| |
| |||||||
Log-Analyse und Auswertung: Virus auf mein SchullaptopWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
27.11.2012, 00:12
| #1 |
| |  Virus auf mein Schullaptop Grüsse Ich mache mommentan als Informatiker Applikations eine lehre. Ich benutze für meine arbeiten in der Schule meine eigenes Laptop. Seit ka. 1 Woche krieg ich Microsoft Office nicht auf. Also gar keine office applikation und kann auch keine windows updates machen. Hier mal die OTL Logs. Code:
ATTFilter OTL logfile created on: 26.11.2012 23:50:52 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Pedro\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy 3,93 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 45,26% Memory free 7,85 Gb Paging File | 5,00 Gb Available in Paging File | 63,67% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 134,36 Gb Total Space | 25,40 Gb Free Space | 18,91% Space Free | Partition Type: NTFS Computer Name: PEDRO-PC | User Name: Pedro | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Pedro\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - c:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd) PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation) PRC - c:\xampp\apache\bin\httpd.exe (Apache Software Foundation) PRC - c:\xampp\mysql\bin\mysqld.exe () PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.) PRC - C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe () PRC - C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell) PRC - C:\Program Files (x86)\AlienRespawn\Toaster.exe (SoftThinks - Dell) PRC - C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe () PRC - C:\Program Files (x86)\AlienRespawn\SftService.exe (SoftThinks SAS) PRC - C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone) PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) PRC - C:\Programme\Alienware\Command Center\AlienFXHook32Mngr.exe (Alienware) PRC - C:\Programme\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation) PRC - C:\Programme\Alienware\Command Center\AlienFusionController.exe () PRC - C:\Programme\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision ) PRC - C:\Programme\Alienware\Command Center\AlienSense\FATrayAlert.exe (Sensible Vision ) PRC - C:\Programme\Alienware\Command Center\AlienSense\FAService.exe (Sensible Vision ) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) PRC - C:\Program Files (x86)\OSD\OSD.exe () PRC - C:\Program Files (x86)\OSD\OSD_Service.exe () PRC - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3a7eb7595728baf4078ec5f97b44180c\IAStorUtil.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\409c27bc1e434bf90f0df3d7096613bd\System.Design.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4d7a457d9f9adcce4d201119b5179c29\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\3079aabe5fd4f325656d52b94b19ae2e\System.Security.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Programme\TortoiseSVN\bin\libsasl32.dll () MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () MOD - C:\Windows\assembly\GAC_MSIL\LightFX\1.0.92.0__bebb3c8816410241\LightFX.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.92.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.92.0__bebb3c8816410241\AlienwareAlienFXTools.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.92.0__bebb3c8816410241\AlienLabsTools.dll () MOD - C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.92.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.92.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.92.0__bebb3c8816410241\AlienFX.Communication.XPS.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.92.0__bebb3c8816410241\AlienFX.Communication.Core.dll () MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.92.0__bebb3c8816410241\AlienFX.Communication.dll () MOD - C:\Program Files (x86)\AlienRespawn\SftBRCCPiped.dll () MOD - C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe () MOD - C:\Program Files (x86)\AlienRespawn\zlib1.dll () MOD - C:\Program Files (x86)\AlienRespawn\STRegistry.dll () MOD - C:\Program Files (x86)\AlienRespawn\STPE.dll () MOD - C:\Program Files (x86)\AlienRespawn\STNLS.dll () MOD - C:\Program Files (x86)\AlienRespawn\STLog.dll () MOD - C:\Program Files (x86)\AlienRespawn\STFiles.dll () MOD - C:\Program Files (x86)\AlienRespawn\STBRCCServCLR.dll () MOD - C:\Program Files (x86)\AlienRespawn\libxml2.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Programme\Alienware\Command Center\AlienFusionDomain.dll () MOD - C:\Programme\Alienware\Command Center\AlienFusionController.exe () MOD - C:\Windows\SysWOW64\FAIEExtension.dll () MOD - C:\Windows\SysWOW64\FAib.dll () MOD - C:\Windows\SysWOW64\FACrashRpt.dll () MOD - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\SysWOW64\msjetoledb40.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.) SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\stacsv64.exe (IDT, Inc.) SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation) SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe (Andrea Electronics Corporation) SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Apache2.2) -- c:\xampp\apache\bin\httpd.exe (Apache Software Foundation) SRV - (mysql) -- c:\xampp\mysql\bin\mysqld.exe () SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.) SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe () SRV - (mi-raysat_3dsmax2012_64) -- C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe () SRV - (SftService) -- C:\Program Files (x86)\AlienRespawn\SftService.exe (SoftThinks SAS) SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone) SRV - (AlienFusionService) -- C:\Programme\Alienware\Command Center\AlienFusionService.exe (Alienware) SRV - (FAService) -- C:\Programme\Alienware\Command Center\AlienSense\FAService.exe (Sensible Vision ) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) SRV - (HappyOSD) -- C:\Program Files (x86)\OSD\OSD_Service.exe () SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\STacSV64.exe (IDT, Inc.) SRV - (InstallFilterService) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe () SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe (Andrea Electronics Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software) DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software) DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation) DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (WinDriver6) -- C:\Windows\SysNative\drivers\windrvr6.sys (Jungo) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation) DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology) DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology) DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys () DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys () DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.) DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated) DRV:64bit: - (ZTEusbnet) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys (ZTE Corporation) DRV:64bit: - (ZTEusbvoice) -- C:\Windows\SysNative\drivers\zteusbvoice.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated) DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone) DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation) DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.) DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Acceler.sys (ST Microelectronics) DRV:64bit: - (stdflt) -- C:\Windows\SysNative\drivers\stdflt.sys (ST Microelectronics) DRV:64bit: - (NAL) -- C:\Windows\SysNative\drivers\iqvw64e.sys (Intel Corporation ) DRV:64bit: - (iSSetup) -- C:\Windows\SysNative\drivers\iSSetup.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (ioatdma2) -- C:\Windows\SysNative\drivers\qd262x64.sys (Intel Corporation) DRV:64bit: - (ioatdma1) -- C:\Windows\SysNative\drivers\qd162x64.sys (Intel Corporation) DRV:64bit: - (ioatdma) -- C:\Windows\SysNative\drivers\ioatdma.sys (Intel Corporation) DRV:64bit: - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC) DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC) DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC) DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC) DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC) DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV:64bit: - (itecir) -- C:\Windows\SysNative\drivers\itecir.sys (ITE Tech. Inc. ) DRV:64bit: - (FACAP) -- C:\Windows\SysNative\drivers\facap.sys (Sensible Vision ) DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.) DRV:64bit: - (IAMTVE) -- C:\Windows\SysNative\drivers\IAMTVE.sys (Intel Corporation) DRV:64bit: - (IAMTXPE) -- C:\Windows\SysNative\drivers\IAMTXPE.sys (Intel Corporation) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.alienware.com/ IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://support.alienware.com [binary data] IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/ IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\URLSearchHook: {3a9262ef-45b5-46fc-b460-7053539c9176} - No CLSID value found IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\SearchScopes\{5F970FDE-702B-4ef9-920C-5F2848A5AF26}: "URL" = hxxp://www.astroburn-search.com/search/web?q={searchTerms} IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: translator@zoli.bod:2.1.0.3 FF - prefs.js..extensions.enabledAddons: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.16.0.3 FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q=" FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.) FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.26 22:52:57 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 10:01:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 10:01:15 | 000,000,000 | ---D | M] [2012.01.24 17:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\Extensions [2012.11.26 15:19:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\Firefox\Profiles\bn2f3v6h.default\extensions [2012.11.07 09:17:49 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Pedro\AppData\Roaming\mozilla\Firefox\Profiles\bn2f3v6h.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2012.10.29 15:25:59 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\extensions\translator@zoli.bod.xpi [2012.11.23 08:45:14 | 000,035,614 | ---- | M] () (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2011.11.12 04:12:01 | 000,002,071 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\searchplugins\absearch-search.xml [2011.10.02 13:34:48 | 000,001,699 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\searchplugins\thepiratebayh.xml [2012.09.21 08:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2012.09.07 10:01:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012.09.07 10:01:15 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.07.22 13:00:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.04 07:45:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.07.22 13:00:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.07.22 13:00:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.07.22 13:00:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.07.22 13:00:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - homepage: hxxp://www.google.com CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Unity Player (Enabled) = C:\Users\Pedro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: YouTube = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: uTorrentBar_DE = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.18.20_0\ CHR - Extension: Google Mail = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2012.11.26 23:50:09 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Programme\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision ) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (no name) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No CLSID value found. O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\Toolbar\WebBrowser: (no name) - {3A9262EF-45B5-46FC-B460-7053539C9176} - No CLSID value found. O3 - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found. O4:64bit: - HKLM..