Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Virus auf mein Schullaptop

Virus auf mein Schullaptop


Log-Analyse und Auswertung: Virus auf mein Schullaptop

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 27.11.2012, 00:12   #1
Enigma120
 
Virus auf mein Schullaptop - Standard

Virus auf mein Schullaptop


Grüsse

Ich mache mommentan als Informatiker Applikations eine lehre. Ich benutze für meine arbeiten in der Schule meine eigenes Laptop. Seit ka. 1 Woche krieg ich Microsoft Office nicht auf. Also gar keine office applikation und kann auch keine windows updates machen.

Hier mal die OTL Logs.
Code:
ATTFilter
OTL logfile created on: 26.11.2012 23:50:52 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Pedro\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3,93 Gb Total Physical Memory | 1,78 Gb Available Physical Memory | 45,26% Memory free
7,85 Gb Paging File | 5,00 Gb Available in Paging File | 63,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 134,36 Gb Total Space | 25,40 Gb Free Space | 18,91% Space Free | Partition Type: NTFS
 
Computer Name: PEDRO-PC | User Name: Pedro | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Pedro\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - c:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Desktop.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
PRC - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
PRC - C:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
PRC - c:\xampp\mysql\bin\mysqld.exe ()
PRC - C:\ProgramData\DatacardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
PRC - C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\AlienRespawn\Toaster.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe ()
PRC - C:\Program Files (x86)\AlienRespawn\SftService.exe (SoftThinks SAS)
PRC - C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Programme\Alienware\Command Center\AlienFXHook32Mngr.exe (Alienware)
PRC - C:\Programme\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
PRC - C:\Programme\Alienware\Command Center\AlienFusionController.exe ()
PRC - C:\Programme\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
PRC - C:\Programme\Alienware\Command Center\AlienSense\FATrayAlert.exe (Sensible Vision )
PRC - C:\Programme\Alienware\Command Center\AlienSense\FAService.exe (Sensible Vision )
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\OSD\OSD.exe ()
PRC - C:\Program Files (x86)\OSD\OSD_Service.exe ()
PRC - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\66694f9192bd0dddc2eaf90fbcbcd555\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3a7eb7595728baf4078ec5f97b44180c\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\239d84cfdb9de9730c1efb43840ef2eb\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\17796f2951c17ebf92dd4b7c9b3ce556\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\409c27bc1e434bf90f0df3d7096613bd\System.Design.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4d7a457d9f9adcce4d201119b5179c29\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\3d4e9d4f6c945d6d3b7d423fdb6bd274\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\70705382a499703e7a595fada80b04e6\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\3079aabe5fd4f325656d52b94b19ae2e\System.Security.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Programme\TortoiseSVN\bin\libsasl32.dll ()
MOD - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\LightFX\1.0.92.0__bebb3c8816410241\LightFX.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienLabs.MasterIOBoard.Communication.Core\1.0.92.0__bebb3c8816410241\AlienLabs.MasterIOBoard.Communication.Core.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXModelResources\1.0.92.0__bebb3c8816410241\AlienwareAlienFXModelResources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienwareAlienFXTools\1.0.92.0__bebb3c8816410241\AlienwareAlienFXTools.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienLabsTools\1.0.92.0__bebb3c8816410241\AlienLabsTools.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\1.0.92.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x511\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x511.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x514\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x514.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x512\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x512.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x516\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x516.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x515\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x515.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.DeviceDiscovery\1.0.92.0__bebb3c8816410241\AlienFX.DeviceDiscovery.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.XPS\1.0.92.0__bebb3c8816410241\AlienFX.Communication.XPS.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.PID0x513\1.0.92.0__bebb3c8816410241\AlienFX.Communication.PID0x513.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication.Core\1.0.92.0__bebb3c8816410241\AlienFX.Communication.Core.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AlienFX.Communication\1.0.92.0__bebb3c8816410241\AlienFX.Communication.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\SftBRCCPiped.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe ()
