaStor.sys spby.sys hal.dll >>UNKNOWN [0x8577a938]<< 15:35:35.149 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x863d4350] 15:35:35.164 3 CLASSPNP.SYS[8a99f8b3] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x8586f028] 15:35:38.066 AVAST engine scan C:\Windows 15:35:42.434 AVAST engine scan C:\Windows\system32 15:38:33.763 AVAST engine scan C:\Windows\system32\drivers 15:38:56.430 AVAST engine scan C:\Users\TIM 15:46:53.550 AVAST engine scan C:\ProgramData 15:47:44.562 Scan finished successfully 15:48:42.594 Disk 0 MBR has been saved successfully to "C:\Users\TIM\Desktop\MBR.dat" 15:48:42.594 The log file has been saved successfully to "C:\Users\TIM\Desktop\aswMBR.txt" Hi cosinus. Jetzt hat es doch beim xten Mal im abgesicherten Modus geklappt. S.u. LG GMER Logfile: Code:
ATTFilter GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2012-10-26 20:08:30
Windows 6.0.6002 Service Pack 2 Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD50 rev.01.0
Running: m0ifup2h.exe; Driver: C:\Users\TIM\AppData\Local\Temp\pfldipow.sys
---- System - GMER 1.0.15 ----
INT 0x52 ? 863E7CB0
INT 0x72 ? 863E7CB0
INT 0x72 ? 863E7CB0
INT 0x72 ? 863E7CB0
INT 0x82 ? 863E7CB0
INT 0x92 ? 85809BF8
INT 0x92 ? 863E7CB0
INT 0x92 ? 863E7CB0
INT 0x92 ? 85809BF8
INT 0xA2 ? 863E7CB0
---- Kernel code sections - GMER 1.0.15 ----
? System32\Drivers\spvx.sys Das System kann den angegebenen Pfad nicht finden. !
.text USBPORT.SYS!DllUnload 8E90341B 5 Bytes JMP 863E7290
.text aeqvjz4i.SYS 8EC0C000 22 Bytes [82, E3, 21, 82, 6C, E2, 21, ...]
.text aeqvjz4i.SYS 8EC0C017 159 Bytes [00, 32, B7, 59, 8A, 3D, B5, ...]
.text aeqvjz4i.SYS 8EC0C0B7 22 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text aeqvjz4i.SYS 8EC0C0CE 80 Bytes [00, 00, 26, 00, 00, 00, E0, ...]
.text aeqvjz4i.SYS 8EC0C11F 194 Bytes [7E, 38, 40, 39, 82, 3B, C4, ...]
.text ...
---- Kernel IAT/EAT - GMER 1.0.15 ----
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8A4A2048] \SystemRoot\System32\Drivers\spvx.sys
---- User IAT/EAT - GMER 1.0.15 ----
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [746C7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [7470B4E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [746CBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [746BF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [746C75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [746BE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [746F73F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [746CDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [746BFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [746BFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [746B71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7474CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [746EC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [746BD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [746B6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [746B687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1040] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [746C2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18581_none_9e591052ca1013d0\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
---- Devices - GMER 1.0.15 ----
Device \FileSystem\Ntfs \Ntfs 8580A1F8
Device \FileSystem\fastfat \FatCdrom 86815500
Device \Driver\volmgr \Device\VolMgrControl 858071F8
Device \Driver\usbuhci \Device\USBPDO-0 863FB1F8
Device \Driver\usbuhci \Device\USBPDO-1 863FB1F8
Device \Driver\usbuhci \Device\USBPDO-2 863FB1F8
Device \Driver\usbehci \Device\USBPDO-3 863FC1F8
Device \Driver\usbuhci \Device\USBPDO-4 863FB1F8
Device \Driver\usbuhci \Device\USBPDO-5 863FB1F8
Device \Driver\usbuhci \Device\USBPDO-6 863FB1F8
Device \Driver\PCI_PNP6774 \Device\00000057 spvx.sys
Device \Driver\volmgr \Device\HarddiskVolume1 858071F8
Device \Driver\usbehci \Device\USBPDO-7 863FC1F8
Device \Driver\cdrom \Device\CdRom0 865211F8
Device \Driver\volmgr \Device\HarddiskVolume2 858071F8
Device \Driver\iaStor \Device\Ide\iaStor0 [8A734580] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [8A734580] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-1 [8A734580] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\iaStor \Device\Ide\IAAStorageDevice-2 [8A734580] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\cdrom \Device\CdRom1 865211F8
Device \Driver\volmgr \Device\HarddiskVolume3 858071F8
Device \Driver\cdrom \Device\CdRom2 865211F8
Device \Driver\volmgr \Device\HarddiskVolume4 858071F8
Device \Driver\cdrom \Device\CdRom3 865211F8
Device \Driver\volmgr \Device\HarddiskVolume5 858071F8
Device \Driver\cdrom \Device\CdRom4 865211F8
Device \Driver\volmgr \Device\HarddiskVolume6 858071F8
Device \Driver\USBSTOR \Device\00000077 867C9500
Device \Driver\USBSTOR \Device\00000078 867C9500
Device \Driver\USBSTOR \Device\00000079 867C9500
Device \Driver\iScsiPrt \Device\RaidPort0 865391F8
Device \Driver\usbuhci \Device\USBFDO-0 863FB1F8
Device \Driver\sptd \Device\2620006784 spvx.sys
Device \Driver\USBSTOR \Device\0000007a 867C9500
Device \Driver\usbuhci \Device\USBFDO-1 863FB1F8
Device \Driver\usbuhci \Device\USBFDO-2 863FB1F8
Device \Driver\usbehci \Device\USBFDO-3 863FC1F8
Device \Driver\usbuhci \Device\USBFDO-4 863FB1F8
Device \Driver\usbuhci \Device\USBFDO-5 863FB1F8
Device \Driver\usbuhci \Device\USBFDO-6 863FB1F8
Device \Driver\usbehci \Device\USBFDO-7 863FC1F8
Device \Driver\aeqvjz4i \Device\Scsi\aeqvjz4i1 865221F8
Device \Driver\aeqvjz4i \Device\Scsi\aeqvjz4i1Port2Path0Target3Lun0 865221F8
Device \Driver\aeqvjz4i \Device\Scsi\aeqvjz4i1Port2Path0Target0Lun0 865221F8
Device \Driver\aeqvjz4i \Device\Scsi\aeqvjz4i1Port2Path0Target2Lun0 865221F8
Device \Driver\aeqvjz4i \Device\Scsi\aeqvjz4i1Port2Path0Target1Lun0 865221F8
Device \FileSystem\fastfat \Fat 86815500
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys (Microsoft Dateisystem-Filter-Manager/Microsoft Corporation)
Device \FileSystem\cdfs \Cdfs 863EA1F8
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x3C 0x45 0xE7 0x0A ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB1 0x36 0xEA 0xB8 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x68 0x25 0x99 0x14 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xB4 0x7C 0xAF 0x0D ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x12 0x97 0x87 0x90 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x89 0xF8 0x7D 0x77 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x3C 0x45 0xE7 0x0A ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0xB1 0x36 0xEA 0xB8 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x68 0x25 0x99 0x14 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0xB4 0x7C 0xAF 0x0D ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x12 0x97 0x87 0x90 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0x89 0xF8 0x7D 0x77 ...
