Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
OTL Auswertung wegen incredibar

OTL Auswertung wegen incredibar


Log-Analyse und Auswertung: OTL Auswertung wegen incredibar

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 11.01.2013, 18:25   #1
dersven
 
OTL Auswertung wegen incredibar - Standard

OTL Auswertung wegen incredibar


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 11.01.2013 17:56:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jasi\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 53,55% Memory free
3,50 Gb Paging File | 2,14 Gb Available in Paging File | 61,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,04 Gb Total Space | 60,03 Gb Free Space | 44,12% Space Free | Partition Type: NTFS
 
Computer Name: JASIS-PC | User Name: Jasi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.01.11 17:54:46 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jasi\Downloads\OTL.exe
PRC - [2012.12.22 16:58:11 | 002,612,336 | ---- | M] (Iminent) -- C:\Programme\Common Files\Umbrella\Umbrella.exe
PRC - [2012.12.22 16:55:45 | 000,969,104 | ---- | M] (BitTorrent, Inc.) -- C:\Programme\uTorrent\uTorrent.exe
PRC - [2012.12.12 13:53:32 | 001,074,376 | ---- | M] (Iminent) -- C:\Programme\Iminent\Iminent.exe
PRC - [2012.12.12 13:53:32 | 000,884,936 | ---- | M] (Iminent) -- C:\Programme\Iminent\Iminent.Messengers.exe
PRC - [2012.11.29 09:26:08 | 000,916,960 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2012.10.19 14:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe
PRC - [2012.10.15 11:58:24 | 002,844,608 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
PRC - [2012.10.15 11:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) -- C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
PRC - [2011.07.04 15:11:26 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Users\Jasi\Desktop\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.04.30 08:13:05 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Users\Jasi\Desktop\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.06 18:18:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Users\Jasi\Desktop\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Users\Jasi\Desktop\Avira\AntiVir Desktop\avshadow.exe
PRC - [2010.01.08 00:36:58 | 000,974,848 | ---- | M] (Spigot, Inc.) -- C:\Programme\Search Settings\SearchSettings.exe
PRC - [2010.01.07 23:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) -- C:\Programme\Application Updater\ApplicationUpdater.exe
PRC - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2009.07.14 02:14:47 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmplayer.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2007.09.13 12:29:42 | 002,468,312 | ---- | M] (Arcor AG & Co. KG) -- C:\Programme\ArcorOnline\AOButler.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.29 09:26:21 | 002,397,152 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2011.05.22 12:55:14 | 001,828,352 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web.Services\87e09dfbe3a44d6b00d3a5895f5a21a6\System.Web.Services.ni.dll
MOD - [2011.05.22 12:55:00 | 017,919,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\250b525aa8c17327216e102569c0d766\System.ServiceModel.ni.dll
MOD - [2011.05.22 12:54:24 | 001,065,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\9eac876f58a3ebca8878b8654efdc817\System.IdentityModel.ni.dll
MOD - [2011.05.22 12:52:25 | 000,145,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuratio#\aea1d325200e1a7b1ee7ec86fba33db4\System.Configuration.Install.ni.dll
MOD - [2011.05.22 12:51:52 | 000,784,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.ni.dll
MOD - [2011.05.22 12:51:52 | 000,230,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.EnterpriseSe#\8b6e9d6171aad3561263ce2cd05c57df\System.EnterpriseServices.Wrapper.dll
MOD - [2011.05.22 12:51:51 | 000,645,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\dd9dbf82e44454689976a49a9e4ddb6d\System.Transactions.ni.dll
MOD - [2011.05.22 12:51:50 | 001,011,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f3989d3e9cb8904e4edf23ede5adb6c1\System.Runtime.DurableInstancing.ni.dll
MOD - [2011.05.22 12:51:48 | 002,625,024 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\e9f8a45b1063d6c6a62718c88a5623d1\System.Runtime.Serialization.ni.dll
MOD - [2011.05.22 12:51:48 | 000,142,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\4d2a51c03b27e615ff9f1c430f2014ba\SMDiagnostics.ni.dll
MOD - [2011.05.22 12:51:43 | 001,776,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\035910922f160d304fb834aae41f45a6\System.Xaml.ni.dll
MOD - [2011.05.22 12:05:34 | 013,006,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\17e020ae92d7fab33bcc1c98b25019d0\System.Windows.Forms.ni.dll
MOD - [2011.05.22 12:05:13 | 001,651,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\dd57bc19f5807c6dbe8f88d4a23277f6\System.Drawing.ni.dll
MOD - [2011.05.22 12:05:03 | 006,754,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\92cccedc7cda413ff6fc6492cb256b58\System.Data.ni.dll
MOD - [2011.05.22 12:04:46 | 017,629,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7f91eecda3ff7ce478146b6458580c98\PresentationFramework.ni.dll
MOD - [2011.05.22 12:04:13 | 011,057,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\3963e9ce8d44f50e8367e92a8e3e42e6\PresentationCore.ni.dll
MOD - [2011.05.22 12:03:52 | 003,779,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\d17606e813f01376bd0def23726ecc62\WindowsBase.ni.dll
MOD - [2011.05.22 12:03:35 | 005,571,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e997d0200c25f7db6bd32313d50b729d\System.Xml.ni.dll
MOD - [2011.05.22 12:03:23 | 000,973,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ac18c2dcd06bd2a0589bac94ccae5716\System.Configuration.ni.dll
MOD - [2011.05.22 12:03:17 | 007,025,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\713647b987b140a17e3c4ffe4c721f85\System.Core.ni.dll
MOD - [2011.05.22 12:03:00 | 009,000,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\964da027ebca3b263a05cadb8eaa20a3\System.ni.dll
MOD - [2011.05.22 12:02:47 | 014,415,872 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\246f1a5abb686b9dcdf22d3505b08cea\mscorlib.ni.dll