MOD - C:\Program Files (x86)\AlienRespawn\zlib1.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\STRegistry.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\STPE.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\STNLS.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\STLog.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\STFiles.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\STBRCCServCLR.dll ()
MOD - C:\Program Files (x86)\AlienRespawn\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Programme\Alienware\Command Center\AlienFusionDomain.dll ()
MOD - C:\Programme\Alienware\Command Center\AlienFusionController.exe ()
MOD - C:\Windows\SysWOW64\FAIEExtension.dll ()
MOD - C:\Windows\SysWOW64\FAib.dll ()
MOD - C:\Windows\SysWOW64\FACrashRpt.dll ()
MOD - C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (TlntSvr) -- C:\Windows\SysNative\tlntsvr.exe (Microsoft Corporation)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (Apache2.2) -- c:\xampp\apache\bin\httpd.exe (Apache Software Foundation)
SRV - (mysql) -- c:\xampp\mysql\bin\mysqld.exe ()
SRV - (TabletServicePen) -- C:\Programme\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV - (TouchServicePen) -- C:\Programme\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (HWDeviceService64.exe) -- C:\ProgramData\DatacardService\HWDeviceService64.exe ()
SRV - (mi-raysat_3dsmax2012_64) -- C:\Programme\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe ()
SRV - (SftService) -- C:\Program Files (x86)\AlienRespawn\SftService.exe (SoftThinks SAS)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (AlienFusionService) -- C:\Programme\Alienware\Command Center\AlienFusionService.exe (Alienware)
SRV - (FAService) -- C:\Programme\Alienware\Command Center\AlienSense\FAService.exe (Sensible Vision )
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (HappyOSD) -- C:\Program Files (x86)\OSD\OSD_Service.exe ()
SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\STacSV64.exe (IDT, Inc.)
SRV - (InstallFilterService) -- C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe ()
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ec0230c23ac63514\AESTSr64.exe (Andrea Electronics Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (WinDriver6) -- C:\Windows\SysNative\drivers\windrvr6.sys (Jungo)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (wacommousefilter) -- C:\Windows\SysNative\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (wacomvhid) -- C:\Windows\SysNative\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ewusbmbb) -- C:\Windows\SysNative\drivers\ewusbwwan.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (massfilter) -- C:\Windows\SysNative\drivers\massfilter.sys (MBB Incorporated)
DRV:64bit: - (ZTEusbnet) -- C:\Windows\SysNative\drivers\ZTEusbnet.sys (ZTE Corporation)
DRV:64bit: - (ZTEusbvoice) -- C:\Windows\SysNative\drivers\zteusbvoice.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbser6k) -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbnmea) -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys (ZTE Incorporated)
DRV:64bit: - (ZTEusbmdm6k) -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys (ZTE Incorporated)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\drivers\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Acceler.sys (ST Microelectronics)
DRV:64bit: - (stdflt) -- C:\Windows\SysNative\drivers\stdflt.sys (ST Microelectronics)
DRV:64bit: - (NAL) -- C:\Windows\SysNative\drivers\iqvw64e.sys (Intel Corporation )
DRV:64bit: - (iSSetup) -- C:\Windows\SysNative\drivers\iSSetup.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (ioatdma2) -- C:\Windows\SysNative\drivers\qd262x64.sys (Intel Corporation)
DRV:64bit: - (ioatdma1) -- C:\Windows\SysNative\drivers\qd162x64.sys (Intel Corporation)
DRV:64bit: - (ioatdma) -- C:\Windows\SysNative\drivers\ioatdma.sys (Intel Corporation)
DRV:64bit: - (rixdpcie) -- C:\Windows\SysNative\drivers\rixdpe64.sys (REDC)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimspe64.sys (REDC)
DRV:64bit: - (risdpcie) -- C:\Windows\SysNative\drivers\risdpe64.sys (REDC)
DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC)
DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC)
DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (itecir) -- C:\Windows\SysNative\drivers\itecir.sys (ITE Tech. Inc. )
DRV:64bit: - (FACAP) -- C:\Windows\SysNative\drivers\facap.sys (Sensible Vision )
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (IAMTVE) -- C:\Windows\SysNative\drivers\IAMTVE.sys (Intel Corporation)
DRV:64bit: - (IAMTXPE) -- C:\Windows\SysNative\drivers\IAMTXPE.sys (Intel Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.alienware.com/
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://support.alienware.com [binary data]
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\URLSearchHook: {3a9262ef-45b5-46fc-b460-7053539c9176} - No CLSID value found
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - No CLSID value found
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\SearchScopes\{5F970FDE-702B-4ef9-920C-5F2848A5AF26}: "URL" = hxxp://www.astroburn-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..extensions.enabledAddons: translator@zoli.bod:2.1.0.3
FF - prefs.js..extensions.enabledAddons: {c840e246-6b95-475e-9bd7-caa1c7eca9f2}:3.16.0.3
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2851647&SearchSource=2&q="
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.26 22:52:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 10:01:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.07 10:01:15 | 000,000,000 | ---D | M]
 