Reg HKLM\SOFTWARE\Classes\CLSID\{B6A930A0-A4F5-43A5-9B4E-6189A6C2B9E8}@d!s!s!j!j!`!`!r!t!t!t!d!i!`!s!\24! 19583823
---- EOF - GMER 1.0.15 ----
|
|
26.10.2012, 21:36
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes meldet ccleaner.exe sei infiziert? Ok, eine Kontrolle bitte:
Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.10.2012, 18:23
| #12 |
| | Malewarebytes meldet ccleaner.exe sei infiziert? OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.10.2012 19:14:26 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,77% Memory free
6,21 Gb Paging File | 4,21 Gb Available in Paging File | 67,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 387,27 Gb Free Space | 86,88% Space Free | Partition Type: NTFS
Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32
Drive N: | 465,76 Gb Total Space | 213,77 Gb Free Space | 45,90% Space Free | Partition Type: NTFS
Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [UnzipThemAll] -- "C:\Program Files\UnzipThemAll\UnzipThemAll.exe" "%1" (Hervé Thouzard)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009699C5-57E6-46FA-9601-64035CDA6579}" = rport=10243 | protocol=6 | dir=out | app=system |
"{02B19D77-266C-4116-8326-E080DC71949A}" = rport=139 | protocol=6 | dir=out | app=system |
"{0E01D114-3B35-42D3-864F-9F08D9DDE325}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{106933CF-BA83-4CEB-BC6A-CAAA2146AD95}" = rport=137 | protocol=17 | dir=out | app=system |
"{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{1EB86C72-6671-44C5-9281-0A2B9C738160}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25A4CA32-8173-4909-A12D-62F5583DC3DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{356F29C8-6299-4BC6-9DE6-ED280856E373}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B3C08F6-C4D1-459E-85D0-4D467343FF3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F3ECE08-D866-4AD0-858C-4C64EE7D03CE}" = rport=138 | protocol=17 | dir=out | app=system |
"{4B05DD1F-BAE6-4BC0-9662-FDD97F169F4B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53B8359E-D36F-4F47-98C9-CE1F362511A4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{594FD98C-C8CA-40BD-994F-9A6BD1C5B728}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5956E2AB-C49E-4F1E-A87D-00C196C7A5E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63032B01-18C9-4B1C-AB68-82E4912F85DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7252BD88-2EC6-4C4E-8E49-821D4D2DD930}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{73F5FA9B-47D2-484D-8157-FB58202796D2}" = lport=137 | protocol=17 | dir=in | app=system |
"{7E76F2BF-9655-41A7-8E60-8127D8BB1062}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D44297F-DA5E-457A-A0AB-7356DA4B8A1D}" = rport=1723 | protocol=6 | dir=out | app=system |
"{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{92962189-9CF4-4E1A-828D-5CEAF54C497E}" = lport=138 | protocol=17 | dir=in | app=system |
"{9317E70F-B91F-41BF-9228-25AA224D3914}" = lport=445 | protocol=6 | dir=in | app=system |
"{95772350-19D1-43F0-BBC2-C12252AD3AA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BD1BE4F-EA1C-48D5-83FD-5B012C1ED070}" = rport=445 | protocol=6 | dir=out | app=system |
"{9DE8496F-EDC6-4D27-8240-479FE06E84AD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A9B035F7-1AC4-4845-AEDD-0676409F1A82}" = rport=1701 | protocol=17 | dir=out | app=system |
"{B550BCBD-7EDB-40EE-BD18-23F8C294FA8A}" = lport=1723 | protocol=6 | dir=in | app=system |
"{C86E5EA4-B9DE-46F5-8023-71A381104FE4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C901F090-AD82-4546-B5A3-7FACC1582659}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CB249367-3037-42D1-8398-2EAB631FDAFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D48767FB-CBB3-47DB-B32E-1C5229B96A19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7C6D559-003B-457B-B704-648EB478A8BC}" = lport=1701 | protocol=17 | dir=in | app=system |
"{F8160F25-D3EE-428F-9E6F-B27C15A53895}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049D8063-B1A1-453D-8E8C-641915077263}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107FDF09-5668-4C39-B6C2-AE0CCC02FC46}" = protocol=6 | dir=out | app=system |
"{15B8E0E7-A20F-4CA8-A60B-73186071F47E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20028EB4-015E-45BB-9BF4-0FA2400C87E5}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{23141A48-3CA1-44E7-80E9-5BC4993C0C06}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{30320846-E6FF-40B3-BBEE-1DB9405D337C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3CB17FFF-E1E3-4A49-9A93-35E4D3B8324B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44459E08-CB2F-4496-A48F-ABB8A863FF63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F729969-C49F-48A4-9793-386678AD269C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{63ACEDD0-E493-454A-BF57-762ECA97EB53}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{700753F8-0BC6-469F-8CAE-6069CDCC0371}" = dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{73A07CE6-080D-427A-BC85-512F9317C404}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73C75508-F1BD-4A28-BB67-56C57C79A573}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{7D17CE5A-AB47-44FF-81FD-413FC8FD79E2}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{862A87AE-FEBD-498A-BCE4-D11C1C415E06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E3061DA-46FD-46E9-840D-25DBA16D30C2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A82DA86D-AA7E-460D-A5FF-A843C7F52EB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5A9E8A1-4646-41C1-919A-CCC1FC15FCEF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BEB8776E-1940-443C-B0CB-5C7603B59201}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CABE30E3-6097-46BD-B413-C4FDA9D7B423}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{EDCBD877-8AD3-4C88-B35E-10478C257DE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F16DA657-8928-4778-8937-BB90910F5002}" = dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{FB0CBA55-13A8-40B5-8221-598E452745FE}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{FD71DFC9-4F00-4D29-9CF7-0358D90EA796}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{00B83EF6-D298-4114-8DD8-31E663638168}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{1905459F-A6A5-4FDC-9D30-FAB14546B545}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{418F097D-401B-4BA1-9662-E45ED29F5918}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"TCP Query User{432CE6B8-B6A6-4FAA-9A18-013BDD739706}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0DC4FA62-F5F6-49D6-8618-01E50FD67A27}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"UDP Query User{544927E7-5267-402F-80A6-60961B85149A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{78AA94A3-AF76-476C-AE1D-F16D8526E9C5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9E94EC24-F753-47B9-9AEF-7A69AA3EEA65}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}" = TVsweeper 3
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE VCD
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"{AA898D01-D4E3-43C6-8E25-70CA660B9F16}" = CHIPDRIVE extern/intern/micro treiber 3.1
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF118D79-F61B-4379-A059-5A3250324326}" = SCR3xxx Smart Card Reader
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"Chipcardmaster_is1" = Chipcardmaster 7.04
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"EOS USB WIA Driver" = EOS USB WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"InstallShield_{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IsoBuster_is1" = IsoBuster 3.0
"LetsTrade" = LetsTrade Komponenten
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"phase-6" = phase-6 2.3.1d
"phase-6 Feeding Tool" = phase-6 Feeding Tool 1.1.4
"PROSetDX" = Intel(R) Network Connections 13.5.32.0
"RarZilla Free Unrar" = RarZilla Free Unrar
"RealPlayer 6.0" = RealPlayer
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"TwkSCard" = CHIPDRIVE - Gerätetreiber V2.14.41
"UnzipThemAll_is1" = UnzipThemAll 1.3
"VLC media player" = VLC media player 2.0.3
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"X10Hardware" = X10 Hardware(TM)
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zak McKracken - Between Time and Space" = Zak McKracken - Between Time and Space
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.10.2012 02:51:52 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x13cc, Anwendungsstartzeit
01cdae8f62745d50.
Error - 20.10.2012 02:52:14 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:45:28 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1268, Anwendungsstartzeit
01cdaed18a4525e7.
Error - 20.10.2012 10:45:55 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:47:07 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4,
Zeitstempel 0x5059905e, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel
0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x01d39b50, Prozess-ID 0x97c,
Anwendungsstartzeit 01cdaed166bda897.
Error - 20.10.2012 12:38:35 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1130, Anwendungsstartzeit
01cdaee156e69858.
Error - 20.10.2012 12:38:46 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ehRecvr.exe, Version 6.0.6001.18000, Zeitstempel
0x47919381, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00066626, Prozess-ID 0x137c, Anwendungsstartzeit
01cdaee15d4c90a8.
Error - 20.10.2012 12:39:39 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2012 05:13:56 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2012 05:15:08 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1304, Anwendungsstartzeit
01cdaf6c8f3c9e3f.
[ Media Center Events ]
Error - 25.03.2008 14:36:13 | Computer Name = Robin-PC | Source = ehRecvr | ID = 3
Description =
Error - 23.01.2009 12:44:33 | Computer Name = Robin-PC | Source = ehSched | ID = 5
Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80080005
[ System Events ]
Error - 26.10.2012 14:09:24 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 26.10.2012 14:09:33 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 26.10.2012 14:12:42 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.10.2012 14:12:42 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 26.10.2012 16:50:17 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.10.2012 16:50:17 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 05:26:09 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 05:26:09 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 06:32:45 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 06:32:45 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.10.2012 19:14:26 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,77% Memory free 6,21 Gb Paging File | 4,21 Gb Available in Paging File | 67,87% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 445,76 Gb Total Space | 387,27 Gb Free Space | 86,88% Space Free | Partition Type: NTFS Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32 Drive N: | 465,76 Gb Total Space | 213,77 Gb Free Space | 45,90% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\TIM\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net) PRC - C:\Windows\SCARDS32.EXE (SCM Microsystems) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Thunderbird\mozjs.dll () MOD - C:\Programme\Mozilla Thunderbird\nsldap32v60.dll () MOD - C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () ========== Services (SafeList) ========== SRV - (GnabService) -- c:\program files\common files\gnab\service\servicecontroller.exe File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (TVECapSvc) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe () SRV - (TVESched) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe () SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (libusbd) -- C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net) SRV - (TWKSCARDSRV) -- C:\Windows\SCARDS32.EXE (SCM Microsystems) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys File not found DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found DRV - (catchme) -- C:\ComboFix\catchme.sys File not found DRV - (alji662w) -- File not found DRV - (A2DDA) -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys File not found DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (SCR3XX2K) -- C:\Windows\System32\drivers\SCR3XX2K.sys (SCM Microsystems Inc.) DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation) DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (NXP Semiconductors Germany GmbH) DRV - (s217unic) -- C:\Windows\System32\drivers\s217unic.sys (MCCI) DRV - (s217mgmt) -- C:\Windows\System32\drivers\s217mgmt.sys (MCCI Corporation) DRV - (s217obex) -- C:\Windows\System32\drivers\s217obex.sys (MCCI Corporation) DRV - (s217nd5) -- C:\Windows\System32\drivers\s217nd5.sys (MCCI Corporation) DRV - (s217mdm) -- C:\Windows\System32\drivers\s217mdm.sys (MCCI Corporation) DRV - (s217bus) -- C:\Windows\System32\drivers\s217bus.sys (MCCI Corporation) DRV - (s217mdfl) -- C:\Windows\System32\drivers\s217mdfl.sys (MCCI Corporation) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (EthDriver) -- C:\Windows\System32\drivers\DLKRT32.sys (D-Link Corp.) DRV - (WINFLASH) -- C:\Medion\WinFlash.sys () DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (CHIPDRIVE USB SmartCardReader) -- C:\Windows\System32\drivers\TwkUsb2K.sys (SCM Microsystems Inc.) DRV - (libusb0) -- C:\Windows\System32\drivers\libusb0.sys () DRV - (TWKSER2K) -- C:\Windows\System32\drivers\TWKSER2K.sys (SCM Microsystems Inc.) DRV - (TwkPCSC) -- C:\Windows\System32\drivers\TWKPCSC.SYS (Towitoko AG) DRV - (TWKPNP) -- C:\Windows\System32\drivers\TWKPNP.SYS (Towitoko AG) DRV - (TwkMs) -- C:\Windows\System32\drivers\TWKMS.SYS (Towitoko AG) DRV - (CA561) -- C:\Windows\System32\drivers\SPCA561.SYS (SP) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/ IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/ IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.02.19 14:52:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.18 13:18:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.18 13:16:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.10.19 14:29:02 | 000,000,000 | ---D | M] [2012.10.18 13:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.27 18:43:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions [2012.10.27 18:43:45 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.10.27 18:43:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.10.25 21:54:07 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{575D3576-698F-4DFB-9FC5-1905460B78C5}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEE6A5AB-FE86-4756-951D-03A58BB529EF}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6C86ACC-9D86-48DA-9444-166FFE310E11}: DhcpNameServer = 192.168.178.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O24 - Desktop WallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.10.27 13:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2012.10.27 11:35:18 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012.10.27 11:35:13 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2012.10.27 11:35:13 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.10.27 11:35:12 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.10.27 11:35:12 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.10.27 11:35:12 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012.10.27 11:35:12 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.10.27 11:35:12 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.10.27 11:35:12 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.10.27 11:35:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.10.26 23:24:56 | 000,000,000 | ---D | C] -- N:\Documents\samsung [2012.10.26 23:22:13 | 000,000,000 | ---D | C] -- N:\Documents\Nutz [2012.10.26 23:22:13 | 000,000,000 | ---D | C] -- N:\Documents\My Games [2012.10.26 23:22:13 | 000,000,000 | ---D | C] -- N:\Documents\Anti-Malware [2012.10.26 15:26:59 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\TIM\Desktop\aswMBR.exe [2012.10.25 23:53:13 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\TIM\Desktop\tdsskiller.exe [2012.10.25 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\temp [2012.10.25 21:56:50 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2012.10.25 21:56:50 | 000,000,000 | ---D | C] -- \$RECYCLE.BIN [2012.10.25 21:43:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.10.25 21:43:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.10.25 21:43:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.10.25 21:43:39 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.10.25 21:43:39 | 000,000,000 | ---D | C] -- \Qoobox [2012.10.25 21:43:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.10.25 21:37:17 | 004,988,534 | R--- | C] (Swearware) -- C:\Users\TIM\Desktop\ComboFix.exe [2012.10.25 17:04:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.23 13:42:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2012.10.23 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.10.22 22:46:32 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Chromium [2012.10.22 19:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012.10.20 16:53:08 | 000,000,000 | ---D | C] -- C:\Users\TIM\.swt [2012.10.20 10:55:57 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012.10.20 10:55:57 | 000,000,000 | ---D | C] -- \Config.Msi [2012.10.19 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\CANON_INC [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2012.10.19 17:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Immersion [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Total Immersion [2012.10.18 17:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012.10.18 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.18 13:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.10.18 13:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.18 13:06:09 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.18 13:06:09 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.18 13:06:09 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.18 13:06:09 | 010,837,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.18 13:06:09 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.18 13:06:09 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.18 13:06:09 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.18 13:06:09 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.18 13:06:09 | 000,888,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.18 12:49:57 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.10.18 12:49:57 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.10.18 12:18:14 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:18:14 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:16:52 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 11:36:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2012.10.18 11:36:41 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.10.18 11:36:41 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.10.14 17:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012.10.14 16:24:49 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Corporation [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Windows Live [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2012.10.13 11:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe(4) [2012.10.13 10:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.12 15:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(45) [2012.10.09 14:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2012.10.09 14:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013 [2012.10.09 14:57:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2012.10.08 21:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.07 22:09:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2012.10.07 21:50:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2012.10.07 21:50:34 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Samsung [2012.10.07 21:45:07 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2012.10.07 21:41:50 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Downloaded Installations [2012.10.06 11:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems [2012.10.05 21:01:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.10.05 16:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\PC TuneUp Tools [2012.10.04 10:30:36 | 000,000,000 | ---D | C] -- C:\Users\TIM\Desktop\SD Cards [2012.10.02 18:09:44 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.10.02 17:18:57 | 000,054,776 | ---- | C] (Codejock Software) -- C:\Windows\System32\cjResource.dll [2012.10.02 17:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\EGK Viewer [2012.10.02 16:58:01 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx [2012.10.02 16:58:01 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6de.dll [2012.10.02 16:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chipcardmaster [2012.10.02 16:58:00 | 000,059,392 | ---- | C] (Bjørnar Henden) -- C:\Windows\isxdl.dll [2012.10.02 16:58:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\gzip.dll [2012.10.02 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Chipcardmaster [2012.10.02 16:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster [2012.10.02 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Projects [2012.10.02 13:15:52 | 000,430,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.09.30 12:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.09.30 12:34:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.09.29 20:49:33 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Oblivion [2012.09.29 20:27:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012.09.29 20:21:47 | 002,557,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.09.29 20:21:47 | 000,062,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.09.29 20:21:12 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2012.09.29 20:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.09.29 20:20:05 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.09.29 20:20:05 | 001,009,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.09.29 20:20:05 | 000,883,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll [2012.09.29 20:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.09.29 20:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- C:\Medion [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- \Medion [2012.09.29 18:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2012.09.29 17:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2012.09.29 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\.phase-6 [2012.09.29 15:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6 [2012.09.29 15:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase6 [2012.09.29 15:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\phase-6 [2012.09.29 15:13:27 | 000,000,000 | ---D | C] -- C:\Users\TIM\Hörbücher [2012.09.29 11:12:45 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Games [2012.09.29 00:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2012.09.28 23:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2012.09.28 23:34:19 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Macromedia [2012.09.28 23:28:04 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.09.28 23:28:04 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.09.28 23:22:32 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.09.28 22:51:05 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.09.28 22:27:40 | 000,320,512 | ---- | C] (SCM Microsystems) -- C:\Windows\System32\TWKDIAG.CPL [2012.09.28 22:27:40 | 000,264,192 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDS32.EXE [2012.09.28 22:27:40 | 000,259,584 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDSRV.EXE [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CT32.DLL [2012.09.28 22:27:40 | 000,070,656 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV32.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CT.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDLL32.