MOD - [2010.03.25 19:58:43 | 001,728,512 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.42460__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010.03.25 19:58:43 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.03.25 19:58:43 | 000,290,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.42442__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:43 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.42461__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.03.25 19:58:43 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.42517__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:43 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.42450__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:43 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:43 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.42456__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.03.25 19:58:43 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:43 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.42451__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:43 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010.03.25 19:58:43 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010.03.25 19:58:43 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3693.42556__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010.03.25 19:58:43 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3693.42552__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,811,008 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.42488__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,712,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.42452__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.42512__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.03.25 19:58:42 | 000,364,544 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010.03.25 19:58:42 | 000,225,280 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.42462__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3693.42536__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,139,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.42537__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,126,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:42 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.42504__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.03.25 19:58:42 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:42 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.42503__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:42 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Runtime\2.0.3693.42499__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:42 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3693.42536__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.42466__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:42 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.42496__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:41 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:41 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3693.42498__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010.03.25 19:58:41 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.42486__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.42487__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.42497__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.03.25 19:58:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.03.25 19:58:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.03.25 19:58:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.03.25 19:58:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.03.25 19:58:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.03.25 19:58:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.03.25 19:58:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.03.25 19:58:41 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.03.25 19:58:40 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.03.25 19:58:40 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.03.25 19:58:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.03.25 19:58:40 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.03.25 19:58:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.03.25 19:58:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlay3.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.PowerPlay3.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2010.03.25 19:58:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.03.25 19:58:40 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.03.25 19:58:39 | 000,544,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.42525__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010.03.25 19:58:39 | 000,503,808 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.42564__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010.03.25 19:58:39 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.42455__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.03.25 19:58:39 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.42531__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.03.25 19:58:39 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.42530__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.03.25 19:58:39 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.03.25 19:58:39 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.42545__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.03.25 19:58:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.03.25 19:58:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.03.25 19:58:39 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.03.25 19:58:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.03.25 19:58:39 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2010.03.25 19:58:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.03.25 19:58:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.03.25 19:58:39 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.03.25 19:58:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.03.25 19:58:39 | 000,014,848 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2010.03.25 19:58:39 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2010.03.25 19:58:39 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.42437__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.03.25 19:58:38 | 001,142,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.42446__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.03.25 19:58:38 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.42440__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.03.25 19:58:38 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3693.42440__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2010.03.25 19:58:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3693.42439__90ba9c70f846762e\APM.Server.dll