[2012.01.24 17:54:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\Extensions
[2012.11.26 15:19:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\Firefox\Profiles\bn2f3v6h.default\extensions
[2012.11.07 09:17:49 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Pedro\AppData\Roaming\mozilla\Firefox\Profiles\bn2f3v6h.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2012.10.29 15:25:59 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\extensions\translator@zoli.bod.xpi
[2012.11.23 08:45:14 | 000,035,614 | ---- | M] () (No name found) -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2011.11.12 04:12:01 | 000,002,071 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\searchplugins\absearch-search.xml
[2011.10.02 13:34:48 | 000,001,699 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\mozilla\firefox\profiles\bn2f3v6h.default\searchplugins\thepiratebayh.xml
[2012.09.21 08:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.09.07 10:01:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.09.07 10:01:15 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.22 13:00:09 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.04 07:45:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.22 13:00:09 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.22 13:00:09 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.22 13:00:09 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.22 13:00:09 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\23.0.1271.64\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Pedro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: YouTube = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: uTorrentBar_DE = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc\2.3.18.20_0\
CHR - Extension: Google Mail = C:\Users\Pedro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012.11.26 23:50:09 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (SSOIEAddonBHO Class) - {DA5BCE70-D057-4D63-943D-5F3927EC59F1} - C:\Programme\Alienware\Command Center\AlienSense\FAIESSO.dll (Sensible Vision )
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - {EFEED92A-A33D-4873-BA8F-32BAA631E54D} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\Toolbar\WebBrowser: (no name) - {3A9262EF-45B5-46FC-B460-7053539C9176} - No CLSID value found.
O3 - HKU\S-1-5-21-3746303089-1198756832-2967279300-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: []  File not found
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AlienFX Controller] C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware Corporation)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe ()
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [FAStartup]  File not found
O4 - HKLM..\Run: [FATrayAlert] C:\Programme\Alienware\Command Center\AlienSense\FATrayMon.exe (Sensible Vision )
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [Integrated Webcam Live! Central] C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [MobileBroadband] C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
O4 - HKLM..\Run: [OSD_LAUNCH] c:\Program Files (x86)\OSD\Launch_OSD.exe (HH)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files (x86)\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 10.6.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{240F5B05-696B-4286-9472-F1E773697D60}: DhcpNameServer = 62.2.17.60 62.2.24.162 62.2.17.61 62.2.24.158
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91A35407-8911-4D97-A0C5-865D0FCBC409}: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FDCA9DAF-BEAC-4ED9-A7D8-C7E2B5650FC8}: DhcpNameServer = 212.18.160.133 212.18.160.134
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\FastAccess: DllName - (C:\Program Files\Alienware\Command Center\AlienSense\FALogNot.dll) - C:\Programme\Alienware\Command Center\AlienSense\FALogNot.dll ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.01.22 15:09:11 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{0a246a16-96c8-11e1-a32a-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{0a246a16-96c8-11e1-a32a-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{0e6f689f-afcf-11e0-ae5f-c0cb388dadfa}\Shell - "" = AutoRun
O33 - MountPoints2\{0e6f689f-afcf-11e0-ae5f-c0cb388dadfa}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{0e6f68aa-afcf-11e0-ae5f-842b2b83559c}\Shell - "" = AutoRun
O33 - MountPoints2\{0e6f68aa-afcf-11e0-ae5f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{0e6f68ca-afcf-11e0-ae5f-842b2b83559c}\Shell - "" = AutoRun
O33 - MountPoints2\{0e6f68ca-afcf-11e0-ae5f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{0e6f68cc-afcf-11e0-ae5f-842b2b83559c}\Shell - "" = AutoRun
O33 - MountPoints2\{0e6f68cc-afcf-11e0-ae5f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{11c4e2d7-bb61-11e0-884f-842b2b83559c}\Shell - "" = AutoRun
O33 - MountPoints2\{11c4e2d7-bb61-11e0-884f-842b2b83559c}\Shell\AutoRun\command - "" = F:\setup_vmb_lite.exe /checkApplicationPresence
O33 - MountPoints2\{235ea25d-b6d7-11e1-904e-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{235ea25d-b6d7-11e1-904e-005056c00008}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{6eba2c70-8c7c-11e1-bcec-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{6eba2c70-8c7c-11e1-bcec-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{6eba2c88-8c7c-11e1-bcec-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{6eba2c88-8c7c-11e1-bcec-005056c00008}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{6eba2c89-8c7c-11e1-bcec-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{6eba2c89-8c7c-11e1-bcec-005056c00008}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{9daa680a-eb7f-11e1-9ae3-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{9daa680a-eb7f-11e1-9ae3-005056c00008}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O33 - MountPoints2\{9e430bad-6cc2-11e0-8c2c-842b2b83559c}\Shell - "" = AutoRun