\Run: [] File not found O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated) O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation) O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.) O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe () O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.) O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.) O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe () O4 - HKLM..\Run: [FAStartup] File not found O4 - HKLM..\Run: [FATrayAlert] C:\Programme\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision ) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation) O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd) O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone) O4 - HKLM..\Run: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch_OSD.exe (HH) O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1 O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation) O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation) O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Value error.) O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.6.2) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1) O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{240F5B05-696B-4286-9472-F1E773697D60}: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91A35407-8911-4D97-A0C5-865D0FCBC409}: DhcpNameServer = 192.168.1.1 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDCA9DAF-BEAC-4ED9-A7D8-C7E2B5650FC8}: DhcpNameServer = 212.18.160.133 212.18.160.134 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll) - C:\Programme\Alienware\Command Center\AlienSense\FALogNot.dll () O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2012.01.22 15:09:11 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O33 - MountPoints2\{0a246a16-96c8-11e1-a32a-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{0a246a16-96c8-11e1-a32a-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{0e6f689f-afcf-11e0-ae5f-c0cb388dadfa}\Shell - "" = AutoRun O33 - MountPoints2\{0e6f689f-afcf-11e0-ae5f-c0cb388dadfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{0e6f68aa-afcf-11e0-ae5f-842b2b83559c}\Shell - "" = AutoRun O33 - MountPoints2\{0e6f68aa-afcf-11e0-ae5f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{0e6f68ca-afcf-11e0-ae5f-842b2b83559c}\Shell - "" = AutoRun O33 - MountPoints2\{0e6f68ca-afcf-11e0-ae5f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{0e6f68cc-afcf-11e0-ae5f-842b2b83559c}\Shell - "" = AutoRun O33 - MountPoints2\{0e6f68cc-afcf-11e0-ae5f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{11c4e2d7-bb61-11e0-884f-842b2b83559c}\Shell - "" = AutoRun O33 - MountPoints2\{11c4e2d7-bb61-11e0-884f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence O33 - MountPoints2\{235ea25d-b6d7-11e1-904e-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{235ea25d-b6d7-11e1-904e-005056c00008}\Shell\AutoRun\command - "" = E:\setup.exe O33 - MountPoints2\{6eba2c70-8c7c-11e1-bcec-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{6eba2c70-8c7c-11e1-bcec-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{6eba2c88-8c7c-11e1-bcec-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{6eba2c88-8c7c-11e1-bcec-005056c00008}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{6eba2c89-8c7c-11e1-bcec-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{6eba2c89-8c7c-11e1-bcec-005056c00008}\Shell\AutoRun\command - "" = F:\AutoRun.exe O33 - MountPoints2\{9daa680a-eb7f-11e1-9ae3-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{9daa680a-eb7f-11e1-9ae3-005056c00008}\Shell\AutoRun\command - "" = F:\LaunchU3.exe O33 - MountPoints2\{9e430bad-6cc2-11e0-8c2c-842b2b83559c}\Shell - "" = AutoRun O33 - MountPoints2\{9e430bad-6cc2-11e0-8c2c-842b2b83559c}\Shell\AutoRun\command - "" = Autoplay.exe -auto O33 - MountPoints2\{b141cd08-8eff-11e1-a455-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{b141cd08-8eff-11e1-a455-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\{d53ef1b0-94a3-11e1-ba37-005056c00008}\Shell - "" = AutoRun O33 - MountPoints2\{d53ef1b0-94a3-11e1-ba37-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence O33 - MountPoints2\F\Shell - "" = AutoRun O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Password.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2012.11.26 23:47:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pedro\Desktop\OTL.exe [2012.11.26 23:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2012.11.26 23:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager [2012.11.26 23:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2012.11.26 23:14:31 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\Microsoft_Corporation [2012.11.26 22:59:37 | 000,000,000 | ---D | C] -- C:\MATS [2012.11.26 22:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus [2012.11.26 22:53:15 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012.11.26 22:53:15 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012.11.26 22:53:11 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys [2012.11.26 22:53:10 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012.11.26 22:53:09 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012.11.26 22:53:05 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012.11.26 22:53:05 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012.11.26 22:52:42 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr [2012.11.26 22:52:41 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012.11.26 22:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software [2012.11.26 22:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software [2012.11.26 22:06:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Simply Super Software [2012.11.26 22:06:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\Simply Super Software [2012.11.26 22:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover [2012.11.26 22:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover [2012.11.26 22:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software [2012.11.26 22:05:05 | 012,311,184 | ---- | C] (Simply Super Software ) -- C:\Users\Pedro\Desktop\trjsetup685.exe [2012.11.26 21:49:44 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{D496D2DB-1571-48F6-89BF-780645F770A4} [2012.11.26 14:50:17 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\OpenOffice.org [2012.11.26 14:49:49 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1 [2012.11.26 14:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3 [2012.11.26 14:45:26 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\OpenOffice.org 3.4.1 (de) Installation Files [2012.11.26 11:07:15 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2012.11.26 11:07:14 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2012.11.26 11:07:14 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2012.11.26 11:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2012.11.26 11:06:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2012.11.26 11:06:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2012.11.26 08:36:04 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{2C8E5549-F21C-4F1D-A850-8061570172C9} [2012.11.22 21:46:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{DB2904CC-DE55-44CA-A8D9-5794A21F1CCB} [2012.11.21 11:51:05 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\Modul133 [2012.11.21 08:41:27 | 000,000,000 | ---D | C] -- C:\Users\Pedro\VirtualBox VMs [2012.11.21 08:40:54 | 000,000,000 | ---D | C] -- C:\Users\Pedro\.VirtualBox [2012.11.21 08:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox [2012.11.21 08:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle [2012.11.20 13:26:51 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\IsolatedStorage [2012.11.20 13:26:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\VisualAssist [2012.11.20 13:26:39 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\VisualAssist [2012.11.20 13:25:48 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Atmel [2012.11.20 13:11:02 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{B22282B2-21C7-4D89-A184-205AAE79F537} [2012.11.19 15:00:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2012.11.19 15:00:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2012.11.19 15:00:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2012.11.19 15:00:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2012.11.19 15:00:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2012.11.19 15:00:33 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2012.11.19 15:00:33 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2012.11.19 15:00:33 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2012.11.19 15:00:33 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2012.11.19 15:00:33 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2012.11.19 15:00:33 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2012.11.19 15:00:33 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2012.11.19 15:00:33 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2012.11.19 15:00:33 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2012.11.19 15:00:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2012.11.19 15:00:33 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2012.11.19 15:00:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2012.11.19 15:00:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2012.11.19 15:00:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2012.11.19 15:00:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2012.11.19 15:00:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2012.11.19 15:00:32 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2012.11.19 15:00:32 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2012.11.19 15:00:32 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2012.11.19 15:00:06 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2012.11.19 15:00:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll [2012.11.19 08:36:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{0C80862A-75A0-4322-A9C7-27E3939858EB} [2012.11.18 17:51:04 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys [2012.11.18 17:51:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll [2012.11.18 17:50:20 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2012.11.18 17:50:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2012.11.18 17:50:19 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2012.11.18 17:50:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2012.11.18 17:50:19 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2012.11.18 17:50:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2012.11.18 17:50:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2012.11.18 17:50:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2012.11.18 17:50:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2012.11.18 17:50:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2012.11.18 17:50:18 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2012.11.18 17:50:18 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2012.11.18 17:50:17 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2012.11.18 17:50:17 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2012.11.18 17:50:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2012.11.18 17:46:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll [2012.11.18 17:46:39 