| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Minianwendungen werden nicht mehr richtig angezeigtWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.03.2013, 18:43
| #16 |
| /// Malware-holic   |  Minianwendungen werden nicht mehr richtig angezeigt lade den CCleaner standard: CCleaner - Download - Filepony falls der CCleaner bereits instaliert, überspringen. öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen. hinter, jedes von dir benötigte programm, schreibe notwendig. hinter, jedes, von dir nicht benötigte, unnötig. hinter, dir unbekannte, unbekannt. liste posten.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.03.2013, 14:27
| #17 |
 | Minianwendungen werden nicht mehr richtig angezeigt wo muss ich das unnötig und nötig und unbekannt denn hinschreiben?
__________________ |
|
06.03.2013, 14:32
| #18 |
| /// Malware-holic | Minianwendungen werden nicht mehr richtig angezeigt hinter die Programme bzw versionsnummern
__________________
__________________ |
|
06.03.2013, 14:57
| #19 |
| | Minianwendungen werden nicht mehr richtig angezeigtCode:
ATTFilter 7-Zip 9.20 16.02.2013 notwendig Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 27.02.2013 6,00MB 11.6.602.171 notwendig Adobe Reader X (10.1.5) - Deutsch Adobe Systems Incorporated 09.01.2013 121MB 10.1.5 notwendig AMD Catalyst Install Manager Advanced Micro Devices, Inc. 27.09.2012 20,2MB 8.0.881.0 unbekannt Apple Application Support Apple Inc. 01.12.2012 65,0MB 2.3.2 unnötig (nicht deinstallierbar) Applian FLV and Media Player 3.1.1.12 Applian Technologies 28.12.2012 3.1.1.12 notwendig ArcSoft TotalMedia 3.5 ArcSoft 01.01.2013 3.5.28.388 notwendig AWFT (32-bit) Atelier Web 05.03.2013 690KB 5.0.0 unbekannt Bitdefender Internet Security 2013 Bitdefender 28.02.2013 16.26.0.1739 notwendig BitTorrent BitTorrent Inc. 25.02.2013 7.8.0.29112 notwendig CCleaner Piriform 25.02.2013 3.28 notwendig DriverEasy 4.4.2 Easeware 01.03.2013 7,15MB 4.4.2.0 notwendig DriverMax 6 Innovative Solutions 25.02.2013 15,9MB 6.41.0.363 notwendig DVB-T USB DEVICE Realtek 25.02.2013 1.00.0000 notwendig ESU for Microsoft Windows 7 Hewlett-Packard 27.09.2012 29,3MB 1.0.0 unbekannt Finale NotePad 2012 MakeMusic 26.10.2012 2012..r1.1 notwendig Free YouTube Download version 3.2.0.128 DVDVideoSoft Ltd. 24.02.2013 67,3MB 3.2.0.128 notwendig Freemake Video Converter Version 3.2.0 Ellora Assets Corporation 18.12.2012 53,8MB 3.2.0 notwendig FreeOCR v4.2 26.10.2012 36,9MB unbekannt Genesys USB Mass Storage Device Genesys Logic 25.02.2013 4.0.2.3 unbekannt Google Chrome Google Inc. 02.03.2013 25.0.1364.97 notwendig Google Drive Google, Inc. 16.02.2013 16,0MB 1.7.4018.3496 notwendig Google Earth Google 02.03.2013 173MB 7.0.3.8542 notwendig HP Quick Launch Hewlett-Packard Company 27.09.2012 7,24MB 2.7.2 unbekannt Intel(R) Management Engine Components Intel Corporation 04.03.2013 8.1.0.1252 unbekannt Intel(R) Processor Graphics Intel Corporation 04.03.2013 9.17.10.2932 unbekannt Intel(R) Rapid Storage Technology Intel Corporation 24.02.2013 11.7.0.1013 unbekannt Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel Corporation 04.03.2013 2.0.0.37149 unbekannt iTunes Apple Inc. 01.12.2012 187MB 11.0.0.163 unnötig (nicht deinstallierbar) Java 7 Update 15 Oracle 04.03.2013 129MB 7.0.150 notwendig Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 04.03.2013 18,4MB 1.70.0.1100 notwendig Microsoft .NET Framework 4 Client Profile Microsoft Corporation 17.11.2012 38,8MB 4.0.30319 unbekannt Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 05.01.2013 298KB 8.0.61001 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 21.01.2013 240KB 9.0.30729 unbekannt Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 14.10.2012 600KB 9.0.30729.6161 unbekannt Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 24.02.2013 16,5MB 10.0.40219 unbekannt Mozilla Firefox 19.0 (x86 de) Mozilla 02.03.2013 44,5MB 19.0 notwendig Mozilla Maintenance Service Mozilla 02.03.2013 330KB 19.0 unbekannt OpenOffice.org 3.4.1 Apache Software Foundation 20.10.2012 350MB 3.41.9593 notwendig Qualcomm Atheros WLAN and Bluetooth Client Installation Program Qualcomm Atheros 25.02.2013 11.31 notwendig REALTEK DTV USB DEVICE Realtek 01.01.2013 1.00.0000 notwendig Realtek Ethernet Controller Driver Realtek 24.02.2013 7.67.1226.2012 notwendig Realtek High Definition Audio Driver Realtek Semiconductor Corp. 24.02.2013 6.0.1.6804 notwendig Realtek PCIE Card Reader Realtek Semiconductor Corp. 24.02.2013 6.2.8400.28124 notwendig Realtek USB 2.0 Card Reader Realtek Semiconductor Corp. 24.02.2013 3.0.1.3 notwendig Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista Silicon Laboratories, Inc. 29.09.2012 4.40 unbekannt Skype™ 6.1 Skype Technologies S.A. 04.02.2013 20,8MB 6.1.129 notwendig Spybot - Search & Destroy Safer-Networking Ltd. 18.02.2013 135MB 2.0.12 notwendig Synaptics TouchPad Driver Synaptics Incorporated 27.02.2013 46,4MB 15.3.29.0 notwendig TOPP Vorlagen-Druckstudio (5156) frechverlag GmbH 29.09.2012 notwendig TuneUp Utilities 2013 TuneUp Software 12.02.2013 13.0.3020.2 notwendig WEB.DE MailCheck für Google Chrome 1&1 Mail & Media GmbH 05.02.2013 1.0.0.0 notwendig WEB.DE MailCheck für Internet Explorer 1&1 Mail & Media GmbH 04.03.2013 2.1.0.0 notwendig WEB.DE Softwareaktualisierung 1&1 Mail & Media GmbH 27.02.2013 3.0.0.1 notwendig WinPcap 4.1.2 CACE Technologies 18.12.2012 4.1.0.2001 unbekannt |
|
06.03.2013, 17:27
| #20 |
| /// Malware-holic | Minianwendungen werden nicht mehr richtig angezeigt deinstaliere: Adobe Flash Player alle Adobe - Adobe Flash Player installieren neueste version laden, instalieren. adobe reader: Adobe - Adobe Reader herunterladen - Alle Versionen haken bei mcafee security scan raus nehmen bitte auch mal den adobe reader wie folgt konfigurieren: adobe reader öffnen, bearbeiten, voreinstellungen. allgemein: nur zertifizierte zusatz module verwenden, anhaken. Sicherheit (erweitert) Erweiterte Sicherheit anhaken und alle Dateien auswählen. internet: hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc. es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht. bei javascript den haken bei java script verwenden raus nehmen bei updater, automatisch instalieren wählen. übernehmen /ok deinstaliere: Apple DriverMax DriverEasy instaliere driver lieber vom hersteller! FreeOCR iTunes Java downloade Java jre: Java-Downloads für alle Betriebssysteme klicke: Download der Java-Software für Windows Offline laden, und instalieren deinstaliere: Spybot : weg damit, ist nutzlos TuneUp : finger weg von tuning software, viele funktionen sind einfach nur sinnlos, einige könen dem PC schaden, und die meisten hat windows schon von haus aus WinPcap Öffne Ccleaner, analysieren, starten, PC neustarten wenn sich was nicht deinstalieren lässt nutze rewo: AdwCleaner auf deinen Desktop.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
06.03.2013, 20:38
| #21 | |
| | Minianwendungen werden nicht mehr richtig angezeigtZitat:
Auch mit Revo geht es nicht weg. entschuldigung es ließ sich über die regestry doch deinstallieren.  Code:
ATTFilter # AdwCleaner v2.114 - Datei am 06/03/2013 um 20:57:40 erstellt
# Aktualisiert am 05/03/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (32 bits)
# Benutzer : Info - ALEXANDER-HP630
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Info\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Désinfected : C:\Users\Info\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\22find.lnk
Datei Désinfected : C:\Users\Info\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Datei Désinfected : C:\Users\Info\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WEB.DE.lnk
Datei Désinfected : C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Datei Désinfected : C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WEB.DE.lnk
Ordner Gelöscht : C:\Program Files\Smart Driver Updater
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16521
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://www.22find.com/newtab?utm_source=b&utm_medium=mlv&from=mlv&uid=WDCXWD6400BPVT-00HXZT1_WD-WXD1EC0EL115EL115&ts=1362245663 --> hxxp://www.google.com
-\\ Mozilla Firefox v19.0 (de)
Datei : C:\Users\Info\AppData\Roaming\Mozilla\Firefox\Profiles\pqp2dpcc.default\prefs.js
C:\Users\Info\AppData\Roaming\Mozilla\Firefox\Profiles\pqp2dpcc.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.search.defaultenginename", "22find");
Gelöscht : user_pref("browser.search.order.1", "22find");
-\\ Google Chrome v25.0.1364.97
Datei : C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
-\\ Opera v [Version kann nicht ermittelt werden]
Datei : C:\Users\Info\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S12].txt - [12465 octets] - [27/02/2013 16:03:34]