O33 - MountPoints2\{9e430bad-6cc2-11e0-8c2c-842b2b83559c}\Shell\AutoRun\command - "" = Autoplay.exe -auto
O33 - MountPoints2\{b141cd08-8eff-11e1-a455-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{b141cd08-8eff-11e1-a455-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{d53ef1b0-94a3-11e1-ba37-005056c00008}\Shell - "" = AutoRun
O33 - MountPoints2\{d53ef1b0-94a3-11e1-ba37-005056c00008}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Password.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.26 23:47:08 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Pedro\Desktop\OTL.exe
[2012.11.26 23:28:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2012.11.26 23:28:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2012.11.26 23:28:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2012.11.26 23:14:31 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\Microsoft_Corporation
[2012.11.26 22:59:37 | 000,000,000 | ---D | C] -- C:\MATS
[2012.11.26 22:53:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2012.11.26 22:53:15 | 000,370,288 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.11.26 22:53:15 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.11.26 22:53:11 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.11.26 22:53:10 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.11.26 22:53:09 | 000,984,144 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.11.26 22:53:05 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.11.26 22:53:05 | 000,071,600 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.11.26 22:52:42 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.11.26 22:52:41 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.11.26 22:52:29 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012.11.26 22:52:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012.11.26 22:06:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Simply Super Software
[2012.11.26 22:06:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\Simply Super Software
[2012.11.26 22:06:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2012.11.26 22:06:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trojan Remover
[2012.11.26 22:06:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2012.11.26 22:05:05 | 012,311,184 | ---- | C] (Simply Super Software                                       ) -- C:\Users\Pedro\Desktop\trjsetup685.exe
[2012.11.26 21:49:44 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{D496D2DB-1571-48F6-89BF-780645F770A4}
[2012.11.26 14:50:17 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\OpenOffice.org
[2012.11.26 14:49:49 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.11.26 14:48:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenOffice.org 3
[2012.11.26 14:45:26 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
[2012.11.26 11:07:15 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2012.11.26 11:07:14 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2012.11.26 11:07:14 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2012.11.26 11:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2012.11.26 11:06:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2012.11.26 11:06:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2012.11.26 08:36:04 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{2C8E5549-F21C-4F1D-A850-8061570172C9}
[2012.11.22 21:46:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{DB2904CC-DE55-44CA-A8D9-5794A21F1CCB}
[2012.11.21 11:51:05 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\Modul133
[2012.11.21 08:41:27 | 000,000,000 | ---D | C] -- C:\Users\Pedro\VirtualBox VMs
[2012.11.21 08:40:54 | 000,000,000 | ---D | C] -- C:\Users\Pedro\.VirtualBox
[2012.11.21 08:40:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.11.21 08:40:10 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.11.20 13:26:51 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\IsolatedStorage
[2012.11.20 13:26:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\VisualAssist
[2012.11.20 13:26:39 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\VisualAssist
[2012.11.20 13:25:48 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Atmel
[2012.11.20 13:11:02 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{B22282B2-21C7-4D89-A184-205AAE79F537}
[2012.11.19 15:00:35 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2012.11.19 15:00:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2012.11.19 15:00:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2012.11.19 15:00:34 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2012.11.19 15:00:34 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2012.11.19 15:00:33 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2012.11.19 15:00:33 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2012.11.19 15:00:33 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2012.11.19 15:00:33 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2012.11.19 15:00:33 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2012.11.19 15:00:33 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2012.11.19 15:00:33 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2012.11.19 15:00:33 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2012.11.19 15:00:33 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2012.11.19 15:00:33 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2012.11.19 15:00:33 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2012.11.19 15:00:33 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2012.11.19 15:00:33 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2012.11.19 15:00:33 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2012.11.19 15:00:33 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2012.11.19 15:00:33 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2012.11.19 15:00:32 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2012.11.19 15:00:32 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2012.11.19 15:00:32 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2012.11.19 15:00:06 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.11.19 15:00:06 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012.11.19 08:36:46 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{0C80862A-75A0-4322-A9C7-27E3939858EB}