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (SCM Microsystems) -- C:\Windows\GEN_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_NT.DLL [2012.09.28 22:27:40 | 000,058,368 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD32.DLL [2012.09.28 22:27:40 | 000,052,736 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV.DLL [2012.09.28 22:27:40 | 000,041,728 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDRVDLL.DLL [2012.09.28 22:27:40 | 000,037,376 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD.DLL [2012.09.28 22:27:40 | 000,012,906 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKUSB.SYS [2012.09.28 22:27:40 | 000,011,676 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPCSC.SYS [2012.09.28 22:27:40 | 000,005,550 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPNP.SYS [2012.09.28 22:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIPDRIVE [2012.09.28 22:27:38 | 000,864,851 | ---- | C] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 21:43:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012.09.28 21:41:53 | 000,230,912 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM9C.DLL [2012.09.28 21:41:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll [2012.09.28 21:40:24 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2012.09.28 21:40:08 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012.09.28 21:40:06 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2012.09.28 21:39:27 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012.09.28 21:39:27 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012.09.28 21:39:27 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012.09.28 21:39:27 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012.09.28 21:39:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012.09.28 21:39:23 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2012.09.28 21:39:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012.09.28 21:39:22 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012.09.28 21:38:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012.09.28 21:27:22 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2012.09.28 21:12:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012.09.28 21:12:10 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012.09.28 21:11:36 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012.09.28 21:11:36 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012.09.28 21:11:36 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012.09.28 21:11:15 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012.09.28 21:11:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012.09.28 21:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.28 21:07:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.28 21:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.09.28 21:04:21 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SCM Microsystems CHIPDRIVE Tools [2012.09.28 19:57:09 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Apple [2012.09.28 19:39:42 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Thunderbird [2012.09.28 19:33:37 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Mozilla [2012.09.28 19:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN [2012.09.28 19:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\avmwlanstick [2012.09.28 19:28:47 | 000,004,352 | R--- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmeject.sys [2012.09.28 19:26:38 | 000,586,752 | ---- | C] (AVM GmbH) -- C:\Windows\System32\drivers\fwlanusbn.sys [2012.09.28 19:26:38 | 000,078,336 | ---- | C] (AVM Berlin) -- C:\Windows\System32\fwusbnci.dll [2012.09.28 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Adobe [2012.09.28 19:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.09.28 19:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.09.28 19:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012.09.28 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup [2012.09.28 19:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.09.28 19:09:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.09.28 19:09:25 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.09.28 19:09:25 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.09.28 19:09:25 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.09.28 19:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- C:\.fseventsd [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- \.fseventsd [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.27 19:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.27 19:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C14BE3A1-7541-42F6-935E-22B317B092E6}.job [2012.10.27 19:13:59 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B06D0B9E-F49B-4947-82CA-302808DCB46D}.job [2012.10.27 18:31:30 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.27 18:31:30 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.27 13:32:09 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk [2012.10.27 13:31:52 | 000,706,256 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.27 13:31:52 | 000,661,242 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.27 13:31:52 | 000,160,122 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.27 13:31:52 | 000,130,998 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.27 12:31:33 | 000,000,260 | ---- | M] () -- C:\Windows\scardsrv.ini [2012.10.27 12:31:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.27 12:31:02 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.26 20:11:22 | 000,372,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.26 17:10:23 | 306,100,628 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.10.26 15:48:42 | 000,000,512 | ---- | M] () -- C:\Users\TIM\Desktop\MBR.dat [2012.10.26 15:27:06 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\TIM\Desktop\aswMBR.exe [2012.10.26 15:26:42 | 000,302,592 | ---- | M] () -- C:\Users\TIM\Desktop\m0ifup2h.exe [2012.10.25 23:53:16 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\TIM\Desktop\tdsskiller.exe [2012.10.25 21:54:07 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.10.25 21:37:51 | 004,988,534 | R--- | M] (Swearware) -- C:\Users\TIM\Desktop\ComboFix.exe [2012.10.25 17:04:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.23 16:18:51 | 000,018,944 | ---- | M] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.10.20 16:52:58 | 000,001,062 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.10.20 16:52:58 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | M] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 14:27:33 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 12:16:40 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 12:16:38 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:16:38 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.10.18 12:16:38 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:15:34 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.18 12:15:34 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.17 00:12:24 | 000,192,907 | ---- | M] () -- N:\Documents\Picture 1.jpg [2012.10.08 19:02:30 | 000,004,464 | ---- | M] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:48:25 | 000,000,595 | ---- | M] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.07 14:31:13 | 000,002,176 | ---- | M] () -- C:\Windows\HBCIKRNL.INI [2012.10.03 00:20:00 | 019,906,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.03 00:20:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.03 00:20:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.10.03 00:20:00 | 012,501,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.03 00:20:00 | 010,837,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.03 00:20:00 | 007,697,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.03 00:20:00 | 006,127,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.03 00:20:00 | 002,574,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.03 00:20:00 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2012.10.03 00:20:00 | 001,867,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.03 00:20:00 | 001,009,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.10.03 00:20:00 | 000,888,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.03 00:20:00 | 000,012,865 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2012.10.02 21:29:41 | 002,557,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.10.02 21:29:41 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2012.10.02 21:29:41 | 000,062,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.10.02 21:29:22 | 002,853,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2012.10.02 21:28:53 | 003,965,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2012.10.02 18:09:44 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | M] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 13:15:52 | 000,430,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:48:05 | 000,032,514 | ---- | M] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:28:02 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.29 18:12:14 | 000,000,450 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | M] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 10:53:03 | 000,031,420 | ---- | M] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 23:19:18 | 000,000,680 | RHS- | M] () -- C:\Users\TIM\ntuser.pol [2012.09.28 22:27:46 | 000,002,776 | ---- | M] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:38 | 000,864,851 | ---- | M] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 19:10:13 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | M] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | M] () -- C:\._.DS_Store [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.27 13:32:09 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk [2012.10.26 23:22:13 | 000,192,907 | ---- | C] () -- N:\Documents\Picture 1.jpg [2012.10.26 16:08:40 | 306,100,628 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.10.26 15:48:42 | 000,000,512 | ---- | C] () -- C:\Users\TIM\Desktop\MBR.dat [2012.10.26 15:26:42 | 000,302,592 | ---- | C] () -- C:\Users\TIM\Desktop\m0ifup2h.exe [2012.10.25 21:43:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.10.25 21:43:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.10.25 21:43:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.10.25 21:43:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.10.25 21:43:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.10.22 12:33:55 | 000,372,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.20 16:52:58 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | C] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 13:16:04 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.10.18 12:49:56 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 11:32:21 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.08 19:02:28 | 000,004,464 | ---- | C] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:49:29 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012.10.08 00:49:29 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012.10.08 00:49:29 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax [2012.10.08 00:48:25 | 000,000,595 | ---- | C] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.05 21:01:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.02 18:09:44 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 16:58:00 | 000,001,263 | ---- | C] () -- C:\Windows\isxdlge2.ini [2012.09.30 18:15:04 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:47:56 | 000,032,514 | ---- | C] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:20:05 | 000,012,865 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2012.09.29 18:05:51 | 000,000,450 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 15:20:59 | 000,001,062 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | C] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 12:40:47 | 000,018,944 | ---- | C] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.29 10:52:59 | 000,031,420 | ---- | C] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 22:27:46 | 000,002,776 | ---- | C] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:41 | 000,000,260 | ---- | C] () -- C:\Windows\scardsrv.ini [2012.09.28 21:08:05 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.28 21:04:30 | 000,002,176 | ---- | C] () -- C:\Windows\HBCIKRNL.INI [2012.09.28 19:28:53 | 000,013,189 | R--- | C] () -- C:\Windows\instwcli.inf [2012.09.28 19:26:38 | 000,015,565 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin [2012.09.28 19:19:33 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.28 19:18:54 | 000,001,806 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.09.28 19:10:13 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- \.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- C:\._.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- \._.DS_Store [2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.09.25 21:22:29 | 000,000,091 | ---- | C] () -- C:\Users\TIM\AppData\Local\fusioncache.dat [2012.09.25 21:22:06 | 000,000,680 | RHS- | C] () -- C:\Users\TIM\ntuser.pol [2012.09.25 19:36:15 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI [2010.01.30 18:52:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.02.19 15:33:15 | 000,000,512 | ---- | C] () -- \TVE.iss [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008.02.19 12:09:21 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2008.02.19 12:09:20 | 000,333,257 | RHS- | C] () -- \bootmgr [2006.11.02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006.11.02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/code] |
|
27.10.2012, 18:24
| #13 |
| | Malewarebytes meldet ccleaner.exe sei infiziert? OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 27.10.2012 19:14:26 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,77% Memory free