AdwCleaner[S13].txt - [336 octets] - [28/02/2013 14:50:30]
AdwCleaner[S14].txt - [1378 octets] - [28/02/2013 14:50:52]
AdwCleaner[S15].txt - [2345 octets] - [06/03/2013 20:57:40]
########## EOF - C:\AdwCleaner[S15].txt - [2406 octets] ##########
|
|
07.03.2013, 21:44
| #22 |
| | Minianwendungen werden nicht mehr richtig angezeigt Hallo? ist noch jemand hier? |
|
08.03.2013, 19:28
| #23 |
| /// Malware-holic | Minianwendungen werden nicht mehr richtig angezeigt ist dir eigendlich bewusst das wir das in unserer Freizeit machen und das auch noch kostenlos? und du bist hier nicht der einzige. wenns dir nicht schnell genug geht, geh in ein PC geschäft und zahle für geleistete Arbeit... ansonsten warte bis du drann bist.... Hitman Pro - Download - Filepony laden, doppelklicken, lizenz, testlizenz Scan, nichts löschen, weiter, log als xml speichern und posten bzw packen und anhängen
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
09.03.2013, 14:55
| #24 |
| | Minianwendungen werden nicht mehr richtig angezeigt ich kann auf keine einzige filepony seite zugreifen. ständig wird die verbindung zum server unterbrochen oder die "webseite ist nicht verfügbar". |
|
11.03.2013, 17:33
| #25 |
| | Minianwendungen werden nicht mehr richtig angezeigtCode:
ATTFilter
|
|
12.03.2013, 20:13
| #26 |
| /// Malware-holic | Minianwendungen werden nicht mehr richtig angezeigt hi, funde von hitman löschen, neustarten, neues otl log bitte
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.03.2013, 15:02
| #27 |
| | Minianwendungen werden nicht mehr richtig angezeigtCode:
ATTFilter OTL logfile created on: 13.03.2013 14:46:56 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Info\Downloads Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16438) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,61 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 61,84% Memory free 5,21 Gb Paging File | 3,98 Gb Available in Paging File | 76,38% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 596,07 Gb Total Space | 508,30 Gb Free Space | 85,27% Space Free | Partition Type: NTFS Computer Name: ALEXANDER-HP630 | User Name: Info | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Info\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) PRC - C:\Programme\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) PRC - C:\Users\Info\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.) PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) PRC - C:\Programme\Google\Update\1.3.21.135\GoogleCrashHandler.exe (Google Inc.) PRC - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) PRC - C:\Programme\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) PRC - C:\Programme\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) PRC - C:\Programme\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) PRC - C:\Windows\System32\mfevtps.exe (McAfee, Inc.) PRC - C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) PRC - C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) PRC - C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) ========== Modules (No Company Name) ========== MOD - C:\Programme\Bitdefender\Bitdefender 2013\txmlutil.dll () MOD - C:\Programme\Spybot - Search & Destroy 2\snlThirdParty150.bpl () MOD - C:\Programme\Spybot - Search & Destroy 2\DEC150.bpl () MOD - C:\Programme\Bitdefender\Bitdefender 2013\bdmetrics.dll () ========== Services (SafeList) ========== SRV - (WatAdminSvc) -- C:\Windows\system32\Wat\WatAdminSvc.exe File not found SRV - (SDWSCService) -- C:\Program Files\Spybot File not found SRV - (SDUpdateService) -- C:\Program Files\Spybot File not found SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender) SRV - (cphs) -- C:\Windows\System32\IntelCpHeciSvc.exe (Intel Corporation) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (RtkAudioService) -- C:\Programme\Realtek\Audio\HDA\RTKAUDIOSERVICE.EXE (Realtek Semiconductor) SRV - (IAStorDataMgrSvc) -- C:\Programme\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) SRV - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) SRV - (mfevtp) -- C:\Windows\System32\mfevtps.exe (McAfee, Inc.) SRV - (IconMan_R) -- C:\Programme\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Realsil Microelectronics Inc.) SRV - (UNS) -- C:\Programme\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Programme\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (jhi_service) -- C:\Programme\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) SRV - (ICCS) -- C:\Programme\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) SRV - (HPWMISVC) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe (Hewlett-Packard Development Company, L.P.) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (AERTFilters) -- C:\Programme\Realtek\Audio\HDA\AERTSrv.exe (Andrea Electronics Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (ZTEusbser6k) -- system32\DRIVERS\ZTEusbser6k.sys File not found DRV - (ZTEusbnmea) -- system32\DRIVERS\ZTEusbnmea.sys File not found DRV - (ZTEusbmdm6k) -- system32\DRIVERS\ZTEusbmdm6k.sys File not found DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found DRV - (tsusbhub) -- system32\drivers\tsusbhub.sys File not found DRV - (Synth3dVsc) -- System32\drivers\synth3dvsc.sys File not found DRV - (MEMSWEEP2) -- C:\Windows\system32\C541.tmp File not found DRV - (massfilter) -- system32\drivers\massfilter.sys File not found DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found DRV - (catchme) -- C:\Users\Info\AppData\Local\Temp\catchme.sys File not found DRV - (BTATH_RCP) -- system32\DRIVERS\btath_rcp.sys File not found DRV - (BTATH_LWFLT) -- system32\DRIVERS\btath_lwflt.sys File not found DRV - (BTATH_HCRP) -- system32\DRIVERS\btath_hcrp.sys File not found DRV - (BTATH_BUS) -- system32\DRIVERS\btath_bus.sys File not found DRV - (BTATH_A2DP) -- system32\drivers\btath_a2dp.sys File not found DRV - (AVFSFilter) -- system32\DRIVERS\avfsfilter.sys File not found DRV - (AthBTPort) -- system32\DRIVERS\btath_flt.sys File not found DRV - (40517705) -- system32\drivers\04373023.sys File not found DRV - (gfibto) -- C:\Windows\System32\drivers\gfibto.sys (GFI Software) DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender) DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender) DRV - (gfiark) -- C:\Windows\System32\drivers\gfiark.sys (GFI Software) DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Qualcomm Atheros Communications, Inc.) DRV - (iaStorA) -- C:\Windows\System32\drivers\iaStorA.sys (Intel Corporation) DRV - (iaStorF) -- C:\Windows\System32\drivers\iaStorF.sys (Intel Corporation) DRV - (BDSandBox) -- C:\Windows\System32\drivers\bdsandbox.sys (BitDefender SRL) DRV - (mfehidk) -- C:\Windows\System32\drivers\mfehidk.sys (McAfee, Inc.) DRV - (mfeapfk) -- C:\Windows\System32\drivers\mfeapfk.sys (McAfee, Inc.) DRV - (avchv) -- C:\Windows\System32\drivers\avchv.sys (BitDefender) DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.) DRV - (KLIF) -- C:\Windows\System32\drivers\klif.sys (Kaspersky Lab) DRV - (klmouflt) -- C:\Windows\System32\drivers\klmouflt.sys (Kaspersky Lab) DRV - (klkbdflt) -- C:\Windows\System32\drivers\klkbdflt.sys (Kaspersky Lab) DRV - (bdselfpr) -- C:\Programme\Bitdefender\Bitdefender 2013\bdselfpr.sys (BitDefender LLC) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC) DRV - (kneps) -- C:\Windows\System32\drivers\kneps.sys (Kaspersky Lab) DRV - (BtFilter) -- C:\Windows\System32\drivers\btfilter.sys (Atheros) DRV - (RSPCIESTOR) -- C:\Windows\System32\drivers\RtsPStor.sys (Realtek Semiconductor Corp.) DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC) DRV - (MEI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation) DRV - (kl1) -- C:\Windows\System32\drivers\kl1.sys (Kaspersky Lab ZAO) DRV - (IntcDAud) -- C:\Windows\System32\drivers\IntcDAud.sys (Intel(R) Corporation) DRV - (kltdi) -- C:\Windows\System32\drivers\kltdi.sys (Kaspersky Lab) DRV - (SmbDrv) -- C:\Windows\System32\drivers\Smb_driver.sys (Synaptics Incorporated) DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC) DRV - (RTL2832U_IRHID) -- C:\Windows\System32\drivers\RTL2832U_IRHID.sys (Realtek) DRV - (GeneStor) -- C:\Windows\System32\drivers\GeneStor.sys (GenesysLogic) DRV - (RTL2832UBDA) -- C:\Windows\System32\drivers\RTL2832UBDA.sys (REALTEK SEMICONDUCTOR Corp.) DRV - (RTL2832UUSB) -- C:\Windows\System32\drivers\RTL2832UUSB.sys (REALTEK SEMICONDUCTOR Corp.) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (ebinfiltr) -- C:\Windows\System32\drivers\ebinfiltr.sys (SR Research Ltd.) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{442F2447-0259-4E83-A694-BB132990BBA8}: "URL" = hxxp://search.easylifeapp.com/?q={searchTerms}&abc=ie&pid=724&r=2013/02/15&hid=4095452143&lg=EN&cc=DE IE - HKLM\..