[2012.11.18 17:51:04 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.18 17:51:04 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.18 17:50:20 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.18 17:50:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.18 17:50:19 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.18 17:50:19 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.18 17:50:19 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.18 17:50:19 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.18 17:50:19 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.18 17:50:19 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.18 17:50:19 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.18 17:50:19 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.18 17:50:18 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.18 17:50:18 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.18 17:50:17 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.18 17:50:17 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.18 17:50:17 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.18 17:46:40 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.18 17:46:39 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.18 17:46:39 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.18 17:46:39 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.18 17:42:56 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{639ED4AC-378A-4372-95B0-272D63413B01}
[2012.11.16 14:29:52 | 000,000,000 | ---D | C] -- C:\dc95167fde2d2a47b97053cc05
[2012.11.16 13:00:00 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\Utopia_NewPage
[2012.11.16 09:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ALM
[2012.11.16 09:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
[2012.11.16 09:30:38 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012.11.16 09:15:17 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.16 09:15:17 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.16 09:15:17 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.16 09:15:07 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.16 09:15:07 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.16 09:14:55 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.16 09:14:55 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.16 09:14:55 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.16 09:14:54 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.16 09:14:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.16 09:14:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.16 09:07:59 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{CB1C38D0-8906-4E24-9C6D-CA52494984D7}
[2012.11.14 08:38:21 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{3493DFB6-F854-4722-8B4E-9CEC8F16A722}
[2012.11.13 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Atmel Studio
[2012.11.13 13:41:10 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\Atmel
[2012.11.13 13:40:57 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\Atmel
[2012.11.13 13:40:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atmel
[2012.11.13 13:37:43 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012.11.13 13:37:41 | 000,000,000 | ---D | C] -- C:\Program Files\Seggger
[2012.11.13 13:37:21 | 000,260,608 | ---- | C] (Jungo) -- C:\Windows\SysNative\drivers\windrvr6.sys
[2012.11.13 13:37:21 | 000,157,184 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1001.dll
[2012.11.13 13:37:21 | 000,143,360 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1010.dll
[2012.11.13 13:37:21 | 000,143,360 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1002.dll
[2012.11.13 13:37:21 | 000,141,824 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi811.dll
[2012.11.13 13:37:21 | 000,110,592 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi921.dll
[2012.11.13 13:37:21 | 000,110,592 | ---- | C] (Jungo) -- C:\Windows\SysWow64\wdapi1011.dll
[2012.11.13 13:37:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atmel
[2012.11.13 13:34:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\1033
[2012.11.13 13:08:07 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{07E772ED-5AD8-41D1-9E98-AD591A75C803}
[2012.11.12 20:36:04 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{550C8DA7-2F4F-439C-B8C1-87083EAA3A56}
[2012.11.12 08:35:40 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{011F6482-779A-48CA-BEA0-D8E3F95F70CA}
[2012.11.07 09:41:53 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.11.07 09:36:19 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Documents\Unnamed Site 2
[2012.11.07 08:42:54 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{5D13B78F-DF42-4EB5-BBBC-CE3642CF14AA}
[2012.11.05 08:35:20 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{A3EBEFC3-3FAF-456A-BB9D-DA957F9FAF2B}
[2012.11.04 22:36:07 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{E05B6EAE-F2D3-4F63-9F57-C79F61075FA9}
[2012.11.02 08:53:00 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Desktop\htdocs
[2012.11.02 08:37:24 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{24BFE8B9-D98E-4BBA-BE03-EEF2F4EA4040}