MOD - [2010.03.25 19:58:38 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.42441__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.03.25 19:58:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.03.25 19:58:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3693.42438__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.03.25 19:58:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.03.25 19:58:38 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.03.25 19:58:38 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.42531__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010.03.25 19:58:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.03.25 19:58:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.03.15 10:28:22 | 000,141,824 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2009.11.24 13:36:36 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.07.14 09:47:13 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.07.14 09:47:12 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 09:47:12 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.07.14 05:43:36 | 011,804,160 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\3871fc2b96345aa6f3be81d9e3c97160\System.Web.ni.dll
MOD - [2009.07.14 05:43:30 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\4bdeb88758dccd625f4703ed77aaf348\System.Runtime.Remoting.ni.dll
MOD - [2009.07.14 05:43:04 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\fedf1ba58dced4f0b3f8c457648ceed9\System.Windows.Forms.ni.dll
MOD - [2009.07.14 05:42:57 | 001,586,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ead6be8b410d56b5576b10e56af2c180\System.Drawing.ni.dll
MOD - [2009.07.14 05:42:55 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\003d2d74243cab7e412d36416bbf0a3d\Accessibility.ni.dll
MOD - [2009.07.14 05:42:40 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5dd9f783008543df3e642ff1e99de4e8\System.Xml.ni.dll
MOD - [2009.07.14 05:42:37 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4b1350e31ff09cc583b34854816d8036\System.Configuration.ni.dll
MOD - [2009.07.14 05:42:36 | 007,949,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5ba3bf5367fc012300c6566f20cb7f54\System.ni.dll
MOD - [2009.07.14 05:42:30 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8c1770d45c63cf5c462eeb945ef9aa5d\mscorlib.ni.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.12.22 16:58:11 | 002,612,336 | ---- | M] (Iminent) [Auto | Running] -- C:\Programme\Common Files\Umbrella\Umbrella.exe -- (SProtection)
SRV - [2012.12.22 15:06:25 | 001,948,160 | ---- | M] () [Auto | Stopped] -- C:\Programme\Freetec\SystemStore\SystemStore.exe -- (SystemStoreService)
SRV - [2012.12.03 19:38:07 | 005,663,232 | ---- | M] () [Auto | Stopped] -- C:\Programme\Freetec\SystemStore\SelfUpdate.exe -- (SelfUpdateService)
SRV - [2012.11.29 09:26:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.19 14:51:08 | 000,395,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Programme\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)
SRV - [2012.10.15 11:58:22 | 000,779,200 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Programme\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe -- (Kodak AiO Status Monitor Service)
SRV - [2012.09.26 16:59:56 | 005,686,272 | ---- | M] () [Auto | Stopped] -- C:\Programme\Freetec\SystemStore\Freemium.SelfUpdate.exe -- (FreemiumSelfUpdateService)
SRV - [2012.03.31 23:38:18 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2011.07.04 15:11:26 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Users\Jasi\Desktop\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.30 08:13:05 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Users\Jasi\Desktop\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.01.07 23:51:02 | 000,380,928 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Programme\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Jasi\AppData\Local\Temp\EagleNT.sys -- (EagleNT)
DRV - [2011.07.04 15:11:27 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.07.04 15:11:27 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.02.11 08:42:22 | 004,450,816 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.13 23:02:47 | 000,050,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.arcor.de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111585&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 1B D2 8D 46 CC CA 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\URLSearchHook: {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111583&searchtype=ds&babsrc=lnkry&q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{5DC83147-29D6-4AD6-9EA8-87D554ED395B}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=867034&p={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2851647
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.defaultthis.engineName: "BittorrentBar_DE Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2849855&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=867034"
FF - prefs.js..browser.search.selectedEngine: "Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111583&searchtype=hp&babsrc=lnkry"
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40incredibar.com:1.5.0
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.4
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.12
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: helperbar@helperbar.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
FF - prefs.js..keyword.URL: "hxxp://feed.helperbar.com/?publisher=OC&dpid=OC&co=DE&userid=4b22baef-4776-4cd5-8c99-122c612cc013&affid=111583&searchtype=ds&babsrc=lnkry&q="
FF - prefs.js..network.proxy.ftp: "208.68.37.137"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "208.68.37.137"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "208.68.37.137"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "208.68.37.137"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 1
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.11 17:14:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.05.08 18:14:40 | 000,000,000 | ---D | M]
 