\SearchScopes\{B40F2A28-1A34-4C68-85BF-A86C79D3B79D}: "URL" = ${SEARCH_URL}{searchTerms} IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://www.google.com IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{1C6847EC-FF67-4485-B29A-9BA0E2DA4FBB}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{372DD3D5-C31C-42F8-87A4-C8D9456A33A6}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms} IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{A78BAF76-ABE3-496C-8C37-49C8C1A2554F}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms} IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\SearchScopes\{B9E1D440-AE58-4DAD-A528-B020DFF8D0E5}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms} IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local> ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll File not found FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Info\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Info\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2012.12.18 16:27:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.03.07 21:31:24 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.02.28 18:07:33 | 000,000,000 | ---D | M] [2012.12.29 13:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions [2012.12.29 13:41:45 | 000,000,000 | ---D | M] (No name found) -- \mozilla\Firefox\extensions\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} [2013.03.07 21:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.03.07 21:31:09 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\distribution\extensions [2013.03.07 21:31:10 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de [2013.02.16 01:34:54 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2013.02.16 05:15:47 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.02.16 05:15:47 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.12.18 14:54:52 | 000,003,195 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Complitly.xml [2013.02.16 05:15:47 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2013.02.16 05:15:47 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2013.02.16 05:15:47 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2013.02.16 05:15:47 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: hxxp://www.google.com/ CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\25.0.1364.97\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\25.0.1364.97\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Info\AppData\Local\Google\Chrome\Application\25.0.1364.97\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll CHR - Extension: Google Drive = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\ CHR - Extension: Google-Suche = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: WEB.DE MailCheck = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.0.1_0\ CHR - Extension: Google Mail-Checker = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\ CHR - Extension: Google Mail = C:\Users\Info\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.03.13 14:46:23 | 000,444,957 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.0scan.com O1 - Hosts: 127.0.0.1 0scan.com O1 - Hosts: 127.0.0.1 www.1000gratisproben.com O1 - Hosts: 127.0.0.1 1000gratisproben.com O1 - Hosts: 127.0.0.1 1001namen.com O1 - Hosts: 127.0.0.1 www.1001namen.com O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.1-2005-search.com O1 - Hosts: 127.0.0.1 1-2005-search.com O1 - Hosts: 15308 more lines... O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found. O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O4 - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4 - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.) O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH) O4 - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe (Realtek Semiconductor) O4 - Startup: C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Programme\program\quickstart.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\Software\Policies\Microsoft\Internet Explorer\Recovery present O7 - HKU\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Programme\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4E70BA11-C8F2-4E5A-AE19-2A1638EC9218}: DhcpNameServer = 192.168.2.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Programme\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *autocheck turegopt) O34 - HKLM BootExecute: (bootdelete) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.03.12 22:16:04 | 000,012,872 | ---- | C] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe [2013.03.12 22:06:30 | 015,859,416 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013.03.12 14:31:57 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\NFS Most Wanted Demo [2013.03.12 14:31:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES [2013.03.12 14:30:45 | 000,000,000 | ---D | C] -- C:\Program Files\EA GAMES [2013.03.12 14:27:22 | 000,000,000 | ---D | C] -- C:\NFSMWDemo [2013.03.12 14:27:22 | 000,000,000 | ---D | C] -- \NFSMWDemo [2013.03.11 17:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro [2013.03.11 17:15:49 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro [2013.03.11 17:05:51 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro [2013.03.11 15:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck [2013.03.11 14:39:50 | 000,000,000 | ---D | C] -- C:\Windows\Minidump [2013.03.10 21:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros [2013.03.10 21:07:06 | 003,081,216 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\System32\drivers\athr.sys [2013.03.10 21:07:06 | 003,081,216 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\Windows\System32\athr.sys [2013.03.10 21:07:06 | 000,000,000 | ---D | C] -- C:\Windows\Options [2013.03.10 19:34:47 | 009,888,400 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtsPStorIcon.dll [2013.03.10 19:34:47 | 000,254,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RtsPStor.sys [2013.03.10 12:56:29 | 000,519,680 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhsip32.dll [2013.03.10 12:56:29 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtrk.lrc [2013.03.10 12:56:29 | 000,435,200 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrtha.lrc [2013.03.10 12:56:29 | 000,286,720 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxTMM.dll [2013.03.10 12:56:29 | 000,180,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\iglhcp32.dll [2013.03.10 12:56:28 | 000,438,272 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrell.lrc [2013.03.10 12:56:28 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfra.lrc [2013.03.10 12:56:28 | 000,437,760 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxresn.lrc [2013.03.10 12:56:28 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrus.lrc [2013.03.10 12:56:28 | 000,437,248 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrrom.lrc [2013.03.10 12:56:28 | 000,436,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsky.lrc [2013.03.10 12:56:28 | 000,436,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptg.lrc [2013.03.10 12:56:28 | 000,436,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrplk.lrc [2013.03.10 12:56:28 | 000,436,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnld.lrc [2013.03.10 12:56:28 | 000,436,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrita.lrc [2013.03.10 12:56:28 | 000,436,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhrv.lrc [2013.03.10 12:56:28 | 000,436,736 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdeu.lrc [2013.03.10 12:56:28 | 000,436,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrhun.lrc [2013.03.10 12:56:28 | 000,436,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrfin.lrc [2013.03.10 12:56:28 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrsve.lrc [2013.03.10 12:56:28 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrslv.lrc [2013.03.10 12:56:28 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrptb.lrc [2013.03.10 12:56:28 | 000,435,712 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrnor.lrc [2013.03.10 12:56:28 | 000,435,200 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrdan.lrc [2013.03.10 12:56:28 | 000,433,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrheb.lrc [2013.03.10 12:56:28 | 000,430,080 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrjpn.lrc [2013.03.10 12:56:28 | 000,429,056 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrkor.lrc [2013.03.10 12:56:28 | 000,284,160 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrenu.lrc [2013.03.10 12:56:27 | 000,640,512 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcmrt32.dll [2013.03.10 12:56:27 | 000,436,224 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcsy.lrc [2013.03.10 12:56:27 | 000,433,664 