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll [2012.11.18 17:46:39 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe [2012.11.18 17:46:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll [2012.11.18 17:42:56 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{639ED4AC-378A-4372-95B0-272D63413B01} [2012.11.16 14:29:52 | 000,000,000 | ---D | C] -- C:\dc95167fde2d2a47b97053cc05 [2012.11.16 13:00:00 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\Utopia_NewPage [2012.11.16 09:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM [2012.11.16 09:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6 [2012.11.16 09:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe [2012.11.16 09:15:17 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll [2012.11.16 09:15:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll [2012.11.16 09:15:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll [2012.11.16 09:15:07 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll [2012.11.16 09:15:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll [2012.11.16 09:14:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll [2012.11.16 09:14:55 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll [2012.11.16 09:14:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll [2012.11.16 09:14:54 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll [2012.11.16 09:14:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll [2012.11.16 09:14:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll [2012.11.16 09:07:59 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{CB1C38D0-8906-4E24-9C6D-CA52494984D7} [2012.11.14 08:38:21 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{3493DFB6-F854-4722-8B4E-9CEC8F16A722} [2012.11.13 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Atmel Studio [2012.11.13 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\Atmel [2012.11.13 13:40:57 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\Atmel [2012.11.13 13:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atmel [2012.11.13 13:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2012.11.13 13:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\Seggger [2012.11.13 13:37:21 | 000,260,608 | ---- | C] (Jungo) -- C:\Windows\SysNative\drivers\windrvr6.sys [2012.11.13 13:37:21 | 000,157,184 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1001.dll [2012.11.13 13:37:21 | 000,143,360 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1010.dll [2012.11.13 13:37:21 | 000,143,360 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1002.dll [2012.11.13 13:37:21 | 000,141,824 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi811.dll [2012.11.13 13:37:21 | 000,110,592 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi921.dll [2012.11.13 13:37:21 | 000,110,592 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1011.dll [2012.11.13 13:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atmel [2012.11.13 13:34:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033 [2012.11.13 13:08:07 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{07E772ED-5AD8-41D1-9E98-AD591A75C803} [2012.11.12 20:36:04 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{550C8DA7-2F4F-439C-B8C1-87083EAA3A56} [2012.11.12 08:35:40 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{011F6482-779A-48CA-BEA0-D8E3F95F70CA} [2012.11.07 09:41:53 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2012.11.07 09:36:19 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Unnamed Site 2 [2012.11.07 08:42:54 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{5D13B78F-DF42-4EB5-BBBC-CE3642CF14AA} [2012.11.05 08:35:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{A3EBEFC3-3FAF-456A-BB9D-DA957F9FAF2B} [2012.11.04 22:36:07 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{E05B6EAE-F2D3-4F63-9F57-C79F61075FA9} [2012.11.02 08:53:00 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\htdocs [2012.11.02 08:37:24 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{24BFE8B9-D98E-4BBA-BE03-EEF2F4EA4040} [2012.10.31 08:36:33 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{0963E3C3-CE08-4168-B8D9-23AC49D4F551} [2012.10.30 14:04:10 | 000,000,000 | ---D | C] -- C:\meineDokumente [2012.10.30 14:02:52 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Application Data [2012.10.30 13:06:48 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{48C39C0A-70B2-4C6E-BCB3-F5B88A8E1C4E} [3 C:\Users\Pedro\Desktop\*.tmp files -> C:\Users\Pedro\Desktop\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2012.11.26 23:53:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2012.11.26 23:47:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pedro\Desktop\OTL.exe [2012.11.26 23:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2012.11.26 23:27:52 | 002,095,024 | ---- | M] () -- C:\Users\Pedro\Desktop\SecurityTaskManager_Setup.exe [2012.11.26 22:53:16 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.11.26 22:53:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt [2012.11.26 22:39:00 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl [2012.11.26 22:37:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2012.11.26 22:37:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2012.11.26 22:36:39 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2012.11.26 22:36:39 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2012.11.26 22:36:39 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2012.11.26 22:36:39 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2012.11.26 22:36:39 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2012.11.26 22:29:46 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2012.11.26 22:29:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2012.11.26 22:25:11 | 000,006,396 | ---- | M] () -- C:\Users\Pedro\Desktop\0677.mpssvc.reg [2012.11.26 22:25:08 | 000,229,548 | ---- | M] () -- C:\Users\Pedro\Desktop\1055.BFE.reg [2012.11.26 22:06:45 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2012.11.26 22:05:48 | 012,311,184 | ---- | M] (Simply Super Software ) -- C:\Users\Pedro\Desktop\trjsetup685.exe [2012.11.26 18:37:06 | 005,073,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2012.11.26 14:56:14 | 000,013,588 | ---- | M] () -- C:\Users\Pedro\Desktop\Noten.ods [2012.11.26 14:50:38 | 000,001,201 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2012.11.26 14:49:49 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.11.26 14:40:25 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat [2012.11.26 11:48:32 | 000,095,232 | ---- | M] () -- C:\Users\Pedro\Desktop\1-3 Assoziation.pdf [2012.11.26 11:07:10 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.11.26 11:07:10 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.11.26 09:51:10 | 000,052,554 | ---- | M] () -- C:\Users\Pedro\Desktop\1-2 Identifikation von Assoziationen.pdf [2012.11.26 09:51:07 | 000,177,546 | ---- | M] () -- C:\Users\Pedro\Desktop\1-1 Assoziationen in Klassen und Objektdiagramm.pdf [2012.11.21 08:40:21 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.11.13 13:49:02 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Atmel Studio 6.0.lnk [2012.11.12 16:14:32 | 000,056,157 | ---- | M] () -- C:\Users\Pedro\Desktop\foto.jpg [2012.11.09 14:31:06 | 000,004,679 | ---- | M] () -- C:\Users\Pedro\Desktop\struktogram [2012.11.09 13:55:38 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2012.11.02 11:19:08 | 000,000,132 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\Adobe GIF Format CS6 Prefs [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys [2012.10.30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2012.10.30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe [2012.10.30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2012.10.28 20:35:39 | 000,001,052 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk [3 C:\Users\Pedro\Desktop\*.tmp files -> C:\Users\Pedro\Desktop\*.tmp -> ] [2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2012.11.26 23:27:51 | 002,095,024 | ---- | C] () -- C:\Users\Pedro\Desktop\SecurityTaskManager_Setup.exe [2012.11.26 22:53:16 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2012.11.26 22:53:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt [2012.11.26 22:39:00 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl [2012.11.26 22:25:11 | 000,006,396 | ---- | C] () -- C:\Users\Pedro\Desktop\0677.mpssvc.reg [2012.11.26 22:25:07 | 000,229,548 | ---- | C] () -- C:\Users\Pedro\Desktop\1055.BFE.reg [2012.11.26 22:06:45 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk [2012.11.26 14:56:10 | 000,013,588 | ---- | C] () -- C:\Users\Pedro\Desktop\Noten.ods [2012.11.26 14:50:38 | 000,001,201 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2012.11.26 14:49:49 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk [2012.11.26 14:40:25 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat [2012.11.26 11:48:31 | 000,095,232 | ---- | C] () -- C:\Users\Pedro\Desktop\1-3 Assoziation.pdf [2012.11.26 11:07:10 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2012.11.26 11:07:10 | 000,002,155 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2012.11.26 11:07:08 | 000,002,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2012.11.26 09:51:10 | 000,052,554 | ---- | C] () -- C:\Users\Pedro\Desktop\1-2 Identifikation von Assoziationen.pdf [2012.11.26 09:51:05 | 000,177,546 | ---- | C] () -- C:\Users\Pedro\Desktop\1-1 Assoziationen in Klassen und Objektdiagramm.pdf [2012.11.21 08:40:21 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk [2012.11.18 17:51:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf [2012.11.18 17:46:39 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf [2012.11.13 13:49:02 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Atmel Studio 6.0.lnk [2012.11.12 16:14:24 | 000,056,157 | ---- | C] () -- C:\Users\Pedro\Desktop\foto.jpg [2012.11.09 14:31:06 | 000,004,679 | ---- | C] () -- C:\Users\Pedro\Desktop\struktogram [2012.11.02 11:19:08 | 000,000,132 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Adobe GIF Format CS6 Prefs [2012.08.19 19:32:05 | 000,000,149 | ---- | C] () -- C:\Windows\wininit.ini [2012.03.31 23:43:25 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll [2012.03.31 23:34:30 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI [2012.01.22 14:16:15 | 000,008,250 | ---- | C] () -- C:\ProgramData\22cd857d [2012.01.22 14:16:15 | 000,008,160 | ---- | C] () -- C:\Users\Pedro\AppData\Local\b19b6c06 [2012.01.22 14:16:15 | 000,008,156 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\373c2854 [2012.01.22 13:55:07 | 000,000,068 | ---- | C] () -- C:\Windows\spwdrag.INI [2011.07.31 11:46:43 | 019,595,016 | ---- | C] () -- C:\Program Files (x86)\Vodafone Mobile Broadband.msi [2011.07.31 11:46:43 | 000,087,552 | ---- | C] () -- C:\Program Files (x86)\1031.MST [2011.04.19 20:04:05 | 001,601,058 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2011.03.21 19:59:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2011.03.15 14:07:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin [2011.01.20 08:48:29 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2010.06.21 17:05:34 | 000,157,470 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 ========== ZeroAccess Check ========== [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2012.10.13 19:21:37 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\.minecraft [2012.09.17 22:24:51 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\.purple [2012.11.13 13:41:10 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Atmel [2012.03.31 22:28:33 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Atzoyr [2011.04.25 00:59:33 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Autodesk [2012.04.24 