[2010.03.25 19:24:59 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jasi\AppData\Roaming\mozilla\Extensions
[2013.01.11 17:22:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions
[2012.12.03 20:12:14 | 000,000,000 | ---D | M] (BittorrentBar_DE Community Toolbar) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions\{64ead72b-ffd4-4e01-aa3a-4c71665d73e4}
[2012.12.04 17:15:22 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.12.03 20:12:11 | 000,000,000 | ---D | M] (uTorrentBar_DE Community Toolbar) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2}
[2011.06.25 02:08:40 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions\engine@conduit.com
[2011.11.13 22:18:45 | 000,000,000 | ---D | M] (Facemoods) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions\ffxtlbr@Facemoods.com
[2012.10.19 13:19:56 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions\ffxtlbr@incredibar.com
[2013.01.11 17:22:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jasi\AppData\Roaming\mozilla\Firefox\Profiles\y3x7dfjd.default\extensions\staged
[2012.12.04 17:15:19 | 000,183,174 | ---- | M] () (No name found) -- C:\Users\Jasi\AppData\Roaming\mozilla\firefox\profiles\y3x7dfjd.default\extensions\stealthyextension@gmail.com.xpi
[2012.12.03 20:11:59 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Jasi\AppData\Roaming\mozilla\firefox\profiles\y3x7dfjd.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.06.20 13:11:40 | 000,000,935 | ---- | M] () -- C:\Users\Jasi\AppData\Roaming\mozilla\firefox\profiles\y3x7dfjd.default\searchplugins\conduit.xml
[2012.11.06 16:20:40 | 000,002,455 | ---- | M] () -- C:\Users\Jasi\AppData\Roaming\mozilla\firefox\profiles\y3x7dfjd.default\searchplugins\Web Search.xml
[2013.01.11 17:14:14 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.11.29 09:26:57 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010.07.29 18:46:36 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.13 22:18:48 | 000,002,048 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (IMinent WebBooster (BHO)) - {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} - C:\Programme\Iminent\Iminent.WebBooster.InternetExplorer.dll (Iminent)
O2 - BHO: (SearchSettings Class) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Programme\Search Settings\SearchSettings.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {64EAD72B-FFD4-4E01-AA3A-4C71665D73E4} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [avgnt] C:\Users\Jasi\Desktop\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found
O4 - HKLM..\Run: [EKStatusMonitor] C:\Programme\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [Iminent] C:\Program Files\Iminent\Iminent.exe (Iminent)
O4 - HKLM..\Run: [IminentMessenger] C:\Programme\Iminent\Iminent.Messengers.exe (Iminent)
O4 - HKLM..\Run: [SearchSettings] C:\Programme\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil32_11_2_202_228_ActiveX.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CDD5BE2-F565-4F34-8FC0-3C1636E2FECF}: NameServer = 195.50.140.182 195.50.140.114
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E2F8FC66-D591-4BF5-91DF-4DC3F0C19873}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.11 17:14:15 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.12.22 16:57:32 | 000,000,000 | ---D | C] -- C:\Users\Jasi\AppData\Roaming\Iminent
[2012.12.22 16:57:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Iminent
[2012.12.22 16:56:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent
[2012.12.22 16:56:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Umbrella
[2012.12.22 16:56:37 | 000,000,000 | ---D | C] -- C:\Program Files\Iminent
[2012.12.22 16:55:45 | 000,000,000 | ---D | C] -- C:\Program Files\uTorrent
[2012.12.22 16:54:24 | 000,000,000 | ---D | C] -- C:\Users\Jasi\AppData\Roaming\uTorrent
[2010.06.18 21:34:37 | 000,010,752 | ---- | C] (Arcor Online GmbH) -- C:\Users\Jasi\AppData\Local\cmdial32.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.11 17:30:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.11 17:14:18 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.01.11 15:22:04 | 022,916,830 | ---- | M] () -- C:\Users\Jasi\Documents\vlc-2.0.5-win32.exe
[2013.01.11 15:17:07 | 000,000,022 | ---- | M] () -- C:\Users\Jasi\AppData\Local\cmdial32.ini
[2013.01.11 15:14:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.02 15:36:43 | 000,654,166 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.01.02 15:36:43 | 000,616,008 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.01.02 15:36:43 | 000,130,006 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.01.02 15:36:43 | 000,106,388 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.01.02 15:36:25 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.02 15:36:25 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.02 15:29:55 | 1407,799,296 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.22 16:57:23 | 000,000,596 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog
[2012.12.22 16:55:48 | 000,000,917 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.01.11 17:14:18 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.01.11 17:14:18 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.01.11 15:21:25 | 022,916,830 | ---- | C] () -- C:\Users\Jasi\Documents\vlc-2.0.5-win32.exe
[2012.12.22 16:57:05 | 000,000,596 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog
[2012.12.22 16:55:48 | 000,000,917 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2011.07.19 04:08:43 | 000,000,022 | ---- | C] () -- C:\Users\Jasi\AppData\Local\cmdial32.ini
[2010.04.12 14:49:40 | 000,000,410 | RHS- | C] () -- C:\ProgramData\ntuser.pol
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 02:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
--- --- ---
OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 11.01.2013 17:56:15 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jasi\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,75 Gb Total Physical Memory | 0,94 Gb Available Physical Memory | 53,55% Memory free
3,50 Gb Paging File | 2,14 Gb Available in Paging File | 61,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 136,04 Gb Total Space | 60,03 Gb Free Space | 44,12% Space Free | Partition Type: NTFS
 