6,21 Gb Paging File | 4,21 Gb Available in Paging File | 67,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 445,76 Gb Total Space | 387,27 Gb Free Space | 86,88% Space Free | Partition Type: NTFS
Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32
Drive N: | 465,76 Gb Total Space | 213,77 Gb Free Space | 45,90% Space Free | Partition Type: NTFS
Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
[HKEY_USERS\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [UnzipThemAll] -- "C:\Program Files\UnzipThemAll\UnzipThemAll.exe" "%1" (Hervé Thouzard)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009699C5-57E6-46FA-9601-64035CDA6579}" = rport=10243 | protocol=6 | dir=out | app=system |
"{02B19D77-266C-4116-8326-E080DC71949A}" = rport=139 | protocol=6 | dir=out | app=system |
"{0E01D114-3B35-42D3-864F-9F08D9DDE325}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{106933CF-BA83-4CEB-BC6A-CAAA2146AD95}" = rport=137 | protocol=17 | dir=out | app=system |
"{16DA6AE4-DBA7-4F58-91FD-C8AACA268B63}" = lport=1900 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server upnp discovery |
"{1EB86C72-6671-44C5-9281-0A2B9C738160}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{25A4CA32-8173-4909-A12D-62F5583DC3DE}" = lport=139 | protocol=6 | dir=in | app=system |
"{356F29C8-6299-4BC6-9DE6-ED280856E373}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3B3C08F6-C4D1-459E-85D0-4D467343FF3F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F3ECE08-D866-4AD0-858C-4C64EE7D03CE}" = rport=138 | protocol=17 | dir=out | app=system |
"{4B05DD1F-BAE6-4BC0-9662-FDD97F169F4B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{53B8359E-D36F-4F47-98C9-CE1F362511A4}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{594FD98C-C8CA-40BD-994F-9A6BD1C5B728}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{5956E2AB-C49E-4F1E-A87D-00C196C7A5E2}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{63032B01-18C9-4B1C-AB68-82E4912F85DD}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7252BD88-2EC6-4C4E-8E49-821D4D2DD930}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{73F5FA9B-47D2-484D-8157-FB58202796D2}" = lport=137 | protocol=17 | dir=in | app=system |
"{7E76F2BF-9655-41A7-8E60-8127D8BB1062}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8D44297F-DA5E-457A-A0AB-7356DA4B8A1D}" = rport=1723 | protocol=6 | dir=out | app=system |
"{8F2DF4FC-FD1C-4C40-8622-BE3D64349693}" = lport=9442 | protocol=17 | dir=in | name=intel(r) viiv(tm) media server discovery |
"{92962189-9CF4-4E1A-828D-5CEAF54C497E}" = lport=138 | protocol=17 | dir=in | app=system |
"{9317E70F-B91F-41BF-9228-25AA224D3914}" = lport=445 | protocol=6 | dir=in | app=system |
"{95772350-19D1-43F0-BBC2-C12252AD3AA0}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9BD1BE4F-EA1C-48D5-83FD-5B012C1ED070}" = rport=445 | protocol=6 | dir=out | app=system |
"{9DE8496F-EDC6-4D27-8240-479FE06E84AD}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A9B035F7-1AC4-4845-AEDD-0676409F1A82}" = rport=1701 | protocol=17 | dir=out | app=system |
"{B550BCBD-7EDB-40EE-BD18-23F8C294FA8A}" = lport=1723 | protocol=6 | dir=in | app=system |
"{C86E5EA4-B9DE-46F5-8023-71A381104FE4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C901F090-AD82-4546-B5A3-7FACC1582659}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CB249367-3037-42D1-8398-2EAB631FDAFE}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D48767FB-CBB3-47DB-B32E-1C5229B96A19}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D7C6D559-003B-457B-B704-648EB478A8BC}" = lport=1701 | protocol=17 | dir=in | app=system |
"{F8160F25-D3EE-428F-9E6F-B27C15A53895}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049D8063-B1A1-453D-8E8C-641915077263}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{107FDF09-5668-4C39-B6C2-AE0CCC02FC46}" = protocol=6 | dir=out | app=system |
"{15B8E0E7-A20F-4CA8-A60B-73186071F47E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{20028EB4-015E-45BB-9BF4-0FA2400C87E5}" = dir=in | app=c:\program files\homecinema\powerdvd\powerdvd.exe |
"{23141A48-3CA1-44E7-80E9-5BC4993C0C06}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{30320846-E6FF-40B3-BBEE-1DB9405D337C}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3CB17FFF-E1E3-4A49-9A93-35E4D3B8324B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{44459E08-CB2F-4496-A48F-ABB8A863FF63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5F729969-C49F-48A4-9793-386678AD269C}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{63ACEDD0-E493-454A-BF57-762ECA97EB53}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{700753F8-0BC6-469F-8CAE-6069CDCC0371}" = dir=in | app=c:\program files\homecinema\tv enhance\tvenhance.exe |
"{73A07CE6-080D-427A-BC85-512F9317C404}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{73C75508-F1BD-4A28-BB67-56C57C79A573}" = dir=in | app=c:\program files\homecinema\powerdirector\pdr.exe |
"{7D17CE5A-AB47-44FF-81FD-413FC8FD79E2}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{862A87AE-FEBD-498A-BCE4-D11C1C415E06}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E3061DA-46FD-46E9-840D-25DBA16D30C2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A82DA86D-AA7E-460D-A5FF-A843C7F52EB3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B5A9E8A1-4646-41C1-919A-CCC1FC15FCEF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{BEB8776E-1940-443C-B0CB-5C7603B59201}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{CABE30E3-6097-46BD-B413-C4FDA9D7B423}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{EDCBD877-8AD3-4C88-B35E-10478C257DE1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F16DA657-8928-4778-8937-BB90910F5002}" = dir=in | app=c:\program files\homecinema\tv enhance\tveservice.exe |
"{FB0CBA55-13A8-40B5-8221-598E452745FE}" = dir=in | app=c:\program files\homecinema\makedisc\makedisc.exe |
"{FD71DFC9-4F00-4D29-9CF7-0358D90EA796}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{00B83EF6-D298-4114-8DD8-31E663638168}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{1905459F-A6A5-4FDC-9D30-FAB14546B545}C:\program files\videolan\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
"TCP Query User{418F097D-401B-4BA1-9662-E45ED29F5918}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"TCP Query User{432CE6B8-B6A6-4FAA-9A18-013BDD739706}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{0DC4FA62-F5F6-49D6-8618-01E50FD67A27}C:\program files\phase-6\phase-6\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\phase-6\phase-6\jre6\bin\javaw.exe |
"UDP Query User{544927E7-5267-402F-80A6-60961B85149A}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{78AA94A3-AF76-476C-AE1D-F16D8526E9C5}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{9E94EC24-F753-47B9-9AEF-7A69AA3EEA65}C:\program files\videolan\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\videolan\vlc\vlc.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{11AFE21E-B193-430D-B57A-DFF7815BB962}" = Ulead PhotoImpact 12
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C73B683-B15D-4B94-AC7A-520B70C4FFE9}" = Sceneo AbsolutTV
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{588D9F5F-8C62-4421-BAE9-CCAA57D4E4EE}" = TVsweeper 3
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{757AD3D4-036B-42FA-B0A4-96BD6F4605A0}" = Ulead VideoStudio 7 SE VCD
"{7655E113-C306-11D9-A373-0050BAE317E1}" = MCE Software Encoder 1.1
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{777AD08E-B32A-4456-AFE1-094DBECEB268}" = Intel(R) Network Connections 13.5.32.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"{AA898D01-D4E3-43C6-8E25-70CA660B9F16}" = CHIPDRIVE extern/intern/micro treiber 3.1
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{B145EC69-66F5-11D8-9D75-000129760D75}" = MakeDisc
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = PowerProducer
"{BFD96B89-B769-4CD6-B11E-E79FFD46F067}" = QuickTime
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}" = Oblivion
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D5A9B7C0-8751-11D8-9D75-000129760D75}" = MediaShow
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9-Reihe
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4C891D6-6844-41B8-86E8-633CACCC644F}" = TV Enhance
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF118D79-F61B-4379-A059-5A3250324326}" = SCR3xxx Smart Card Reader
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"Chipcardmaster_is1" = Chipcardmaster 7.04
"D'Fusion @Home Web Plug-In" = Total Immersion D'Fusion @Home Web Plug-In
"EOS USB WIA Driver" = EOS USB WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Gtk+ Runtime Environment" = Gtk+ Runtime Environment 2.12.9-2
"Hard Disk Low Level Format Tool_is1" = Hard Disk Low Level Format Tool 2.36 build 1181
"InstallShield_{A6903FF6-895A-4EA6-BDCC-BE1DD911103A}" = PC Camer@
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"IsoBuster_is1" = IsoBuster 3.0
"LetsTrade" = LetsTrade Komponenten
"LibUSB-Win32_is1" = LibUSB-Win32-0.1.10.1
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 16.0.1 (x86 de)" = Mozilla Firefox 16.0.1 (x86 de)
"Mozilla Thunderbird 16.0.1 (x86 de)" = Mozilla Thunderbird 16.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"phase-6" = phase-6 2.3.1d
"phase-6 Feeding Tool" = phase-6 Feeding Tool 1.1.4
"PROSetDX" = Intel(R) Network Connections 13.5.32.0
"RarZilla Free Unrar" = RarZilla Free Unrar
"RealPlayer 6.0" = RealPlayer
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"TwkSCard" = CHIPDRIVE - Gerätetreiber V2.14.41
"UnzipThemAll_is1" = UnzipThemAll 1.3
"VLC media player" = VLC media player 2.0.3
"Windows Media Encoder 9" = Windows Media Encoder 9-Reihe
"X10Hardware" = X10 Hardware(TM)
"Xvid_is1" = Xvid 1.1.3 final uninstall
"Zak McKracken - Between Time and Space" = Zak McKracken - Between Time and Space
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 20.10.2012 02:51:52 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x13cc, Anwendungsstartzeit
01cdae8f62745d50.
Error - 20.10.2012 02:52:14 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:45:28 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1268, Anwendungsstartzeit
01cdaed18a4525e7.
Error - 20.10.2012 10:45:55 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.10.2012 10:47:07 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung TuneUpUtilitiesService32.exe, Version 13.0.2020.4,
Zeitstempel 0x5059905e, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel
0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x01d39b50, Prozess-ID 0x97c,
Anwendungsstartzeit 01cdaed166bda897.
Error - 20.10.2012 12:38:35 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1130, Anwendungsstartzeit
01cdaee156e69858.
Error - 20.10.2012 12:38:46 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung ehRecvr.exe, Version 6.0.6001.18000, Zeitstempel
0x47919381, fehlerhaftes Modul ntdll.dll, Version 6.0.6002.18541, Zeitstempel 0x4ec3e3d5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00066626, Prozess-ID 0x137c, Anwendungsstartzeit
01cdaee15d4c90a8.
Error - 20.10.2012 12:39:39 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2012 05:13:56 | Computer Name = TIM-PC | Source = WinMgmt | ID = 10
Description =
Error - 21.10.2012 05:15:08 | Computer Name = TIM-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung CCU_Engine.exe, Version 1.7.548.0, Zeitstempel
0x46803fc5, fehlerhaftes Modul CCU_Engine.exe, Version 1.7.548.0, Zeitstempel 0x46803fc5,
Ausnahmecode 0xc0000005, Fehleroffset 0x00013190, Prozess-ID 0x1304, Anwendungsstartzeit
01cdaf6c8f3c9e3f.
[ Media Center Events ]
Error - 25.03.2008 14:36:13 | Computer Name = Robin-PC | Source = ehRecvr | ID = 3
Description =
Error - 23.01.2009 12:44:33 | Computer Name = Robin-PC | Source = ehSched | ID = 5
Description = CResourceMgr::GetEhepgdat Error GetEhepgdatDispatcher 0x80080005
[ System Events ]
Error - 26.10.2012 14:09:24 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 26.10.2012 14:09:33 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 26.10.2012 14:12:42 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.10.2012 14:12:42 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7034
Description =
Error - 26.10.2012 16:50:17 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 26.10.2012 16:50:17 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 05:26:09 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 05:26:09 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 06:32:45 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 27.10.2012 06:32:45 | Computer Name = TIM-PC | Source = Service Control Manager | ID = 7000
Description =