00:45:14 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\calibre [2012.11.07 09:41:53 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.07.25 20:32:51 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Codemasters [2012.09.28 10:05:20 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\CoffeeCup Software [2012.07.08 14:15:19 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\DAEMON Tools Lite [2011.09.26 20:45:06 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Dev-Cpp [2012.11.26 15:20:01 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\DVDVideoSoft [2011.06.10 20:44:55 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\FileZilla [2012.04.30 00:47:54 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Firestorm [2011.09.13 20:48:24 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\GetRightToGo [2012.04.12 12:30:53 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Miuqeq [2012.02.28 23:37:03 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\MonoDevelop-Unity [2012.08.18 16:43:59 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\MySQL [2012.03.31 22:28:33 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Mytuif [2012.09.28 09:53:13 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Notepad++ [2012.11.26 14:50:17 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\OpenOffice.org [2011.04.19 18:35:15 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\PACE Anti-Piracy [2012.08.28 14:56:27 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\PapDesigner [2012.06.15 14:03:30 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Peitqe [2012.09.14 10:54:48 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\poclbm [2012.09.17 20:05:59 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\QIP [2012.04.01 20:59:29 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Reivga [2011.07.31 13:52:40 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\SecondLife [2012.11.26 22:06:46 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Simply Super Software [2012.03.20 22:15:46 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Spacejock Software [2012.07.25 21:17:19 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Subversion [2011.09.13 19:26:57 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\SYSTEMAX Software Development [2012.11.26 22:31:41 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\TeamViewer [2012.09.17 20:02:21 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Trillian [2011.10.02 14:46:16 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\TS3Client [2012.11.26 11:06:48 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\TuneUp Software [2012.02.28 23:52:36 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Unity [2012.11.26 11:13:46 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\uTorrent [2012.11.26 18:42:25 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\VisualAssist [2011.07.31 11:45:30 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Vodafone [2011.11.09 17:05:14 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Wacom [2011.11.09 17:05:16 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1 [2012.04.28 00:11:13 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Wizards of the Coast [2012.03.31 22:28:16 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Yqof ========== Purity Check ========== ========== Files - Unicode (All) ========== [2011.11.01 22:15:11 | 000,000,162 | -H-- | M] ()(C:\Users\Pedro\Desktop\~$ Souru ????.docx) -- C:\Users\Pedro\Desktop\~$ Souru 目ソウル.docx [2011.11.01 22:15:11 | 000,000,162 | -H-- | C] ()(C:\Users\Pedro\Desktop\~$ Souru ????.docx) -- C:\Users\Pedro\Desktop\~$ Souru 目ソウル.docx ========== Alternate Data Streams ========== @Alternate Data Stream - 1270 bytes -> C:\Users\Pedro\AppData\Local\Temp:7SzMZQJtSgiDCV0XbfqdU @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BB3474D7 @Alternate Data Stream - 1100 bytes -> C:\Users\Pedro\AppData\Local\D9WerUXzig3ut:ePnjmHDRivyZ7LCM8hruaoSex @Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2 < End of report > |
|
27.11.2012, 11:57
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Virus auf mein Schullaptop Hallo und
__________________ Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Schon irgendwelche Scans mit anderen Tools gemacht? Log mit Funden da? Siehe => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!
__________________ |
|
28.11.2012, 21:29
| #3 |
| | Virus auf mein Schullaptop Hier mal noch die Malwarebytes log.
__________________Hat jedoch nichts gefunden. Code:
ATTFilter Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Database version: v2012.11.28.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Pedro :: PEDRO-PC [administrator] 28.11.2012 18:45:50 mbam-log-2012-11-28 (18-45-50).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 550738 Time elapsed: 2 hour(s), 19 minute(s), Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) |
|
29.11.2012, 10:59
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus auf mein Schullaptop Was hast du hierdran eigentlich nicht verstanden? Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.11.2012, 13:36
| #5 | |
| | Virus auf mein SchullaptopZitat:
Noch dazu hatte ich keinen scan durchgeführt. Da ich leider mit avira keine scans, windows updates oder anderes machen kann. Ich kann nicht mal mein Microsoft Office deinstaller oder etwa starten. Nicht zu vergessen muss ich ja zwischen durch sachen installieren und ändern. Da ich ja dieses Laptop in der Schule benutze. Geändert von Enigma120 (29.11.2012 um 13:42 Uhr) |
|
29.11.2012, 14:44
| #6 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus auf mein SchullaptopZitat:
 Während der Analyse hier machst du das bitte nicht! Und nochmal ein wenig konkreter bitte: warum eghst du von einem Virus aus, hattest du jetzt schonmal Meldungen über Schädlinge oder nicht?