Computer Name: JASIS-PC | User Name: Jasi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07118298-11A9-4BB8-9DAB-90498800F857}" = rport=137 | protocol=17 | dir=out | app=system | 
"{093BFDC7-8DA7-45FA-9F82-1AAAD6696BAF}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{10CE9E21-5DD4-4803-8CD8-1B7DE38C7E53}" = lport=138 | protocol=17 | dir=in | app=system | 
"{162D3965-410C-45C6-B338-F535C4765CED}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{19B6A593-CDCE-4DC9-87F5-53EC41F2784D}" = lport=139 | protocol=6 | dir=in | app=system | 
"{19C24ACD-53FC-42FA-8FBA-8282EF0A68D0}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{2A149CA7-9170-4BF1-B5BA-F2E824C0F385}" = rport=139 | protocol=6 | dir=out | app=system | 
"{2C9DFF7D-1871-4D8B-8A69-C432EF69C1F5}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3269FAFC-B580-4460-953E-CDADD097B84C}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{38003652-E65F-4A63-95AA-AF07FD44E69C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4B9D2E88-FE49-4F18-80B1-4CDEA5880BB8}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{649FCFBF-CB4C-4325-B1FD-E064A904D6AC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7B442B90-B1FB-4E28-8E4D-F0BFDF6B00DD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{80512B35-6D09-4347-BF2F-F5231C35AD00}" = lport=9322 | protocol=6 | dir=in | name=ekdiscovery | 
"{81A7ACC9-2C59-4ACE-830C-A602B4A9B63F}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{9A3B9F39-819A-4A3B-94C2-40701E397D48}" = lport=5353 | protocol=17 | dir=in | name=bonjour port 5353 | 
"{9B9C7B77-03FC-41A0-90DB-1CC66ADECC02}" = lport=137 | protocol=17 | dir=in | app=system | 
"{CF71FDC4-3F0E-46C2-B0EA-8B5049061F09}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D7247807-2E57-41FB-A049-28DE97B541F5}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{DA75F5C1-98E2-4247-B2DC-D6C3BE8CE135}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DBB665C0-4BF3-428C-B6FA-6FCB4980EAB8}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{E42021D7-1C04-4E77-BB7B-AE8198BB6E66}" = lport=445 | protocol=6 | dir=in | app=system | 
"{E84D335F-E641-4D03-9528-5DECAAA5E1D8}" = rport=445 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04A606AB-6BCD-4EA4-A722-D13B039EFCCC}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe | 
"{0549DD42-0653-4F7A-AAA4-FD4CBF7123AE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{0BC82D29-3E52-449A-B2AB-0CA31ED074F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{11FEDA79-1317-4244-A4D1-838430EEC6A2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{1953E54E-DF6E-4CD3-B5F3-D70D4BBE491A}" = protocol=58 | dir=in | app=system | 
"{1F34CC6C-7C58-407C-BAEC-E55AF6BBFDB3}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{2A54BB83-63D6-463A-AA17-F0702A33B7CD}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{306EB8CA-1334-4F9E-84C3-826FB119991E}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe | 
"{35773AE9-4AEA-4017-B2C4-7F0C69C146F1}" = dir=in | app=c:\program files\iminent\iminent.messengers.exe | 
"{42BEBF63-9209-43C9-8283-FF29BF41C0CA}" = protocol=6 | dir=in | app=c:\programdata\kodak\installer\setup.exe | 
"{43611295-C543-46E6-A94E-5BD5265E6124}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{44ECD1C5-6785-4B1C-BC6E-FECF8E1B5457}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{568BC0C0-443E-4CC1-B75D-F68C48D99F59}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6A40560D-438C-4A89-9DD7-5128D5466226}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{80CCA8F3-57A6-436E-B2D3-51D080C7D979}" = dir=in | app=c:\program files\iminent\iminent.exe | 
"{8A719103-6860-4F67-AA57-25D57F31D2A9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{99884C51-0DCE-4A8A-BB52-FCE6CE5AF372}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{9A535EAE-080D-4A66-A826-7DC2067E03C5}" = protocol=17 | dir=in | app=c:\programdata\kodak\installer\setup.exe | 
"{A8D019EC-F41E-47B0-9953-027DBBFBAD76}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\firmware\kodakaioupdater.exe | 
"{ACAF3A30-21B5-4252-B7F8-0A728BFDC75A}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe | 
"{B86770DC-3926-4CB9-A5FF-17CCBB9EDEDE}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 
"{BB49728A-1723-4F96-AD2A-CA53603063BA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CCF58083-E027-470E-9268-A04627B232AA}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\kodak.statistics.exe | 
"{D06F6757-078A-4600-AA54-1AA8919C8C4B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{DDFD65BD-16FA-44FA-A839-B3A10608738F}" = protocol=6 | dir=out | app=system | 
"{EA8BFD29-C782-4F29-8D6D-A12D835F378F}" = protocol=6 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe | 
"{EC03E24F-D786-4BBB-B49B-0D5436A9ACF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EC0E8CBE-FD96-4B7C-8621-F6A487538E46}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F0ECAAEB-BECC-4B63-82EA-330F516261CE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F490746A-A750-483E-88FA-66A5D3173FE0}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\networkprinterdiscovery.exe | 
"{F7B213A1-7D7F-41E2-906A-BBAD429A1DE0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FF9A4896-4FE5-4E61-B989-EF514C521C13}" = protocol=17 | dir=in | app=c:\program files\kodak\aio\center\aiohomecenter.exe | 
"TCP Query User{AB4B30B2-1B18-4D0B-908E-374C74F4A5AA}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"TCP Query User{B77A8A33-0526-4B4A-BFA6-6A2FFF88CA94}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{DCC60D07-DE6F-49F2-819F-C6AC7908477E}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