< End of report >
OTL Logfile: Code:
ATTFilter OTL logfile created on: 27.10.2012 19:14:26 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\TIM\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 7.0.6002.18005) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,00 Gb Total Physical Memory | 1,25 Gb Available Physical Memory | 41,77% Memory free 6,21 Gb Paging File | 4,21 Gb Available in Paging File | 67,87% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 445,76 Gb Total Space | 387,27 Gb Free Space | 86,88% Space Free | Partition Type: NTFS Drive E: | 19,99 Gb Total Space | 10,52 Gb Free Space | 52,63% Space Free | Partition Type: FAT32 Drive N: | 465,76 Gb Total Space | 213,77 Gb Free Space | 45,90% Space Free | Partition Type: NTFS Computer Name: TIM-PC | User Name: TIM | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\TIM\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe (Adobe Systems, Inc.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) PRC - C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) PRC - C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net) PRC - C:\Windows\SCARDS32.EXE (SCM Microsystems) PRC - C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Thunderbird\mozjs.dll () MOD - C:\Programme\Mozilla Thunderbird\nsldap32v60.dll () MOD - C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_4_402_287.dll () MOD - C:\Programme\Mozilla Firefox\mozjs.dll () ========== Services (SafeList) ========== SRV - (GnabService) -- c:\program files\common files\gnab\service\servicecontroller.exe File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation) SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) SRV - (AVM WLAN Connection Service) -- C:\Programme\avmwlanstick\WLanNetService.exe (AVM Berlin) SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (TVECapSvc) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVECapSvc.exe () SRV - (TVESched) -- C:\Programme\HomeCinema\TV Enhance\Kernel\TV\TVESched.exe () SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (srvcPVR) -- C:\Programme\Sceneo\AbsolutTV\Services\PVR\pvrservice.exe (Buhl Data Service GmbH) SRV - (libusbd) -- C:\Windows\System32\libusbd-nt.exe (hxxp://libusb-win32.sourceforge.net) SRV - (TWKSCARDSRV) -- C:\Windows\SCARDS32.EXE (SCM Microsystems) SRV - (x10nets) -- C:\Programme\Common Files\X10\Common\X10nets.exe (X10) ========== Driver Services (SafeList) ========== DRV - (TSHWMDTCP) -- C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys File not found DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (IntcAzAudAddService) -- system32\drivers\RTKVHDA.sys File not found DRV - (catchme) -- C:\ComboFix\catchme.sys File not found DRV - (alji662w) -- File not found DRV - (A2DDA) -- C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys File not found DRV - (a2acc) -- C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys File not found DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (SCR3XX2K) -- C:\Windows\System32\drivers\SCR3XX2K.sys (SCM Microsystems Inc.) DRV - (fwlanusbn) -- C:\Windows\System32\drivers\fwlanusbn.sys (AVM GmbH) DRV - (avmeject) -- C:\Windows\System32\drivers\avmeject.sys (AVM Berlin) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.) DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys () DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeavfk) -- C:\Windows\System32\drivers\mfeavfk.sys (McAfee, Inc.) DRV - (mfesmfk) -- C:\Windows\System32\drivers\mfesmfk.sys (McAfee, Inc.) DRV - (mfebopk) -- C:\Windows\System32\drivers\mfebopk.sys (McAfee, Inc.) DRV - (mferkdk) -- C:\Windows\System32\drivers\mferkdk.sys (McAfee, Inc.) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (USBCCID) -- C:\Windows\System32\drivers\usbccid.sys (Microsoft Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (e1express) -- C:\Windows\System32\drivers\e1e6032.sys (Intel Corporation) DRV - (KMWDFILTER) -- C:\Windows\System32\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys () DRV - (IntelDH) -- C:\Windows\System32\drivers\IntelDH.sys (Intel Corporation) DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (NXP Semiconductors Germany GmbH) DRV - (s217unic) -- C:\Windows\System32\drivers\s217unic.sys (MCCI) DRV - (s217mgmt) -- C:\Windows\System32\drivers\s217mgmt.sys (MCCI Corporation) DRV - (s217obex) -- C:\Windows\System32\drivers\s217obex.sys (MCCI Corporation) DRV - (s217nd5) -- C:\Windows\System32\drivers\s217nd5.sys (MCCI Corporation) DRV - (s217mdm) -- C:\Windows\System32\drivers\s217mdm.sys (MCCI Corporation) DRV - (s217bus) -- C:\Windows\System32\drivers\s217bus.sys (MCCI Corporation) DRV - (s217mdfl) -- C:\Windows\System32\drivers\s217mdfl.sys (MCCI Corporation) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (EthDriver) -- C:\Windows\System32\drivers\DLKRT32.sys (D-Link Corp.) DRV - (WINFLASH) -- C:\Medion\WinFlash.sys () DRV - (PAC207) -- C:\Windows\System32\drivers\PFC027.SYS (PixArt Imaging Inc.) DRV - (XUIF) -- C:\Windows\System32\drivers\x10ufx2.sys (X10 Wireless Technology, Inc.) DRV - (X10Hid) -- C:\Windows\System32\drivers\x10hid.sys (X10 Wireless Technology, Inc.) DRV - (CHIPDRIVE USB SmartCardReader) -- C:\Windows\System32\drivers\TwkUsb2K.sys (SCM Microsystems Inc.) DRV - (libusb0) -- C:\Windows\System32\drivers\libusb0.sys () DRV - (TWKSER2K) -- C:\Windows\System32\drivers\TWKSER2K.sys (SCM Microsystems Inc.) DRV - (TwkPCSC) -- C:\Windows\System32\drivers\TWKPCSC.SYS (Towitoko AG) DRV - (TWKPNP) -- C:\Windows\System32\drivers\TWKPNP.SYS (Towitoko AG) DRV - (TwkMs) -- C:\Windows\System32\drivers\TWKMS.SYS (Towitoko AG) DRV - (CA561) -- C:\Windows\System32\drivers\SPCA561.SYS (SP) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MEDA IE - HKU\.DEFAULT\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/ IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com/ IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.aldi.com/ IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = fritz.box ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.3088: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.3146: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.11.3006: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.) FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found FF - HKLM\Software\MozillaPlugins\@t-immersion.com/DFusionHomeWebPlugIn: C:\Program Files\Total Immersion\DFusionHomeWebPlugIn\NPDFusionWebFirefox.dll (Total Immersion) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008.02.19 14:52:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.10.18 13:18:55 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.10.18 13:16:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.10.19 14:29:02 | 000,000,000 | ---D | M] [2012.10.18 13:18:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2012.10.27 18:43:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions [2012.10.27 18:43:45 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.10.27 18:43:42 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} [2012.10.11 03:05:24 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2012.10.25 21:54:07 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Programme\Real\RealPlayer\rpbrowserrecordplugin.dll (RealPlayer) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [AVMWlanClient] C:\Programme\avmwlanstick\WLanGUI.exe (AVM Berlin) O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe (Intel Corporation) O4 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008..\Run: [WindowsWelcomeCenter] C:\Windows\System32\oobefldr.dll (Microsoft Corporation) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-25/4 File not found O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1007\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Domains: fritz.box ([]* in Lokales Intranet) O15 - HKU\S-1-5-21-4237503226-2575048588-2577064291-1008\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{575D3576-698F-4DFB-9FC5-1905460B78C5}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DEE6A5AB-FE86-4756-951D-03A58BB529EF}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E6C86ACC-9D86-48DA-9444-166FFE310E11}: DhcpNameServer = 192.168.178.1 O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) - File not found O24 - Desktop WallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O24 - Desktop BackupWallPaper: C:\Users\TIM\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2012.10.27 13:32:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2012.10.27 11:35:18 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dat [2012.10.27 11:35:13 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2012.10.27 11:35:13 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2012.10.27 11:35:12 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2012.10.27 11:35:12 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2012.10.27 11:35:12 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll [2012.10.27 11:35:12 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll [2012.10.27 11:35:12 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2012.10.27 11:35:12 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll [2012.10.27 11:35:12 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2012.10.26 23:24:56 | 000,000,000 | ---D | C] -- N:\Documents\samsung [2012.10.26 23:22:13 | 000,000,000 | ---D | C] -- N:\Documents\Nutz [2012.10.26 23:22:13 | 000,000,000 | ---D | C] -- N:\Documents\My Games [2012.10.26 23:22:13 | 000,000,000 | ---D | C] -- N:\Documents\Anti-Malware [2012.10.26 15:26:59 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\TIM\Desktop\aswMBR.exe [2012.10.25 23:53:13 | 002,213,464 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\TIM\Desktop\tdsskiller.exe [2012.10.25 22:03:44 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\temp [2012.10.25 21:56:50 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2012.10.25 21:56:50 | 000,000,000 | ---D | C] -- \$RECYCLE.BIN [2012.10.25 21:43:47 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2012.10.25 21:43:47 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2012.10.25 21:43:47 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2012.10.25 21:43:39 | 000,000,000 | ---D | C] -- C:\Qoobox [2012.10.25 21:43:39 | 000,000,000 | ---D | C] -- \Qoobox [2012.10.25 21:43:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2012.10.25 21:37:17 | 004,988,534 | R--- | C] (Swearware) -- C:\Users\TIM\Desktop\ComboFix.exe [2012.10.25 17:04:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.23 13:42:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2012.10.23 12:53:29 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP [2012.10.22 22:46:32 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Chromium [2012.10.22 19:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Steam [2012.10.20 16:53:08 | 000,000,000 | ---D | C] -- C:\Users\TIM\.swt [2012.10.20 10:55:57 | 000,000,000 | ---D | C] -- C:\Config.Msi [2012.10.20 10:55:57 | 000,000,000 | ---D | C] -- \Config.Msi [2012.10.19 17:45:22 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\CANON_INC [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities [2012.10.19 17:18:11 | 000,000,000 | ---D | C] -- C:\Program Files\Canon [2012.10.19 17:12:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Canon [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Immersion [2012.10.18 21:37:59 | 000,000,000 | ---D | C] -- C:\Program Files\Total Immersion [2012.10.18 17:49:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys [2012.10.18 14:27:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2012.10.18 13:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.10.18 13:08:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation [2012.10.18 13:06:09 | 019,906,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.18 13:06:09 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.18 13:06:09 | 012,501,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.18 13:06:09 | 010,837,352 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.18 13:06:09 | 007,697,768 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.18 13:06:09 | 006,127,464 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.18 13:06:09 | 002,574,696 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.18 13:06:09 | 001,867,112 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.18 13:06:09 | 000,888,168 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.18 12:49:57 | 000,031,584 | ---- | C] (TuneUp Software) -- C:\Windows\System32\TURegOpt.exe [2012.10.18 12:49:57 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\System32\authuitu.dll [2012.10.18 12:18:14 