[2012.10.31 08:36:33 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{0963E3C3-CE08-4168-B8D9-23AC49D4F551}
[2012.10.30 14:04:10 | 000,000,000 | ---D | C] -- C:\meineDokumente
[2012.10.30 14:02:52 | 000,000,000 | ---D | C] -- C:\Users\Pedro\Application Data
[2012.10.30 13:06:48 | 000,000,000 | ---D | C] -- C:\Users\Pedro\AppData\Local\{48C39C0A-70B2-4C6E-BCB3-F5B88A8E1C4E}
[3 C:\Users\Pedro\Desktop\*.tmp files -> C:\Users\Pedro\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.26 23:53:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.26 23:47:09 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Pedro\Desktop\OTL.exe
[2012.11.26 23:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.26 23:27:52 | 002,095,024 | ---- | M] () -- C:\Users\Pedro\Desktop\SecurityTaskManager_Setup.exe
[2012.11.26 22:53:16 | 000,001,960 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.26 22:53:05 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.11.26 22:39:00 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.11.26 22:37:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.26 22:37:26 | 000,014,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.26 22:36:39 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.26 22:36:39 | 000,697,082 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.26 22:36:39 | 000,652,360 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.26 22:36:39 | 000,148,346 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.26 22:36:39 | 000,121,292 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.26 22:29:46 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.26 22:29:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.26 22:25:11 | 000,006,396 | ---- | M] () -- C:\Users\Pedro\Desktop\0677.mpssvc.reg
[2012.11.26 22:25:08 | 000,229,548 | ---- | M] () -- C:\Users\Pedro\Desktop\1055.BFE.reg
[2012.11.26 22:06:45 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2012.11.26 22:05:48 | 012,311,184 | ---- | M] (Simply Super Software                                       ) -- C:\Users\Pedro\Desktop\trjsetup685.exe
[2012.11.26 18:37:06 | 005,073,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.26 14:56:14 | 000,013,588 | ---- | M] () -- C:\Users\Pedro\Desktop\Noten.ods
[2012.11.26 14:50:38 | 000,001,201 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.26 14:49:49 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.11.26 14:40:25 | 000,003,544 | ---- | M] () -- C:\bootsqm.dat
[2012.11.26 11:48:32 | 000,095,232 | ---- | M] () -- C:\Users\Pedro\Desktop\1-3 Assoziation.pdf
[2012.11.26 11:07:10 | 000,002,175 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.11.26 11:07:10 | 000,002,155 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.11.26 09:51:10 | 000,052,554 | ---- | M] () -- C:\Users\Pedro\Desktop\1-2 Identifikation von Assoziationen.pdf
[2012.11.26 09:51:07 | 000,177,546 | ---- | M] () -- C:\Users\Pedro\Desktop\1-1 Assoziationen in Klassen und Objektdiagramm.pdf
[2012.11.21 08:40:21 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.11.13 13:49:02 | 000,002,074 | ---- | M] () -- C:\Users\Public\Desktop\Atmel Studio 6.0.lnk
[2012.11.12 16:14:32 | 000,056,157 | ---- | M] () -- C:\Users\Pedro\Desktop\foto.jpg
[2012.11.09 14:31:06 | 000,004,679 | ---- | M] () -- C:\Users\Pedro\Desktop\struktogram
[2012.11.09 13:55:38 | 000,002,340 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.11.02 11:19:08 | 000,000,132 | ---- | M] () -- C:\Users\Pedro\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.10.30 23:51:07 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.10.30 23:50:59 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.10.30 23:50:30 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.10.28 20:35:39 | 000,001,052 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[3 C:\Users\Pedro\Desktop\*.tmp files -> C:\Users\Pedro\Desktop\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.26 23:27:51 | 002,095,024 | ---- | C] () -- C:\Users\Pedro\Desktop\SecurityTaskManager_Setup.exe
[2012.11.26 22:53:16 | 000,001,960 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2012.11.26 22:53:05 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt
[2012.11.26 22:39:00 | 000,065,536 | ---- | C] () -- C:\Windows\SysNative\Ikeext.etl
[2012.11.26 22:25:11 | 000,006,396 | ---- | C] () -- C:\Users\Pedro\Desktop\0677.mpssvc.reg
[2012.11.26 22:25:07 | 000,229,548 | ---- | C] () -- C:\Users\Pedro\Desktop\1055.BFE.reg
[2012.11.26 22:06:45 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Trojan Remover.lnk
[2012.11.26 14:56:10 | 000,013,588 | ---- | C] () -- C:\Users\Pedro\Desktop\Noten.ods
[2012.11.26 14:50:38 | 000,001,201 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.26 14:49:49 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.11.26 14:40:25 | 000,003,544 | ---- | C] () -- C:\bootsqm.dat
[2012.11.26 11:48:31 | 000,095,232 | ---- | C] () -- C:\Users\Pedro\Desktop\1-3 Assoziation.pdf
[2012.11.26 11:07:10 | 000,002,175 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2012.11.26 11:07:10 | 000,002,155 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2012.11.26 11:07:08 | 000,002,167 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2012.11.26 09:51:10 | 000,052,554 | ---- | C] () -- C:\Users\Pedro\Desktop\1-2 Identifikation von Assoziationen.pdf
[2012.11.26 09:51:05 | 000,177,546 | ---- | C] () -- C:\Users\Pedro\Desktop\1-1 Assoziationen in Klassen und Objektdiagramm.pdf
[2012.11.21 08:40:21 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.11.18 17:51:06 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.18 17:46:39 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.13 13:49:02 | 000,002,074 | ---- | C] () -- C:\Users\Public\Desktop\Atmel Studio 6.0.lnk
[2012.11.12 16:14:24 | 000,056,157 | ---- | C] () -- C:\Users\Pedro\Desktop\foto.jpg