"TCP Query User{EC6A2A0C-6D72-4026-84DC-876C2D3FE703}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{128931D1-80F7-47FD-8DB1-50E51B2C5F6C}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe | 
"UDP Query User{31283BFD-0C58-4CDD-AB3D-DBB4DC4E0760}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{9F992C18-A2BE-4286-B719-837A08A43580}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe | 
"UDP Query User{E2584E89-DB5D-4BCD-B0FE-0F080F7DEE5B}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt
"{0FFAC7BB-50DC-CB54-6CA7-A8B74513280B}" = CCC Help Chinese Traditional
"{1C802083-6D79-78ED-BF1C-601DDF908DD1}" = Catalyst Control Center Core Implementation
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{262DA23B-4BAB-463F-B1DC-9B5287CAB5CA}}_is1" = Deinstallation der Arcor Online Software
"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20
"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer
"{282C4EAA-F162-F52F-7BAF-C7B50DAAA00A}" = ccc-utility
"{28728178-FF15-218B-0B63-012692F42C28}" = CCC Help Danish
"{2BE6CDFB-9037-4FE5-93D4-6CFB4BE84958}" = TubeBox
"{32851025-1E46-83A3-1320-471619254E39}" = Catalyst Control Center Localization All
"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40217B2F-462B-94A4-E84E-6A1C6EDBCE2F}" = CCC Help Swedish
"{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}" = ATI Catalyst Install Manager
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5343A801-92E5-C234-9F27-AB27EC738BF6}" = CCC Help Japanese
"{56BA241F-580C-43D2-8403-947241AAE633}" = center
"{58a26b11-1507-4461-bb28-9c2be3a0dff1}" = TubeBox
"{58BC9E49-2867-4153-A23F-6D62A3572599}" = Iminent
"{5ACAFB32-6336-4304-9766-B233ACEC0A8F}" = PC Camera E
"{5D22226D-EBC1-C95F-7746-2E3A9F4C97BA}" = CCC Help Russian
"{5F05C28D-DEA9-4AD6-A73A-064175988EAB}" = Search Settings v1.2.3
"{600C37F2-098B-A165-C1DB-6AE2B89D8D49}" = Catalyst Control Center Graphics Previews Common
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{61F8CA2C-9A80-8A1B-D3B9-347530CB387F}" = CCC Help Norwegian
"{674B407D-EAB1-B6B6-F9BF-C34CEE4CD83F}" = Catalyst Control Center Graphics Light
"{69F411C5-4851-6DA9-EA4C-160BEF8788AA}" = CCC Help French
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6DD27E54-2598-0FEC-7CE1-BE00924C0570}" = Catalyst Control Center Graphics Previews Vista
"{7C27114E-6FC8-21F5-E501-FE48F09243DF}" = CCC Help Dutch
"{80237C20-CBF3-F841-4AD5-E727AA86FBD1}" = CCC Help Italian
"{802EE127-D32A-1447-09DC-77419772BCDC}" = CCC Help Portuguese
"{836AFA32-7B8B-2C19-99D9-36EF32B42EB8}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D7133DE-27D2-47E5-B248-4180278D32AA}" = Catalyst Control Center - Branding
"{946942CB-D078-F33A-A3CD-27E0393507FD}" = CCC Help Turkish
"{9682B99B-BB28-AD37-CA50-C1CB5BFF0FA6}" = Catalyst Control Center Graphics Full New
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DBCF44B-77AC-81D8-0F8E-1E60D6330AC2}" = Catalyst Control Center InstallProxy
"{A02CC93A-134F-0319-1438-B1E895B52577}" = CCC Help German
"{A7E1ADB8-162B-7C33-60FB-0561A17BD876}" = CCC Help Spanish
"{A96EEF55-155C-552E-ABB1-6FDAEF5BD944}" = CCC Help Polish
"{AC76BA86-7AD7-1031-7B44-A93000000001}" = Adobe Reader 9.3.2 - Deutsch
"{ADB25FF0-AEC4-2CFB-130C-2C60D80C5934}" = CCC Help Greek
"{B04D5DA5-11DA-830C-85C6-0FF9185787E7}" = Skins
"{BB603E9F-ECE8-7713-B0AC-7E0614E8C058}" = Catalyst Control Center HydraVision Full
"{BE232D60-AEA5-502F-ACBF-9AC188A82C21}" = CCC Help Finnish
"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials
"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr
"{C15C4AB5-EF5D-5050-273C-4636E3FBE301}" = CCC Help Czech
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq
"{E09CD13D-7CE3-351C-1625-8DC7F21A99C0}" = ccc-core-static
"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software
"{E373E0E2-20F5-90DF-B315-615EA6E52101}" = Catalyst Control Center Graphics Full Existing
"{E6DA746E-1175-88BD-2B16-1DC62018E060}" = CCC Help Chinese Standard
"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr
"{F053BFD9-4357-6A82-6042-CF919667448F}" = CCC Help English
"{F17EB02C-DA0D-EDEF-2E16-501FB700A710}" = CCC Help Hungarian
"{F2471277-4C40-44B8-9A5D-D170F237673C}" = TubeBox
"{F5DDC0CD-F13A-83F0-5103-563A17EA306F}" = CCC Help Korean
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CCleaner" = CCleaner
"IMBoosterARP" = Iminent
"InstallShield_{5ACAFB32-6336-4304-9766-B233ACEC0A8F}" = PC Camera E
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"TubeBox 3.5.3" = TubeBox
"uTorrent" = µTorrent
"VLC media player" = VLC media player 1.0.5
"WinRAR archiver" = WinRAR
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 24.07.2011 08:00:44 | Computer Name = Jasis-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 24.07.2011 16:38:54 | Computer Name = Jasis-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 24.07.2011 16:39:19 | Computer Name = Jasis-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 24.07.2011 16:39:25 | Computer Name = Jasis-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 26.07.2011 04:52:45 | Computer Name = Jasis-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 26.07.2011 07:29:38 | Computer Name = Jasis-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 28.07.2011 05:48:22 | Computer Name = Jasis-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 01.08.2011 12:29:36 | Computer Name = Jasis-PC | Source = EventSystem | ID = 4621
Description = 
 