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrara.lrc [2013.03.10 12:56:27 | 000,427,008 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrcht.lrc [2013.03.10 12:56:27 | 000,426,496 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxrchs.lrc [2013.03.10 12:56:27 | 000,313,344 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxpph.dll [2013.03.10 12:56:27 | 000,130,048 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxdo.dll [2013.03.10 12:56:27 | 000,120,320 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxcpl.cpl [2013.03.10 12:56:27 | 000,025,088 | ---- | C] (Intel Corporation) -- C:\Windows\System32\igfxexps.dll [2013.03.10 12:56:25 | 010,812,416 | ---- | C] (Intel Corporation) -- C:\Windows\System32\ig4icd32.dll [2013.03.10 12:56:24 | 006,232,200 | ---- | C] (Intel Corporation) -- C:\Windows\System32\GfxUI.exe [2013.03.10 12:56:24 | 000,175,616 | ---- | C] (Intel Corporation) -- C:\Windows\System32\gfxSrvc.dll [2013.03.10 12:16:56 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\TomTom [2013.03.10 12:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\TomTom [2013.03.10 12:16:49 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\TomTom [2013.03.10 12:16:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom [2013.03.10 12:16:21 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom HOME 2 [2013.03.10 12:15:23 | 000,000,000 | ---D | C] -- C:\Program Files\TomTom International B.V [2013.03.10 11:46:48 | 000,000,000 | ---D | C] -- C:\Intel [2013.03.10 11:46:48 | 000,000,000 | ---D | C] -- \Intel [2013.03.10 11:01:10 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX [2013.03.09 20:46:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverTuner [2013.03.09 20:46:05 | 000,000,000 | ---D | C] -- C:\Program Files\DriverTuner [2013.03.07 21:47:24 | 000,167,344 | ---- | C] (McAfee, Inc.) -- C:\Windows\System32\mfevtps.exe [2013.03.07 21:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\McAfee [2013.03.07 21:38:41 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee [2013.03.07 21:25:11 | 000,000,000 | R--D | C] -- C:\Program Files\Skype [2013.03.07 21:25:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.03.07 21:25:11 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2013.03.06 20:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group [2013.03.06 20:31:42 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller [2013.03.06 20:14:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2013.03.06 20:13:07 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.03.06 20:12:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.03.06 20:12:46 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.03.06 20:12:46 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.03.05 07:13:59 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.03.05 07:13:59 | 000,000,000 | -HSD | C] -- \$RECYCLE.BIN [2013.03.05 07:13:57 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\temp [2013.03.05 07:01:49 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.03.05 07:01:49 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.03.05 07:01:49 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.03.05 07:01:32 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.03.05 07:01:32 | 000,000,000 | ---D | C] -- \Qoobox [2013.03.05 06:59:32 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.03.04 18:28:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.03.04 18:28:01 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.03.04 18:28:01 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.03.04 18:19:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.03 13:04:40 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\DriverGenius [2013.03.02 20:00:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth [2013.03.02 19:10:56 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.03.02 18:53:36 | 000,000,000 | ---D | C] -- C:\Program Files\Petrax Software [2013.03.02 16:37:58 | 000,000,000 | ---D | C] -- C:\Users\Info\Documents\Neuer Ordner [2013.03.01 20:37:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy [2013.02.28 19:00:43 | 000,587,096 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klif.sys [2013.02.28 19:00:43 | 000,075,096 | ---- | C] (Kaspersky Lab) -- C:\Windows\System32\drivers\klflt.sys [2013.02.28 18:38:31 | 000,072,704 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys [2013.02.28 18:07:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013 [2013.02.28 18:07:33 | 000,077,192 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\BdfNdisf6.sys [2013.02.28 18:07:33 | 000,066,392 | ---- | C] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys [2013.02.28 18:07:20 | 000,482,928 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys [2013.02.28 18:07:19 | 000,625,128 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys [2013.02.28 18:07:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender [2013.02.28 18:05:09 | 000,161,312 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys [2013.02.28 18:05:08 | 000,343,456 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys [2013.02.27 21:21:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics [2013.02.27 19:37:48 | 000,014,400 | ---- | C] (SR Research Ltd.) -- C:\Windows\System32\drivers\ebinfiltr.sys [2013.02.27 18:40:23 | 000,000,000 | ---D | C] -- C:\ProgramData\UUdb [2013.02.27 18:40:13 | 000,000,000 | ---D | C] -- C:\ProgramData\1&1 Mail & Media GmbH [2013.02.27 15:58:17 | 000,469,120 | ---- | C] (Atheros) -- C:\Windows\System32\drivers\btfilter.sys [2013.02.26 20:03:50 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies [2013.02.26 19:47:11 | 003,419,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2013.02.26 19:47:11 | 002,284,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll [2013.02.26 19:47:11 | 001,988,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2013.02.26 19:47:11 | 001,504,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013.02.26 19:47:11 | 001,247,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013.02.26 19:47:11 | 001,158,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013.02.26 19:47:11 | 001,080,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2013.02.26 19:47:11 | 000,604,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013.02.26 19:47:11 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013.02.26 19:47:11 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013.02.26 19:47:11 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2013.02.26 19:47:11 | 000,249,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2013.02.26 19:47:11 | 000,220,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2013.02.26 19:47:11 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2013.02.26 19:47:11 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2013.02.26 19:47:11 | 000,161,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013.02.26 19:47:11 | 000,010,752 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.26 19:47:11 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.26 19:47:11 | 000,005,632 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.26 19:47:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.26 19:47:11 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.26 19:47:11 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.26 19:47:11 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.26 19:47:11 | 000,003,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.26 19:47:11 | 000,002,560 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.26 16:32:02 | 000,000,000 | -H-D | C] -- C:\ProgramData\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} [2013.02.26 16:27:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue [2013.02.26 16:27:06 | 000,000,000 | ---D | C] -- C:\Program Files\Uniblue [2013.02.26 16:25:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} [2013.02.26 16:23:26 | 000,000,000 | -H-D | C] -- C:\ProgramData\{D5ABFFAD-D592-4F98-B02B-587125B4801F} [2013.02.26 16:09:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Uniblue [2013.02.26 13:54:06 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd [2013.02.26 13:47:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech [2013.02.26 13:46:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd [2013.02.25 19:33:20 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\LogiShrd [2013.02.25 17:29:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REALTEK DVB-T USB DEVICE [2013.02.25 17:27:41 | 008,323,072 | ---- | C] (Genesys) -- C:\Windows\System32\GeneIcon.dll [2013.02.25 17:27:31 | 000,054,784 | ---- | C] (GenesysLogic) -- C:\Windows\System32\drivers\GeneStor.sys [2013.02.25 16:47:37 | 000,000,000 | ---D | C] -- C:\Drivers [2013.02.25 16:47:37 | 