__________________ --> Virus auf mein Schullaptop |
|
29.11.2012, 18:52
| #7 | |
| | Virus auf mein SchullaptopZitat:
Für weitere kommende Module muss ich ja weitere programme installieren. Nun wenn ich das nicht auf mein Host Pc darf dann mach ich das auf eine Virtual Machine. Wenn das in ordnung ist. Zu den schädlingen ist es so das ich keine meldung bekommen habe über schädlinge. Jedoch bemerke ich das jedesmal wenn ich mein Laptop anmache. Das er immer die gleichen 4 updates macht. Egal ob ich die nicht ausführe, die werde sowieso ausgeführt nachdem ich mein Laptop herunterfahre. Ich bermeke auch das Microsoft Office , sich nicht deinstallieren lässt, nicht starten lässt, nicht öffnen lässt, etc. Und noch ein anderes problem wo ich ganz am anfang hatte war. Ein anderes problem wo ich hatte jedoch gelöst wurde war, ich konnte meine Firewall nciht einschalten. Der gab mir immer einen fehler das es nicht ging und ich soll denn adminstrator fragen. Dies wurde dann behoben durch Firewall im diesnt zustarten. |
|
29.11.2012, 20:17
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus auf mein Schullaptop 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
29.11.2012, 22:13
| #9 |
| | Virus auf mein SchullaptopCode:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-29 22:18:22
-----------------------------
22:18:22.994 OS Version: Windows x64 6.1.7601 Service Pack 1
22:18:22.994 Number of processors: 4 586 0x2505
22:18:22.994 ComputerName: PEDRO-PC UserName: Pedro
22:18:23.694 Initialize success
22:18:29.454 AVAST engine defs: 12112900
22:19:16.318 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
22:19:16.318 Disk 0 Vendor: ST916041 D005 Size: 152627MB BusType: 3
22:19:16.380 Disk 0 MBR read successfully
22:19:16.380 Disk 0 MBR scan
22:19:16.396 Disk 0 Windows VISTA default MBR code
22:19:16.396 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
22:19:16.412 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
22:19:16.427 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 137587 MB offset 30800325
22:19:16.474 Disk 0 scanning C:\Windows\system32\drivers
22:19:36.543 Service scanning
22:20:04.557 Modules scanning
22:20:04.567 Disk 0 trace - called modules:
22:20:04.607 ntoskrnl.exe CLASSPNP.SYS disk.sys stdflt.sys iaStor.sys hal.dll
22:20:04.937 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004d12060]
22:20:04.947 3 CLASSPNP.SYS[fffff8800185a43f] -> nt!IofCallDriver -> [0xfffffa8004bd1ce0]
22:20:04.947 5 stdflt.sys[fffff88001b9da4a] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004a3f050]
22:20:04.957 Scan finished successfully
22:20:26.014 Disk 0 MBR has been saved successfully to "C:\Users\Pedro\Desktop\MBR.dat"
22:20:26.024 The log file has been saved successfully to "C:\Users\Pedro\Desktop\aswMBR.txt"
Geändert von Enigma120 (29.11.2012 um 22:21 Uhr) |
|
29.11.2012, 22:33
| #10 |
| | Virus auf mein Schullaptop Tut mir leid die datei hatte zu viele zeichen. Ich hoffe es macht nichts aus als anhang zuschicken. Anhang 47043 |
|
29.11.2012, 23:00
| #11 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Virus auf mein Schullaptop Dann bitte jetzt CF ausführen: ComboFix Ein Leitfaden und Tutorium zur Nutzung von ComboFix
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat! Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Virus auf mein Schullaptop |
| alienware, antivir, antivirus, autorun, avg, avira, bho, bonjour, enigma, error, firefox, flash player, hijack, hijackthis, home, homepage, installation, launch, logfile, mozilla, plug-in, safer networking, scan, senden, software, super, updates, virtualbox, virus, windows, windows updates, wlan |
Linear-Darstellung