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:18:14 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:52 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:16:52 | 000,093,672 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 11:36:55 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll [2012.10.18 11:36:41 | 003,602,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2012.10.18 11:36:41 | 003,550,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2012.10.14 17:11:10 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys [2012.10.14 16:24:49 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Corporation [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Windows Live [2012.10.14 15:00:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Windows Live [2012.10.13 11:01:08 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe(4) [2012.10.13 10:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun [2012.10.12 15:20:50 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox(45) [2012.10.09 14:59:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2012.10.09 14:59:19 | 000,000,000 | ---D | C] -- C:\Program Files\TuneUp Utilities 2013 [2012.10.09 14:57:34 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2012.10.08 21:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid [2012.10.08 00:49:29 | 000,000,000 | ---D | C] -- C:\Program Files\Xvid [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.08 00:48:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zak McKracken - Between Time & Space [2012.10.07 22:09:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2012.10.07 21:50:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log [2012.10.07 21:50:34 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Samsung [2012.10.07 21:45:07 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung [2012.10.07 21:43:47 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung [2012.10.07 21:41:50 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Downloaded Installations [2012.10.06 11:32:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM Microsystems [2012.10.05 21:01:20 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2012.10.05 16:29:26 | 000,000,000 | ---D | C] -- C:\Program Files\PC TuneUp Tools [2012.10.04 10:30:36 | 000,000,000 | ---D | C] -- C:\Users\TIM\Desktop\SD Cards [2012.10.02 18:09:44 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.10.02 17:18:57 | 000,054,776 | ---- | C] (Codejock Software) -- C:\Windows\System32\cjResource.dll [2012.10.02 17:18:56 | 000,000,000 | ---D | C] -- C:\Program Files\EGK Viewer [2012.10.02 16:58:01 | 001,351,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\comctl32.ocx [2012.10.02 16:58:01 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\vb6de.dll [2012.10.02 16:58:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chipcardmaster [2012.10.02 16:58:00 | 000,059,392 | ---- | C] (Bjørnar Henden) -- C:\Windows\isxdl.dll [2012.10.02 16:58:00 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\gzip.dll [2012.10.02 16:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Chipcardmaster [2012.10.02 16:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster [2012.10.02 16:41:13 | 000,000,000 | ---D | C] -- C:\Program Files\Smart Projects [2012.10.02 13:15:52 | 000,430,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2012.09.30 12:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2012.09.30 12:34:01 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} [2012.09.29 20:49:33 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Oblivion [2012.09.29 20:27:55 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2012.09.29 20:21:47 | 002,557,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.09.29 20:21:47 | 000,062,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.09.29 20:21:12 | 000,061,248 | ---- | C] (Khronos Group) -- C:\Windows\System32\OpenCL.dll [2012.09.29 20:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation [2012.09.29 20:20:05 | 015,309,160 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.09.29 20:20:05 | 001,009,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.09.29 20:20:05 | 000,883,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\System32\nvgenco32.dll [2012.09.29 20:19:46 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation [2012.09.29 20:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) Matrix Storage Manager [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- C:\Medion [2012.09.29 20:14:21 | 000,000,000 | ---D | C] -- \Medion [2012.09.29 18:05:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks [2012.09.29 17:27:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2 [2012.09.29 15:22:56 | 000,000,000 | ---D | C] -- C:\Users\TIM\.phase-6 [2012.09.29 15:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\phase-6 [2012.09.29 15:20:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Phase6 [2012.09.29 15:20:47 | 000,000,000 | ---D | C] -- C:\Program Files\phase-6 [2012.09.29 15:13:27 | 000,000,000 | ---D | C] -- C:\Users\TIM\Hörbücher [2012.09.29 11:12:45 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Microsoft Games [2012.09.29 00:13:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech [2012.09.29 00:13:48 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd [2012.09.28 23:58:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd [2012.09.28 23:34:19 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Macromedia [2012.09.28 23:28:04 | 000,696,760 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.09.28 23:28:04 | 000,073,656 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.09.28 23:22:32 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH [2012.09.28 22:51:05 | 002,047,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2012.09.28 22:27:40 | 000,320,512 | ---- | C] (SCM Microsystems) -- C:\Windows\System32\TWKDIAG.CPL [2012.09.28 22:27:40 | 000,264,192 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDS32.EXE [2012.09.28 22:27:40 | 000,259,584 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARDSRV.EXE [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW32.DLL [2012.09.28 22:27:40 | 000,080,384 | ---- | C] (SCM Microsystems) -- C:\Windows\CT32.DLL [2012.09.28 22:27:40 | 000,070,656 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV32.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTTWKW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CTAPIW16.DLL [2012.09.28 22:27:40 | 000,069,888 | ---- | C] (SCM Microsystems) -- C:\Windows\CT.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDLL32.DLL [2012.09.28 22:27:40 | 000,062,464 | ---- | C] (SCM Microsystems) -- C:\Windows\GEN_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_TWK.DLL [2012.09.28 22:27:40 | 000,059,904 | ---- | C] (SCM Microsystems) -- C:\Windows\SCP_NT.DLL [2012.09.28 22:27:40 | 000,058,368 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD32.DLL [2012.09.28 22:27:40 | 000,052,736 | ---- | C] (SCM Microsystems) -- C:\Windows\TDEV.DLL [2012.09.28 22:27:40 | 000,041,728 | ---- | C] (TOWITOKO electronics GmbH, GERMANY) -- C:\Windows\SCDRVDLL.DLL [2012.09.28 22:27:40 | 000,037,376 | ---- | C] (SCM Microsystems) -- C:\Windows\SCARD.DLL [2012.09.28 22:27:40 | 000,012,906 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKUSB.SYS [2012.09.28 22:27:40 | 000,011,676 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPCSC.SYS [2012.09.28 22:27:40 | 000,005,550 | ---- | C] (Towitoko AG) -- C:\Windows\System32\drivers\TWKPNP.SYS [2012.09.28 22:27:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CHIPDRIVE [2012.09.28 22:27:38 | 000,864,851 | ---- | C] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 21:43:04 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonBJ [2012.09.28 21:41:53 | 000,230,912 | ---- | C] (CANON INC.) -- C:\Windows\System32\CNMLM9C.DLL [2012.09.28 21:41:10 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mciseq.dll [2012.09.28 21:40:24 | 000,429,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\EncDec.dll [2012.09.28 21:40:08 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\packager.dll [2012.09.28 21:40:06 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2012.09.28 21:39:27 | 001,172,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2012.09.28 21:39:27 | 001,069,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2012.09.28 21:39:27 | 000,683,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2012.09.28 21:39:27 | 000,219,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2012.09.28 21:39:27 | 000,160,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2012.09.28 21:39:23 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll [2012.09.28 21:39:22 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\quartz.dll [2012.09.28 21:39:22 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll [2012.09.28 21:38:22 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2012.09.28 21:27:22 | 000,613,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rdpencom.dll [2012.09.28 21:12:10 | 002,422,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wucltux.dll [2012.09.28 21:12:10 | 000,045,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups2.dll [2012.09.28 21:11:36 | 000,577,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapi.dll [2012.09.28 21:11:36 | 000,088,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wudriver.dll [2012.09.28 21:11:36 | 000,035,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wups.dll [2012.09.28 21:11:15 | 000,171,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuwebv.dll [2012.09.28 21:11:15 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wuapp.exe [2012.09.28 21:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2012.09.28 21:07:46 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.28 21:07:44 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2012.09.28 21:04:21 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SCM Microsystems CHIPDRIVE Tools [2012.09.28 19:57:09 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Apple [2012.09.28 19:39:42 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Thunderbird [2012.09.28 19:33:37 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Mozilla [2012.09.28 19:28:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN [2012.09.28 19:28:49 | 000,000,000 | ---D | C] -- C:\Program Files\avmwlanstick [2012.09.28 19:28:47 | 000,004,352 | R--- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmeject.sys [2012.09.28 19:26:38 | 000,586,752 | ---- | C] (AVM GmbH) -- C:\Windows\System32\drivers\fwlanusbn.sys [2012.09.28 19:26:38 | 000,078,336 | ---- | C] (AVM Berlin) -- C:\Windows\System32\fwusbnci.dll [2012.09.28 19:26:04 | 000,000,000 | ---D | C] -- C:\Users\TIM\AppData\Local\Adobe [2012.09.28 19:19:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla [2012.09.28 19:19:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service [2012.09.28 19:18:52 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird [2012.09.28 19:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\MozBackup [2012.09.28 19:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2012.09.28 19:09:26 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys [2012.09.28 19:09:25 | 000,134,184 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys [2012.09.28 19:09:25 | 000,083,792 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys [2012.09.28 19:09:25 | 000,036,552 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2012.09.28 19:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Avira [2012.09.28 19:02:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- C:\.fseventsd [2012.09.27 21:43:47 | 000,000,000 | ---D | C] -- \.fseventsd [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.10.27 19:15:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.27 19:15:00 | 000,000,418 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{C14BE3A1-7541-42F6-935E-22B317B092E6}.job [2012.10.27 19:13:59 | 000,000,414 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{B06D0B9E-F49B-4947-82CA-302808DCB46D}.job [2012.10.27 18:31:30 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2012.10.27 18:31:30 | 000,003,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2012.10.27 13:32:09 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\MozBackup.lnk [2012.10.27 13:31:52 | 000,706,256 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2012.10.27 13:31:52 | 000,661,242 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2012.10.27 13:31:52 | 000,160,122 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2012.10.27 13:31:52 | 