000,000,000 | ---D | C] -- \Drivers [2013.02.25 16:16:16 | 000,000,000 | ---D | C] -- C:\Program Files\KeyDownload-Addon [2013.02.25 16:11:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Qualcomm Atheros [2013.02.24 20:23:38 | 000,000,000 | ---D | C] -- C:\Dell [2013.02.24 20:23:38 | 000,000,000 | ---D | C] -- \Dell [2013.02.24 20:12:09 | 000,000,000 | ---D | C] -- C:\Program Files\Innovative Solutions [2013.02.24 19:53:09 | 000,000,000 | ---D | C] -- C:\HP_LaserJet_Enterprise_500_color_M551 [2013.02.24 19:53:09 | 000,000,000 | ---D | C] -- \HP_LaserJet_Enterprise_500_color_M551 [2013.02.24 19:17:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM [2013.02.24 19:16:41 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll [2013.02.24 19:16:41 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll [2013.02.24 19:16:40 | 002,486,928 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll [2013.02.24 19:16:40 | 001,592,544 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl [2013.02.24 19:16:40 | 000,658,064 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll [2013.02.24 19:16:40 | 000,105,696 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInstII.dll [2013.02.24 19:16:40 | 000,013,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoLDR.dll [2013.02.24 19:16:39 | 011,929,600 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RCoRes.dat [2013.02.24 19:16:39 | 003,220,112 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll [2013.02.24 19:16:39 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll [2013.02.24 19:16:39 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll [2013.02.24 19:16:39 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll [2013.02.24 19:16:39 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll [2013.02.24 19:16:39 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll [2013.02.24 19:16:39 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll [2013.02.24 19:16:35 | 000,176,736 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll [2013.02.24 19:16:35 | 000,095,840 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll [2013.02.24 19:16:35 | 000,090,624 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\System32\CONEQMSAPOGUILibrary.dll [2013.02.24 19:16:32 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp [2013.02.24 19:16:31 | 002,079,968 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll [2013.02.24 14:38:24 | 000,526,392 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorA.sys [2013.02.24 14:38:24 | 000,025,656 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\iaStorF.sys [2013.02.24 13:28:41 | 001,028,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\MFDLL\MFC42.DLL [2013.02.24 13:28:41 | 000,929,844 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\MFDLL\MFC42D.DLL [2013.02.24 13:28:41 | 000,385,100 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\MFDLL\MSVCRTD.DLL [2013.02.24 13:28:41 | 000,343,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\MFDLL\msvcrt.dll [2013.02.24 13:28:41 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\MFDLL [2013.02.24 13:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft [2013.02.24 13:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft [2013.02.24 11:47:03 | 000,080,488 | ---- | C] (Realtek Semiconductor Corporation) -- C:\Windows\System32\RtNicProp32.dll [2013.02.24 11:43:34 | 000,000,000 | ---D | C] -- C:\Program Files\Easeware [2013.02.24 11:00:07 | 000,015,168 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\IntelMEFWVer.dll [2013.02.24 10:59:45 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\postureAgent [2013.02.24 10:59:29 | 000,055,104 | ---- | C] (Intel Corporation) -- C:\Windows\System32\drivers\HECI.sys [2013.02.24 10:59:28 | 000,000,000 | ---D | C] -- C:\Driver_allOS [2013.02.24 10:59:28 | 000,000,000 | ---D | C] -- \Driver_allOS [2013.02.23 18:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\DriverGenius [2013.02.23 11:35:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Innovative Solutions [2013.02.21 16:34:13 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UpdateStar [2013.02.21 16:28:39 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\Innovative Solutions [2013.02.19 14:41:41 | 000,000,000 | R--D | C] -- C:\Sandbox [2013.02.19 14:41:41 | 000,000,000 | R--D | C] -- \Sandbox [2013.02.18 20:56:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013.02.18 20:56:45 | 000,015,224 | ---- | C] (Safer Networking Limited) -- C:\Windows\System32\sdnclean.exe [2013.02.18 17:43:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.02.16 20:42:29 | 000,000,000 | ---D | C] -- C:\Users\Info\AppData\Local\bdch [2013.02.16 20:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\bdch [2013.02.16 17:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [2013.02.16 16:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip [2013.02.16 16:36:19 | 000,000,000 | ---D | C] -- C:\Program Files\7-Zip [2013.02.15 22:29:24 | 000,000,000 | ---D | C] -- C:\Program Files\EasyLife [2013.02.15 12:43:10 | 000,000,000 | ---D | C] -- C:\toolbarImages [2013.02.15 12:43:10 | 000,000,000 | ---D | C] -- \toolbarImages [2013.02.14 16:53:20 | 000,000,000 | -H-D | C] -- C:\Users\Info\Documents\ProgramData [2013.02.14 14:54:06 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy 2 [2013.02.12 22:03:43 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.02.12 22:00:58 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.02.12 22:00:57 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.02.12 22:00:47 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.02.12 22:00:46 | 000,187,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS [2013.02.12 22:00:34 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll [2013.02.12 16:54:47 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013.02.12 16:53:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard [2013.02.12 16:49:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\desktop [2013.02.12 15:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Toolkit Suite [2013.02.12 15:12:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.03.13 14:46:23 | 000,444,957 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.03.13 14:43:26 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.03.13 14:43:18 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.03.13 14:43:05 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.03.13 14:43:05 | 000,009,904 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.03.12 22:16:04 | 000,012,872 | ---- | M] (SurfRight B.V.) -- C:\Windows\System32\bootdelete.exe [2013.03.12 22:16:04 | 000,000,190 | ---- | M] () -- C:\Windows\System32\bootdelete.lst [2013.03.12 22:07:18 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.03.12 22:06:37 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.03.12 22:06:37 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.03.12 22:06:30 | 015,859,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerInstaller.exe [2013.03.12 22:03:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.03.12 22:03:53 | 2099,662,848 | -HS- | M] () -- C:\hiberfil.sys [2013.03.12 22:02:20 | 000,000,612 | ---- | M] () -- C:\Windows\System32\.crusader [2013.03.12 14:31:24 | 000,002,227 | ---- | M] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted PC Demo.lnk [2013.03.12 07:05:07 | 2332,153,856 | R--- | M] () -- C:\Users\Info\Documents\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.iso [2013.03.11 20:28:45 | 000,002,764 | ---- | M] () -- C:\Users\Info\Documents\HitmanPro_20130311_2028.xml [2013.03.11 17:30:17 | 000,002,588 | ---- | M] () -- C:\Users\Info\Documents\HitmanPro_20130311_1730.xml [2013.03.11 17:15:49 | 000,001,909 | ---- | M] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.03.11 14:39:43 | 315,390,802 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.03.10 13:50:04 | 000,015,452 | ---- | M] () -- C:\Windows\System32\results.xml [2013.03.10 11:50:37 | 000,663,052 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.03.10 11:50:37 | 000,624,894 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.03.10 11:50:37 | 000,134,184 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.03.10 11:50:37 | 000,110,566 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.03.09 20:46:10 | 000,001,005 | ---- | M] () -- C:\Users\Public\Desktop\DriverTuner.lnk [2013.03.07 21:31:31 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.07 18:09:18 | 000,030,926 | ---- | M] () -- C:\Users\Info\Documents\1asdfghjkolüäasdfghjkopüsdfghjklö.odt [2013.03.06 20:12:36 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll [2013.03.06 20:12:36 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll [2013.03.06 20:12:36 