Error - 03.08.2011 04:34:03 | Computer Name = Jasis-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 04.08.2011 12:30:04 | Computer Name = Jasis-PC | Source = EventSystem | ID = 4621
Description = 
 
[ Media Center Events ]
Error - 06.07.2010 10:04:38 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 16:04:38 - Fehler beim Herstellen der Internetverbindung.  16:04:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 06.07.2010 10:04:47 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 16:04:43 - Fehler beim Herstellen der Internetverbindung.  16:04:43 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.07.2010 11:12:18 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 17:12:18 - Fehler beim Herstellen der Internetverbindung.  17:12:18 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.07.2010 11:12:32 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 17:12:23 - Fehler beim Herstellen der Internetverbindung.  17:12:23 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.07.2010 18:27:04 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 00:27:04 - Fehler beim Herstellen der Internetverbindung.  00:27:04 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.07.2010 18:27:17 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 00:27:09 - Fehler beim Herstellen der Internetverbindung.  00:27:09 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.07.2010 19:46:48 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 01:46:48 - Fehler beim Herstellen der Internetverbindung.  01:46:48 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 11.07.2010 19:46:59 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 01:46:53 - Fehler beim Herstellen der Internetverbindung.  01:46:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.07.2010 09:12:53 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 15:12:53 - Fehler beim Herstellen der Internetverbindung.  15:12:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 15.07.2010 09:13:02 | Computer Name = Jasis-PC | Source = MCUpdate | ID = 0
Description = 15:12:58 - Fehler beim Herstellen der Internetverbindung.  15:12:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 19.12.2012 03:10:24 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Freemium Self Update Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 19.12.2012 03:10:32 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "System Store Service" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 20.12.2012 09:02:01 | Computer Name = Jasis-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?19.?12.?2012 um 10:41:57 unerwartet heruntergefahren.
 