000,130,998 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2012.10.27 12:31:33 | 000,000,260 | ---- | M] () -- C:\Windows\scardsrv.ini [2012.10.27 12:31:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.10.27 12:31:02 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.26 20:11:22 | 000,372,424 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.26 17:10:23 | 306,100,628 | ---- | M] () -- C:\Windows\MEMORY.DMP [2012.10.26 15:48:42 | 000,000,512 | ---- | M] () -- C:\Users\TIM\Desktop\MBR.dat [2012.10.26 15:27:06 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\TIM\Desktop\aswMBR.exe [2012.10.26 15:26:42 | 000,302,592 | ---- | M] () -- C:\Users\TIM\Desktop\m0ifup2h.exe [2012.10.25 23:53:16 | 002,213,464 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\TIM\Desktop\tdsskiller.exe [2012.10.25 21:54:07 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2012.10.25 21:37:51 | 004,988,534 | R--- | M] (Swearware) -- C:\Users\TIM\Desktop\ComboFix.exe [2012.10.25 17:04:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\TIM\Desktop\OTL.exe [2012.10.23 16:18:51 | 000,018,944 | ---- | M] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.10.20 16:52:58 | 000,001,062 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.10.20 16:52:58 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | M] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 14:27:33 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 12:16:40 | 000,093,672 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2012.10.18 12:16:38 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2012.10.18 12:16:38 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2012.10.18 12:16:38 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2012.10.18 12:16:38 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2012.10.18 12:15:34 | 000,696,760 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2012.10.18 12:15:34 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2012.10.17 00:12:24 | 000,192,907 | ---- | M] () -- N:\Documents\Picture 1.jpg [2012.10.08 19:02:30 | 000,004,464 | ---- | M] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:48:25 | 000,000,595 | ---- | M] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.07 14:31:13 | 000,002,176 | ---- | M] () -- C:\Windows\HBCIKRNL.INI [2012.10.03 00:20:00 | 019,906,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvoglv32.dll [2012.10.03 00:20:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcompiler.dll [2012.10.03 00:20:00 | 015,309,160 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvd3dum.dll [2012.10.03 00:20:00 | 012,501,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvwgf2um.dll [2012.10.03 00:20:00 | 010,837,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\drivers\nvlddmkm.sys [2012.10.03 00:20:00 | 007,697,768 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuda.dll [2012.10.03 00:20:00 | 006,127,464 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvopencl.dll [2012.10.03 00:20:00 | 002,574,696 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvid.dll [2012.10.03 00:20:00 | 002,428,776 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvapi.dll [2012.10.03 00:20:00 | 001,867,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcuvenc.dll [2012.10.03 00:20:00 | 001,009,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispco32.dll [2012.10.03 00:20:00 | 000,888,168 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvdispgenco32.dll [2012.10.03 00:20:00 | 000,012,865 | ---- | M] () -- C:\Windows\System32\nvinfo.pb [2012.10.02 21:29:41 | 002,557,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvcr.dll [2012.10.02 21:29:41 | 000,108,392 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvmctray.dll [2012.10.02 21:29:41 | 000,062,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvshext.dll [2012.10.02 21:29:22 | 002,853,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvsvc.dll [2012.10.02 21:28:53 | 003,965,288 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvcpl.dll [2012.10.02 18:09:44 | 000,000,995 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | M] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 13:15:52 | 000,430,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\System32\nvStreaming.exe [2012.09.30 18:15:04 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:48:05 | 000,032,514 | ---- | M] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:28:02 | 000,319,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\DIFxAPI.dll [2012.09.29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2012.09.29 18:12:14 | 000,000,450 | ---- | M] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | M] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 10:53:03 | 000,031,420 | ---- | M] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 23:19:18 | 000,000,680 | RHS- | M] () -- C:\Users\TIM\ntuser.pol [2012.09.28 22:27:46 | 000,002,776 | ---- | M] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:38 | 000,864,851 | ---- | M] (SCM Microsystems) -- C:\Windows\setp-twk.exe [2012.09.28 19:10:13 | 000,001,851 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | M] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | M] () -- C:\._.DS_Store [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.10.27 13:32:09 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\MozBackup.lnk [2012.10.26 23:22:13 | 000,192,907 | ---- | C] () -- N:\Documents\Picture 1.jpg [2012.10.26 16:08:40 | 306,100,628 | ---- | C] () -- C:\Windows\MEMORY.DMP [2012.10.26 15:48:42 | 000,000,512 | ---- | C] () -- C:\Users\TIM\Desktop\MBR.dat [2012.10.26 15:26:42 | 000,302,592 | ---- | C] () -- C:\Users\TIM\Desktop\m0ifup2h.exe [2012.10.25 21:43:47 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2012.10.25 21:43:47 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2012.10.25 21:43:47 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2012.10.25 21:43:47 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2012.10.25 21:43:47 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2012.10.22 12:33:55 | 000,372,424 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2012.10.20 16:52:58 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\phase-6 desktop.lnk [2012.10.18 17:49:22 | 000,000,807 | ---- | C] () -- C:\Users\TIM\Desktop\EVEREST Home Edition.lnk [2012.10.18 13:16:04 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk [2012.10.18 12:49:56 | 000,001,881 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2012.10.18 12:49:56 | 000,001,873 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.10.18 12:49:56 | 000,001,869 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.10.18 11:32:21 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.10.08 19:02:28 | 000,004,464 | ---- | C] () -- C:\Windows\System32\cc_20121008_190221.reg [2012.10.08 00:49:29 | 000,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll [2012.10.08 00:49:29 | 000,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2012.10.08 00:49:29 | 000,077,824 | ---- | C] () -- C:\Windows\System32\xvid.ax [2012.10.08 00:48:25 | 000,000,595 | ---- | C] () -- C:\Users\TIM\Desktop\Zak McKracken - BTAS.lnk [2012.10.05 21:01:09 | 000,000,000 | ---- | C] () -- C:\Windows\System32\drivers\lvuvc.hs [2012.10.02 18:09:44 | 000,000,995 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.10.02 16:58:01 | 000,000,843 | ---- | C] () -- C:\Users\Public\Desktop\Chipcardmaster.lnk [2012.10.02 16:58:00 | 000,001,263 | ---- | C] () -- C:\Windows\isxdlge2.ini [2012.09.30 18:15:04 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2012.09.29 21:47:56 | 000,032,514 | ---- | C] () -- C:\Windows\System32\cc_20120929_214733.reg [2012.09.29 20:20:05 | 000,012,865 | ---- | C] () -- C:\Windows\System32\nvinfo.pb [2012.09.29 18:05:51 | 000,000,450 | ---- | C] () -- C:\Users\Public\Desktop\Oblivion.lnk [2012.09.29 15:20:59 | 000,001,062 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012.09.29 13:16:56 | 000,000,646 | ---- | C] () -- C:\Users\TIM\Desktop\DieRitter.lnk [2012.09.29 12:40:47 | 000,018,944 | ---- | C] () -- C:\Users\TIM\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012.09.29 10:52:59 | 000,031,420 | ---- | C] () -- C:\Windows\System32\cc_20120929_105239.reg [2012.09.28 22:27:46 | 000,002,776 | ---- | C] () -- C:\Windows\twkverck.dat [2012.09.28 22:27:41 | 000,000,260 | ---- | C] () -- C:\Windows\scardsrv.ini [2012.09.28 21:08:05 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2012.09.28 21:04:30 | 000,002,176 | ---- | C] () -- C:\Windows\HBCIKRNL.INI [2012.09.28 19:28:53 | 000,013,189 | R--- | C] () -- C:\Windows\instwcli.inf [2012.09.28 19:26:38 | 000,015,565 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin [2012.09.28 19:19:33 | 000,000,862 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2012.09.28 19:18:54 | 000,001,806 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk [2012.09.28 19:10:13 | 000,001,851 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2012.09.28 19:02:51 | 000,000,808 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- C:\.DS_Store [2012.09.27 21:44:10 | 000,006,148 | ---- | C] () -- \.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- C:\._.DS_Store [2012.09.27 21:44:10 | 000,004,096 | ---- | C] () -- \._.DS_Store [2012.09.26 20:57:14 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2012.09.26 20:57:14 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2012.09.26 20:57:14 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2012.09.26 20:57:14 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2012.09.25 21:22:29 | 000,000,091 | ---- | C] () -- C:\Users\TIM\AppData\Local\fusioncache.dat [2012.09.25 21:22:06 | 000,000,680 | RHS- | C] () -- C:\Users\TIM\ntuser.pol [2012.09.25 19:36:15 | 000,000,039 | ---- | C] () -- C:\Windows\WININIT.INI [2010.01.30 18:52:39 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2008.02.19 15:33:15 | 000,000,512 | ---- | C] () -- \TVE.iss [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2008.02.19 15:07:07 | 000,000,000 | RHS- | C] () -- \IO.SYS [2008.02.19 12:09:21 | 000,008,192 | R-S- | C] () -- \BOOTSECT.BAK [2008.02.19 12:09:20 | 000,333,257 | RHS- | C] () -- \bootmgr [2006.11.02 12:23:09 | 000,000,024 | ---- | C] () -- \autoexec.bat [2006.11.02 08:25:08 | 000,000,010 | ---- | C] () -- \config.sys ========== ZeroAccess Check ========== [2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > [/code] Hi cosinus. Hier die Logs. Bin wohl irgendwie zu blöd. Ist wieder 2x. Sorry LG und Dank Hi cosinus. Hier die Logs. Bin wohl irgendwie zu blöd. Ist wieder 2x. Sorry LG und Dank |
|
27.10.2012, 20:09
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malewarebytes meldet ccleaner.exe sei infiziert? Sieht auch gut aus  adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren Downloade Dir bitte AdwCleaner auf deinen Desktop. Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.10.2012, 20:16
| #15 |
| | Malewarebytes meldet ccleaner.exe sei infiziert?Code:
ATTFilter
# AdwCleaner v2.005 - Datei am 27/10/2012 um 21:16:02 erstellt
# Aktualisiert am 14/10/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : TIM - TIM-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\TIM\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Software
***** [Internet Browser] *****
-\\ Internet Explorer v7.0.6002.18005
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v16.0.1 (de)
Profilname : default
Datei : C:\Users\TIM\AppData\Roaming\Mozilla\Firefox\Profiles\g90hhbyl.default\prefs.js
Gefunden : user_pref("extensions.mediaplayerconnectivity.activityViewPoint", false);
Gefunden : user_pref("extensions.mediaplayerconnectivity.enableAutoplayViewPoint", true);
Gefunden : user_pref("extensions.mediaplayerconnectivity.enableContextMenuViewPoint", true);
Gefunden : user_pref("extensions.mediaplayerconnectivity.enableEmbedViewPoint", true);
Gefunden : user_pref("extensions.mediaplayerconnectivity.enableFileViewPoint", true);
Gefunden : user_pref("extensions.mediaplayerconnectivity.playerparamsviewpoint", "%f");
Gefunden : user_pref("extensions.mediaplayerconnectivity.playerviewpoint", "");
*************************
AdwCleaner[R1].txt - [1512 octets] - [27/10/2012 21:16:02]
########## EOF - C:\AdwCleaner[R1].txt - [1572 octets] ##########
Vielen Dank |
|
| Themen zu Malewarebytes meldet ccleaner.exe sei infiziert? |
| administrator, aktion, anti-malware, autostart, bösartige, dateien, explorer, file, gen, image, infiziert, infiziert?, log, melde, meldet, microsoft, minute, registrierung, service, service pack 2, software, speicher, version, verzeichnisse, vista, vollständiger |
Linear-Darstellung