[2012.11.09 14:31:06 | 000,004,679 | ---- | C] () -- C:\Users\Pedro\Desktop\struktogram
[2012.11.02 11:19:08 | 000,000,132 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\Adobe GIF Format CS6 Prefs
[2012.08.19 19:32:05 | 000,000,149 | ---- | C] () -- C:\Windows\wininit.ini
[2012.03.31 23:43:25 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2012.03.31 23:34:30 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2012.01.22 14:16:15 | 000,008,250 | ---- | C] () -- C:\ProgramData\22cd857d
[2012.01.22 14:16:15 | 000,008,160 | ---- | C] () -- C:\Users\Pedro\AppData\Local\b19b6c06
[2012.01.22 14:16:15 | 000,008,156 | ---- | C] () -- C:\Users\Pedro\AppData\Roaming\373c2854
[2012.01.22 13:55:07 | 000,000,068 | ---- | C] () -- C:\Windows\spwdrag.INI
[2011.07.31 11:46:43 | 019,595,016 | ---- | C] () -- C:\Program Files (x86)\Vodafone Mobile Broadband.msi
[2011.07.31 11:46:43 | 000,087,552 | ---- | C] () -- C:\Program Files (x86)\1031.MST
[2011.04.19 20:04:05 | 001,601,058 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.21 19:59:59 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.03.15 14:07:21 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.01.20 08:48:29 | 000,002,857 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.06.21 17:05:34 | 000,157,470 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.10.13 19:21:37 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\.minecraft
[2012.09.17 22:24:51 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\.purple
[2012.11.13 13:41:10 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Atmel
[2012.03.31 22:28:33 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Atzoyr
[2011.04.25 00:59:33 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Autodesk
[2012.04.24 00:45:14 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\calibre
[2012.11.07 09:41:53 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011.07.25 20:32:51 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Codemasters
[2012.09.28 10:05:20 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\CoffeeCup Software
[2012.07.08 14:15:19 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\DAEMON Tools Lite
[2011.09.26 20:45:06 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Dev-Cpp
[2012.11.26 15:20:01 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\DVDVideoSoft
[2011.06.10 20:44:55 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\FileZilla
[2012.04.30 00:47:54 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Firestorm
[2011.09.13 20:48:24 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\GetRightToGo
[2012.04.12 12:30:53 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Miuqeq
[2012.02.28 23:37:03 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\MonoDevelop-Unity
[2012.08.18 16:43:59 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\MySQL
[2012.03.31 22:28:33 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Mytuif
[2012.09.28 09:53:13 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Notepad++
[2012.11.26 14:50:17 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\OpenOffice.org
[2011.04.19 18:35:15 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\PACE Anti-Piracy
[2012.08.28 14:56:27 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\PapDesigner
[2012.06.15 14:03:30 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Peitqe
[2012.09.14 10:54:48 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\poclbm
[2012.09.17 20:05:59 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\QIP
[2012.04.01 20:59:29 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Reivga
[2011.07.31 13:52:40 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\SecondLife
[2012.11.26 22:06:46 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Simply Super Software
[2012.03.20 22:15:46 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Spacejock Software
[2012.07.25 21:17:19 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Subversion
[2011.09.13 19:26:57 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\SYSTEMAX Software Development
[2012.11.26 22:31:41 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\TeamViewer
[2012.09.17 20:02:21 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Trillian
[2011.10.02 14:46:16 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\TS3Client
[2012.11.26 11:06:48 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\TuneUp Software
[2012.02.28 23:52:36 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Unity
[2012.11.26 11:13:46 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\uTorrent
[2012.11.26 18:42:25 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\VisualAssist
[2011.07.31 11:45:30 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Vodafone
[2011.11.09 17:05:14 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Wacom
[2011.11.09 17:05:16 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2012.04.28 00:11:13 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Wizards of the Coast
[2012.03.31 22:28:16 | 000,000,000 | ---D | M] -- C:\Users\Pedro\AppData\Roaming\Yqof
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2011.11.01 22:15:11 | 000,000,162 | -H-- | M] ()(C:\Users\Pedro\Desktop\~$ Souru  ????.docx) -- C:\Users\Pedro\Desktop\~$ Souru  目ソウル.docx
[2011.11.01 22:15:11 | 000,000,162 | -H-- | C] ()(C:\Users\Pedro\Desktop\~$ Souru  ????.docx) -- C:\Users\Pedro\Desktop\~$ Souru  目ソウル.docx
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1270 bytes -> C:\Users\Pedro\AppData\Local\Temp:7SzMZQJtSgiDCV0XbfqdU
@Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:BB3474D7
@Alternate Data Stream - 1100 bytes -> C:\Users\Pedro\AppData\Local\D9WerUXzig3ut:ePnjmHDRivyZ7LCM8hruaoSex
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >

 

Themen zu Virus auf mein Schullaptop
alienware, antivir, antivirus, autorun, avg, avira, bho, bonjour, enigma, error, firefox, flash player, hijack, hijackthis, home, homepage, installation, launch, logfile, mozilla, plug-in, safer networking, scan, senden, software, super, updates, virtualbox, virus, windows, windows updates, wlan


« Telekombrief ZeuS/ZBot (Online-Banking-Trojaner) | Incredibar lässt sich nicht entfernen! »


Ähnliche Themen: Virus auf mein Schullaptop


  1. GVU BSI Virus hat mein Computer gesperrt
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (19)
  2. Mein Windows xp hat einen Virus
    Alles rund um Windows - 07.05.2012 (4)
  3. Der 50€ Virus blockiert mein Benutzerkonto
    Log-Analyse und Auswertung - 17.02.2012 (11)
  4. Mein Pc ist langsamer geworden ! Ein Virus ?
    Plagegeister aller Art und deren Bekämpfung - 31.10.2011 (2)
  5. Hi, mein cousin hat nen virus...
    Log-Analyse und Auswertung - 11.08.2011 (1)
  6. Ist mein Icq-Virus nach Formatierung weg?
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (10)
  7. Mein IE spinnt, ist das ein Virus oder was ist das?
    Plagegeister aller Art und deren Bekämpfung - 30.01.2010 (4)
  8. Mein Pc ist langsam. VIRUS ??
    Antiviren-, Firewall- und andere Schutzprogramme - 22.12.2009 (4)
  9. mein toller virus
    Plagegeister aller Art und deren Bekämpfung - 20.11.2009 (19)
  10. Stellt ein Virus mein Norton 360 aus?
    Plagegeister aller Art und deren Bekämpfung - 10.07.2008 (2)
  11. habe virus - mein logfile...
    Log-Analyse und Auswertung - 29.05.2008 (6)
  12. Mein eScan - Virus Log
    Mülltonne - 22.11.2006 (0)
  13. Hilfe, mein erster Virus.
    Plagegeister aller Art und deren Bekämpfung - 02.05.2006 (9)
  14. Mein Log.. MSN Virus?
    Log-Analyse und Auswertung - 12.10.2005 (4)
  15. Mein Escan virus log
    Log-Analyse und Auswertung - 07.10.2005 (4)
  16. Mein log...inklusive virus...?
    Log-Analyse und Auswertung - 14.02.2005 (12)
  17. mein erster virus
    Plagegeister aller Art und deren Bekämpfung - 15.04.2003 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Virus auf mein Schullaptop - Grüsse Ich mache mommentan als Informatiker Applikations eine lehre. Ich benutze für meine arbeiten in der Schule meine eigenes Laptop. Seit ka. 1 Woche krieg ich Microsoft Office nicht auf. - Virus auf mein Schullaptop...
Archiv
Du betrachtest: Virus auf mein Schullaptop auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131