Error - 20.12.2012 09:02:00 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Avira AntiVir Guard" wurde nicht richtig gestartet.
 
Error - 20.12.2012 09:03:14 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Freemium Self Update Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 22.12.2012 10:01:02 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
Error - 22.12.2012 11:56:56 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7030
Description = Der Dienst "SProtection" ist als interaktiver Dienst gekennzeichnet.
 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich
 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
Error - 26.12.2012 05:52:51 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Freemium Self Update Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 26.12.2012 05:56:28 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Freemium Self Update Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 02.01.2013 10:32:33 | Computer Name = Jasis-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Freemium Self Update Service" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
 
< End of report >
--- --- ---
hoffe ihr könnt mir helfen hab von dem ganzen leider keine ahnung.

Alt 11.01.2013, 19:12   #2
t'john
/// Helfer-Team
 
OTL Auswertung wegen incredibar - Standard

OTL Auswertung wegen incredibar




Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Entpacke das Archiv auf deinem Desktop.
  • Im neu erstellten Ordner starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers


dann:


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).
__________________

__________________
Alt 03.03.2013, 11:50   #3
t'john
/// Helfer-Team
 
OTL Auswertung wegen incredibar - Standard

OTL Auswertung wegen incredibar


Fehlende Rückmeldung

Gibt es Probleme beim Abarbeiten obiger Anleitung?

Um Kapazitäten für andere Hilfesuchende freizumachen, lösche ich dieses Thema aus meinen Benachrichtigungen.

Solltest Du weitermachen wollen, schreibe mir eine PN oder eröffne ein neues Thema.
http://www.trojaner-board.de/69886-a...-beachten.html


Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner sauber ist.
__________________
__________________
Antwort

Themen zu OTL Auswertung wegen incredibar
antivir, antivir guard, autorun, avira, bho, bonjour, branding, defender, desktop, error, fehler, firefox, flash player, format, home, install.exe, logfile, mozilla, plug-in, port, registry, rundll, scan, security, software, sprotection, svchost.exe, udp, windows


« GUV Virus auf windows 7 | Generic host process for win32+ und kein ton mehr und graue Taskleiste »


Ähnliche Themen: OTL Auswertung wegen incredibar


  1. incredibar
    Log-Analyse und Auswertung - 26.03.2014 (12)
  2. incredibar
    Log-Analyse und Auswertung - 27.01.2013 (19)
  3. MyStart by IncrediBar.com
    Plagegeister aller Art und deren Bekämpfung - 21.12.2012 (9)
  4. Incredibar loswerden
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (35)
  5. IncrediBar
    Plagegeister aller Art und deren Bekämpfung - 06.12.2012 (7)
  6. Incredibar löschen
    Plagegeister aller Art und deren Bekämpfung - 30.11.2012 (1)
  7. mystart.incredibar.com
    Plagegeister aller Art und deren Bekämpfung - 11.11.2012 (13)
  8. Incredibar
    Plagegeister aller Art und deren Bekämpfung - 20.10.2012 (1)
  9. IncrediBar
    Plagegeister aller Art und deren Bekämpfung - 10.10.2012 (31)
  10. incredibar
    Plagegeister aller Art und deren Bekämpfung - 11.08.2012 (28)
  11. OTL Auswertung nach Hijackthis Online-Auswertung
    Log-Analyse und Auswertung - 11.11.2011 (3)
  12. Hijack Auswertung wegen akutem Verdacht
    Log-Analyse und Auswertung - 26.12.2010 (3)
  13. Bitte um Logfile-Auswertung wegen Schädlingsanzeichen
    Log-Analyse und Auswertung - 08.02.2009 (0)
  14. Bitte um Auswertung von HiJackThis wegen Verdacht auf Spyware
    Log-Analyse und Auswertung - 09.07.2008 (9)
  15. Bitte um Log-Auswertung wegen VirusProtect 3.8
    Log-Analyse und Auswertung - 11.12.2007 (1)
  16. HiJackThis Log-File - Suche auswertung wegen Virenverdacht
    Log-Analyse und Auswertung - 08.10.2007 (10)
  17. Brauche hilfe wegen auswertung meines Hijackthis
    Log-Analyse und Auswertung - 21.02.2005 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema OTL Auswertung wegen incredibar - OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 11.01.2013 17:56:15 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jasi\Downloads Ultimate Edition (Version = 6.1.7600) - OTL Auswertung wegen incredibar...
Archiv
Du betrachtest: OTL Auswertung wegen incredibar auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131