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe [2013.03.06 20:12:36 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe [2013.03.06 20:12:36 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe [2013.03.06 20:12:36 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll [2013.03.06 14:28:29 | 000,000,480 | ---- | M] () -- C:\Windows\System32\checkdnsid.xml [2013.03.05 16:44:55 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000UA.job [2013.03.05 16:44:55 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000Core.job [2013.03.05 16:44:27 | 000,320,432 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.03.05 07:11:05 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130313-144623.backup [2013.03.04 20:28:10 | 000,000,404 | ---- | M] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job [2013.03.04 20:19:13 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Info\Desktop\TDSSKiller.exe [2013.03.04 18:28:06 | 000,001,089 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.02 20:00:32 | 000,002,176 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk [2013.03.02 19:10:56 | 000,002,403 | ---- | M] () -- C:\Users\Info\Desktop\Google Chrome.lnk [2013.03.02 18:58:05 | 000,048,612 | ---- | M] () -- C:\Windows\System32\ExampleCodeGeneratedCS.skm [2013.03.02 18:58:05 | 000,045,705 | ---- | M] () -- C:\Windows\System32\ExampleCodeGeneratedVB.skm [2013.03.01 20:37:37 | 000,001,126 | ---- | M] () -- C:\Users\Public\Desktop\DriverEasy.lnk [2013.03.01 16:23:10 | 000,025,635 | ---- | M] () -- C:\Users\Info\Documents\Charakterisierung.odt [2013.02.28 18:38:31 | 000,072,704 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdvedisk.sys [2013.02.28 18:08:06 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01 [2013.02.28 18:08:06 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr [2013.02.28 18:08:06 | 000,000,308 | -H-- | M] () -- C:\bdr-cf01 [2013.02.28 18:07:53 | 000,002,134 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk [2013.02.27 16:03:25 | 000,000,787 | ---- | M] () -- C:\Users\Info\Desktop\adwcleaner.lnk [2013.02.27 15:36:27 | 000,277,640 | ---- | M] (Intel Corporation) -- C:\Windows\System32\IntelCpHeciSvc.exe [2013.02.27 15:36:23 | 003,121,152 | ---- | M] (Intel Corporation) -- C:\Windows\System32\igfxcmjit32.dll [2013.02.26 19:47:11 | 003,419,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll [2013.02.26 19:47:11 | 002,284,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msmpeg2vdec.dll [2013.02.26 19:47:11 | 001,988,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10warp.dll [2013.02.26 19:47:11 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d11.dll [2013.02.26 19:47:11 | 001,247,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll [2013.02.26 19:47:11 | 001,158,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsPrint.dll [2013.02.26 19:47:11 | 001,080,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10.dll [2013.02.26 19:47:11 | 000,604,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll [2013.02.26 19:47:11 | 000,417,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WMPhoto.dll [2013.02.26 19:47:11 | 000,364,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\XpsGdiConverter.dll [2013.02.26 19:47:11 | 000,293,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dxgi.dll [2013.02.26 19:47:11 | 000,249,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1core.dll [2013.02.26 19:47:11 | 000,220,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10core.dll [2013.02.26 19:47:11 | 000,207,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecsExt.dll [2013.02.26 19:47:11 | 000,187,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\UIAnimation.dll [2013.02.26 19:47:11 | 000,161,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\d3d10_1.dll [2013.02.26 19:47:11 | 000,010,752 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll [2013.02.26 19:47:11 | 000,009,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll [2013.02.26 19:47:11 | 000,005,632 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll [2013.02.26 19:47:11 | 000,005,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll [2013.02.26 19:47:11 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll [2013.02.26 19:47:11 | 000,003,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll [2013.02.26 19:47:11 | 000,003,072 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll [2013.02.26 19:47:11 | 000,003,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll [2013.02.26 19:47:11 | 000,002,560 | -H-- | M] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll [2013.02.26 16:33:20 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\RegistryBooster.lnk [2013.02.26 16:27:06 | 000,001,100 | ---- | M] () -- C:\Users\Public\Desktop\Uniblue SpeedUpMyPC 2009.lnk [2013.02.25 18:50:23 | 000,000,893 | ---- | M] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2013.02.25 17:27:41 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_GeneStor_01009.Wdf [2013.02.24 14:20:20 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_Smb_driver_01009.Wdf [2013.02.24 13:28:38 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini [2013.02.24 13:25:05 | 000,001,264 | ---- | M] () -- C:\Users\Info\Desktop\Free YouTube Download.lnk [2013.02.23 12:08:57 | 000,000,830 | ---- | M] () -- C:\Windows\System32\InstallUtil.InstallLog [2013.02.21 15:33:54 | 000,000,189 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat [2013.02.19 14:47:15 | 000,001,996 | ---- | M] () -- C:\Windows\Sandboxie.ini [2013.02.19 14:38:04 | 000,000,929 | ---- | M] () -- C:\Windows\wininit.ini [2013.02.18 20:56:53 | 000,002,123 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2013.02.16 16:27:31 | 025,898,021 | ---- | M] () -- C:\Users\Info\Documents\Box_BD2013.rar [2013.02.14 16:02:38 | 000,445,760 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130218-210408.backup [2013.02.12 19:30:31 | 000,007,606 | ---- | M] () -- C:\Users\Info\AppData\Local\resmon.resmoncfg [2013.02.12 13:48:17 | 000,001,188 | ---- | M] () -- C:\Windows\System32\ServiceConfig.xml [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.03.12 22:16:04 | 000,000,190 | ---- | C] () -- C:\Windows\System32\bootdelete.lst [2013.03.12 22:02:20 | 000,000,612 | ---- | C] () -- C:\Windows\System32\.crusader [2013.03.12 14:31:24 | 000,002,227 | ---- | C] () -- C:\Users\Public\Desktop\Need for Speed™ Most Wanted PC Demo.lnk [2013.03.11 20:28:45 | 000,002,764 | ---- | C] () -- C:\Users\Info\Documents\HitmanPro_20130311_2028.xml [2013.03.11 19:29:18 | 2332,153,856 | R--- | C] () -- C:\Users\Info\Documents\Need.For.Speed.Most.Wanted.[ENG]PC.DVD[.ISO].[.NFO].Keygen & Crack.iso [2013.03.11 17:30:17 | 000,002,588 | ---- | C] () -- C:\Users\Info\Documents\HitmanPro_20130311_1730.xml [2013.03.11 17:15:49 | 000,001,909 | ---- | C] () -- C:\Users\Public\Desktop\HitmanPro.lnk [2013.03.11 14:39:43 | 315,390,802 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.03.10 21:07:06 | 000,521,305 | ---- | C] () -- C:\Windows\System32\netathr.inf [2013.03.10 21:07:06 | 000,078,355 | ---- | C] () -- C:\Windows\System32\athrext.cat [2013.03.10 12:56:29 | 000,067,904 | ---- | C] () -- C:\Windows\System32\iglhxs32.vp [2013.03.10 12:56:29 | 000,059,594 | ---- | C] () -- C:\Windows\System32\iglhxc32.vp [2013.03.10 12:56:29 | 000,058,781 | ---- | C] () -- C:\Windows\System32\iglhxo32.vp [2013.03.10 12:56:29 | 000,058,684 | ---- | C] () -- C:\Windows\System32\iglhxg32.vp [2013.03.10 12:56:27 | 000,009,728 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll [2013.03.10 12:56:26 | 000,064,512 | ---- | C] () -- C:\Windows\System32\igdde32.dll [2013.03.10 12:56:25 | 000,000,268 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config [2013.03.10 12:56:24 | 000,223,492 | ---- | C] () -- C:\Windows\System32\Gfxres.th-TH.resources [2013.03.10 12:56:24 | 000,209,986 | ---- | C] () -- C:\Windows\System32\Gfxres.el-GR.resources [2013.03.10 12:56:24 | 000,194,121 | ---- | C] () -- C:\Windows\System32\Gfxres.ru-RU.resources [2013.03.10 12:56:24 | 000,166,124 | ---- | C] () -- C:\Windows\System32\Gfxres.ar-SA.resources [2013.03.10 12:56:24 | 000,163,379 | ---- | C] () -- C:\Windows\System32\Gfxres.ja-JP.resources [2013.03.10 12:56:24 | 000,158,986 | ---- | C] () -- C:\Windows\System32\Gfxres.he-IL.resources [2013.03.10 12:56:24 | 000,149,649 | ---- | C] () -- C:\Windows\System32\Gfxres.it-IT.resources [2013.03.10 12:56:24 | 000,148,018 | ---- | C] () -- C:\Windows\System32\Gfxres.ko-KR.resources [2013.03.10 12:56:24 | 000,147,360 | ---- | C] () -- C:\Windows\System32\Gfxres.de-DE.resources [2013.03.10 12:56:24 | 000,147,269 | ---- | C] () -- C:\Windows\System32\Gfxres.es-ES.resources [2013.03.10 12:56:24 | 000,145,974 | ---- | C] () -- C:\Windows\System32\Gfxres.ro-RO.resources [2013.03.10 12:56:24 | 000,145,470 | ---- | C] () -- C:\Windows\System32\Gfxres.fr-FR.resources [2013.03.10 12:56:24 | 000,144,637 | ---- | C] () -- C:\Windows\System32\Gfxres.tr-TR.resources [2013.03.10 12:56:24 | 000,144,235 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-BR.resources [2013.03.10 12:56:24 | 000,143,989 | ---- | C] () -- C:\Windows\System32\Gfxres.nl-NL.resources [2013.03.10 12:56:24 | 000,143,916 | ---- | C] () -- C:\Windows\System32\Gfxres.hu-HU.resources [2013.03.10 12:56:24 | 000,143,249 | ---- | C] () -- C:\Windows\System32\Gfxres.pt-PT.resources [2013.03.10 12:56:24 | 000,142,876 | ---- | C] () -- C:\Windows\System32\Gfxres.sv-SE.resources [2013.03.10 12:56:24 | 000,142,682 | ---- | C] () -- C:\Windows\System32\Gfxres.pl-PL.resources [2013.03.10 12:56:24 | 000,142,267 | ---- | C] () -- C:\Windows\System32\Gfxres.cs-CZ.resources [2013.03.10 12:56:24 | 000,141,998 | ---- | C] () -- C:\Windows\System32\Gfxres.fi-FI.resources [2013.03.10 12:56:24 | 000,141,833 | ---- | C] () -- C:\Windows\System32\Gfxres.sk-SK.resources [2013.03.10 12:56:24 | 000,141,038 | ---- | C] () -- C:\Windows\System32\Gfxres.hr-HR.resources [2013.03.10 12:56:24 | 000,137,880 | ---- | C] () -- C:\Windows\System32\Gfxres.sl-SI.resources [2013.03.10 12:56:24 | 000,137,793 | ---- | C] () -- C:\Windows\System32\Gfxres.nb-NO.resources [2013.03.10 12:56:24 | 000,137,132 | ---- | C] () -- C:\Windows\System32\Gfxres.da-DK.resources [2013.03.10 12:56:24 | 000,132,623 | ---- | C] () -- C:\Windows\System32\Gfxres.en-US.resources [2013.03.10 12:56:24 | 000,126,294 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-TW.resources [2013.03.10 12:56:24 | 000,124,662 | ---- | C] () -- C:\Windows\System32\Gfxres.zh-CN.resources [2013.03.09 20:46:10 | 000,001,005 | ---- | C] () -- C:\Users\Public\Desktop\DriverTuner.lnk [2013.03.05 16:44:13 | 000,320,432 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT [2013.03.05 07:01:49 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.03.05 07:01:49 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.03.05 07:01:49 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.03.05 07:01:49 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.03.05 07:01:49 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.03.04 18:28:06 | 000,001,089 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.03.02 21:29:37 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk [2013.03.02 20:00:32 | 000,002,176 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk [2013.03.02 19:10:57 | 000,002,403 | ---- | C] () -- C:\Users\Info\Desktop\Google Chrome.lnk [2013.03.02 19:10:19 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000UA.job [2013.03.02 19:10:17 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3437191235-2556486254-1160177188-1000Core.job [2013.03.02 18:54:36 | 000,048,612 | ---- | C] () -- C:\Windows\System32\ExampleCodeGeneratedCS.skm [2013.03.02 18:54:36 | 000,045,705 | ---- | C] () -- C:\Windows\System32\ExampleCodeGeneratedVB.skm [2013.03.01 21:16:49 | 000,001,330 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk [2013.03.01 16:26:57 | 000,025,635 | ---- | C] () -- C:\Users\Info\Documents\Charakterisierung.odt [2013.03.01 15:44:17 | 000,030,926 | ---- | C] () -- C:\Users\Info\Documents\1asdfghjkolüäasdfghjkopüsdfghjklö.odt [2013.02.28 18:08:06 | 000,000,308 | -H-- | C] () -- C:\bdr-cf01 [2013.02.28 18:08:06 | 000,000,308 | -H-- | C] () -- \bdr-cf01 [2013.02.28 18:07:53 | 000,002,134 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Internet Security 2013.lnk [2013.02.28 18:07:07 | 035,184,777 | -H-- | C] () -- C:\bdr-im01.gz [2013.02.28 18:07:07 | 035,184,777 | -H-- | C] () -- \bdr-im01.gz [2013.02.28 18:07:07 | 002,294,848 | -H-- | C] () -- C:\bdr-bz01 [2013.02.28 18:07:07 | 002,294,848 | -H-- | C] () -- \bdr-bz01 [2013.02.28 18:07:07 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01 [2013.02.28 18:07:07 | 000,253,404 | -H-- | C] () -- \bdr-ld01 [2013.02.28 18:07:07 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr [2013.02.28 18:07:07 | 000,009,216 | -H-- | C] () -- \bdr-ld01.mbr [2013.02.27 16:03:25 | 000,000,787 | ---- | C] () -- C:\Users\Info\Desktop\adwcleaner.lnk [2013.02.26 16:33:20 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\RegistryBooster.lnk [2013.02.26 16:27:06 | 000,001,100 | ---- | C] () -- C:\Users\Public\Desktop\Uniblue SpeedUpMyPC 2009.lnk [2013.02.25 18:50:23 | 000,000,893 | ---- | C] () -- C:\Users\Public\Desktop\BitTorrent.lnk [2013.02.25 17:27:41 | 000,139,264 | ---- | C] () -- C:\Windows\System32\ustor.dll [2013.02.25 17:27:41 | 000,049,152 | ---- | C] () -- C:\Windows\System32\UMonit.exe [2013.02.25 17:27:41 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_GeneStor_01009.Wdf [2013.02.25 17:27:31 | 000,172,097 | ---- | C] () -- C:\Windows\System32\NoMSGuninstall.exe [2013.02.25 17:27:31 | 000,000,840 | ---- | C] () -- C:\Windows\System32\ProductName.ini [2013.02.25 17:27:29 | 000,000,187 | ---- | C] () -- C:\Windows\System32\IconCfg0.ini [2013.02.25 17:20:18 | 000,000,404 | ---- | C] () -- C:\Windows\tasks\DriverEasy Scheduled Scan.job [2013.02.25 17:20:17 | 000,001,126 | ---- | C] () -- C:\Users\Public\Desktop\DriverEasy.lnk [2013.02.25 16:47:44 | 000,020,315 | ---- | C] () -- C:\Windows\System32\GeneStor.INF [2013.02.24 20:24:07 | 006,416,928 | ---- | C] () -- C:\Windows\System\DriveIcon.dll [2013.02.24 19:16:39 | 000,394,185 | ---- | C] () -- C:\Windows\System32\drivers\RTAIODAT.DAT [2013.02.24 14:20:20 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_Smb_driver_01009.Wdf [2013.02.24 13:28:41 | 000,011,832 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp64.sys [2013.02.24 13:28:41 | 000,010,216 | ---- | C] () -- C:\Windows\System32\drivers\AsInsHelp32.sys [2013.02.24 13:28:38 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini [2013.02.23 11:57:39 | 000,000,830 | ---- | C] () -- C:\Windows\System32\InstallUtil.InstallLog [2013.02.21 15:33:49 | 000,000,189 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat [2013.02.19 14:37:40 | 000,001,996 | ---- | C] () -- C:\Windows\Sandboxie.ini [2013.02.18 20:56:53 | 000,002,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013.02.18 20:56:53 | 000,002,123 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2013.02.16 17:12:13 | 025,898,021 | ---- | C] () -- C:\Users\Info\Documents\Box_BD2013.rar [2013.02.12 13:48:17 | 000,001,188 | ---- | C] () -- C:\Windows\System32\ServiceConfig.xml [2013.02.02 19:42:23 | 000,001,656 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin [2013.01.14 15:49:03 | 000,059,392 | R--- | C] () -- C:\Windows\System32\streamhlp.dll [2013.01.13 12:56:09 | 000,007,606 | ---- | C] () -- C:\Users\Info\AppData\Local\resmon.resmoncfg [2013.01.01 14:37:00 | 005,746,780 | ---- | C] ( ) -- C:\Windows\System32\RTKISDBT.dll [2012.12.29 19:05:53 | 000,000,929 | ---- | C] () -- C:\Windows\wininit.ini [2012.12.18 14:54:52 | 000,000,000 | RHS- | C] () -- \MSDOS.SYS [2012.12.18 14:54:52 | 000,000,000 | RHS- | C] () -- \IO.SYS [2012.10.22 17:40:04 | 000,272,928 | ---- | C] () -- C:\Windows\System32\igvpkrng600.bin [2012.10.22 17:39:46 | 000,963,452 | ---- | C] () -- C:\Windows\System32\igcodeckrng600.bin [2012.10.22 17:39:44 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll [2012.10.03 17:15:43 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe [2012.10.03 17:14:43 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe [2012.09.29 10:40:45 | 000,000,557 | ---- | C] () -- \NetworkCfg.xml [2012.09.27 11:25:26 | 2099,662,848 | -HS- | C] () -- \hiberfil.sys [2012.08.13 10:08:08 | 000,014,217 | ---- | C] () -- C:\Program Files\readme.html [2012.07.27 21:47:36 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe [2012.05.08 13:15:36 | 000,000,005 | ---- | C] () -- C:\Program Files\basis-link [2012.04.20 13:57:00 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll [2012.01.10 14:17:06 | 000,145,804 | ---- | C] () -- C:\Windows\System32\igcompkrng600.bin [2011.09.15 02:11:16 | 001,048,576 | ---- | C] () -- C:\Windows\System32\syndata.bin [2011.06.26 18:49:12 | 000,218,304 | ---- | C] () -- C:\Windows\System32\igfcg600m.bin [2011.06.26 18:49:08 | 000,963,116 | ---- | C] () -- C:\Windows\System32\igkrng600.bin [2009.07.14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat [2009.07.14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2013.02.27 18:40:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\1&1 Mail & Media GmbH [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten [2013.02.16 20:42:28 | 000,000,000 | ---D | M] -- C:\Users\All Users\bdch [2013.01.31 16:34:47 | 000,000,000 | ---D | M] -- C:\Users\All Users\BDLogging [2013.02.28 18:08:32 | 000,000,000 | ---D | M] -- C:\Users\All Users\Bitdefender [2013.02.12 15:13:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\clp [2012.12.18 16:34:38 | 000,000,000 | -H-D | M] -- C:\Users\All Users\Common Files [2013.02.12 15:13:02 | 000,000,000 | ---D | M] -- C:\Users\All Users\Common Toolkit Suite [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente [2013.03.05 14:18:37 | 000,000,000 | ---D | M] -- C:\Users\All Users\DriverGenius [2013.01.31 16:39:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\Dumps [2013.01.21 19:23:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Electronic Arts [2013.01.14 19:16:39 | 000,000,000 | ---D | M] -- C:\Users\All Users\f-secure [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten [2013.02.12 23:04:17 | 000,000,000 | ---D | M] -- C:\Users\All Users\Fighters [2012.12.28 22:58:50 | 000,000,000 | ---D | M] -- C:\Users\All Users\Freemake [2013.01.13 11:01:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\fssg [2013.03.12 22:02:21 | 000,000,000 | ---D | M] -- C:\Users\All Users\HitmanPro [2013.02.23 11:35:00 | 000,000,000 | ---D | M] -- C:\Users\All Users\Innovative Solutions [2012.10.20 13:20:59 | 000,000,000 | ---D | M] -- C:\Users\All Users\MakeMusic [2012.12.28 21:13:22 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Drivers HeadQuarters [2013.03.10 19:32:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\Qualcomm Atheros [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü [2013.02.27 21:21:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Synaptics [2012.12.18 17:54:13 | 000,000,000 | ---D | M] -- C:\Users\All Users\TEMP [2013.03.10 12:16:54 | 000,000,000 | ---D | M] -- C:\Users\All Users\TomTom [2012.12.18 16:34:56 | 000,000,000 | ---D | M] -- C:\Users\All Users\TuneUp Software [2013.02.26 16:09:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\Uniblue [2013.02.27 18:40:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\UUdb [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen [2013.02.15 18:37:12 | 000,000,000 | ---D | M] -- C:\Users\All Users\Wincert [2013.02.26 16:51:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\{51019853-129C-4EDE-9030-D5FD7BBD9AD0} [2013.02.26 16:51:50 | 000,000,000 | -H-D | M] -- C:\Users\All Users\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185} [2013.02.05 14:22:06 | 000,000,000 | -HSD | M] -- C:\Users\All Users\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.02.26 16:23:26 | 000,000,000 | -H-D | M] -- C:\Users\All Users\{D5ABFFAD-D592-4F98-B02B-587125B4801F} [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Anwendungsdaten [2009.07.14 03:37:05 | 000,000,000 | -H-D | M] -- C:\Users\Default\AppData [2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Desktop [2012.09.27 11:32:36 | 000,000,000 | R--D | M] -- C:\Users\Default\Documents [2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Downloads [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Druckumgebung [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Eigene Dateien [2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Favorites [2013.01.12 21:29:16 | 000,000,000 | R--D | M] -- C:\Users\Default\Links [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Lokale Einstellungen [2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Music [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Netzwerkumgebung [2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Pictures [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Recent [2009.07.14 03:04:25 | 000,000,000 | ---D | M] -- C:\Users\Default\Saved Games [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\SendTo [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Startmenü [2009.07.14 03:04:25 | 000,000,000 | R--D | M] -- C:\Users\Default\Videos [2012.09.27 11:32:36 | 000,000,000 | -HSD | M] -- C:\Users\Default\Vorlagen [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Anwendungsdaten [2013.02.16 17:09:07 | 000,000,000 | -H-D | M] -- C:\Users\Info\AppData [2012.10.03 17:47:55 | 000,000,000 | R--D | M] -- C:\Users\Info\Contacts [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Cookies [2013.03.09 21:02:40 | 000,000,000 | R--D | M] -- C:\Users\Info\Desktop [2013.03.12 14:31:57 | 000,000,000 | R--D | M] -- C:\Users\Info\Documents [2013.03.12 22:21:07 | 000,000,000 | R--D | M] -- C:\Users\Info\Downloads [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Druckumgebung [2012.09.27 11:34:15 | 000,000,000 | -HSD | M] -- C:\Users\Info\Eigene Dateien [2013.02.01 18:52:18 | 000,000,000 | R--D | M] -- C:\Users\Info\Favorites [2012.09.29 08:38:24 | 000,000,000 | -H-D | M] -- C:\Users\Info\InstallAnywhere [2013.03.04 16:21:39 | 000,000,000 | R--D | M] -- C:\Users\Info\Links [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Lokale Einstellungen [2013.01.09 17:20:50 | 000,000,000 | R--D | M] -- C:\Users\Info\Music [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Netzwerkumgebung [2013.02.03 15:14:43 | 000,000,000 | ---D | M] -- C:\Users\Info\Pavark [2013.02.26 15:48:58 | 000,000,000 | R--D | M] -- C:\Users\Info\Pictures [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Recent [2012.10.03 17:47:55 | 000,000,000 | R--D | M] -- C:\Users\Info\Saved Games [2013.02.05 16:05:22 | 000,000,000 | R--D | M] -- C:\Users\Info\Searches [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\SendTo [2013.02.16 17:08:31 | 000,000,000 | R--D | M] -- C:\Users\Info\SkyDrive [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Startmenü [2013.01.19 10:08:21 | 000,000,000 | ---D | M] -- C:\Users\Info\Tracing [2013.03.01 15:49:38 | 000,000,000 | R--D | M] -- C:\Users\Info\Videos [2012.09.27 11:34:16 | 000,000,000 | -HSD | M] -- C:\Users\Info\Vorlagen [2013.03.05 07:13:57 | 000,000,000 | ---D | M] -- C:\Users\Malisa\AppData [2012.11.17 16:39:29 | 000,000,000 | ---D | M] -- C:\Users\Malisa\Desktop [2013.03.05 07:13:57 | 000,000,000 | ---D | M] -- C:\Users\Public\AppData [2013.03.12 22:08:04 | 000,000,000 | RH-D | M] -- C:\Users\Public\Desktop [2013.03.07 22:30:34 | 000,000,000 | R--D | M] -- C:\Users\Public\Documents [2013.03.07 22:30:33 | 000,000,000 | R--D | M] -- C:\Users\Public\Downloads [2009.07.14 03:04:25 | 000,000,000 | RH-D | M] -- C:\Users\Public\Favorites [2013.03.07 22:30:34 | 000,000,000 | RH-D | M] -- C:\Users\Public\Libraries [2013.03.07 22:30:33 | 000,000,000 | R--D | M] -- C:\Users\Public\Music [2013.03.07 22:30:33 | 000,000,000 | R--D | M] -- C:\Users\Public\Pictures [2012.10.02 13:02:43 | 000,000,000 | R--D | M] -- C:\Users\Public\Recorded TV [2013.03.07 22:30:33 | 000,000,000 | R--D | M] -- C:\Users\Public\Videos ========== Purity Check ========== < End of report > Code:
ATTFilter OTL Extras logfile created on: 13.03.2013 14:46:56 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Info\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16438)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,61 Gb Total Physical Memory | 1,61 Gb Available Physical Memory | 61,84% Memory free
5,21 Gb Paging File | 3,98 Gb Available in Paging File | 76,38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 596,07 Gb Total Space | 508,30 Gb Free Space | 85,27% Space Free | Partition Type: NTFS
Computer Name: ALEXANDER-HP630 | User Name: Info | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.jse [@ = JSEFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
.wsf [@ = WSFFile] -- C:\Windows\System32\CScript.exe (Microsoft Corporation)
[HKEY_USERS\.DEFAULT\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-18\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML.KJOE5CON4YSEURCOUTJD6SBO2M] -- Reg Error: Key error. File not found
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsefile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
wsffile [open] -- %SystemRoot%\System32\CScript.exe "%1" %* (Microsoft Corporation)
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithApplianMP] -- "C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe" -I skins2 --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Key error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01DBE142-27E9-4773-A0CD-B304003A5DF7}" = lport=137 | protocol=17 | dir=in | app=system |
"{12F58715-4624-4FD1-B010-BDBB1E7B080E}" = rport=137 | protocol=17 | dir=out | app=system |
"{1D2089B8-89D0-4BA7-A5B4-8F155E15D214}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{32A2271E-7150-4DA8-8C6D-BEE0170453F2}" = lport=138 | protocol=17 | dir=in | app=system |
"{37CFFEA8-E16F-43E4-BF1A-F88551A92DE4}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{39748B89-9815-4550-B841-532E2154ACF6}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3D59763D-1ED3-4C74-BDFA-8A8FCC9FC525}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3EB7CAEB-87BB-4EA0-B067-ACC73089BC53}" = rport=139 | protocol=6 | dir=out | app=system |
"{4361BAA7-7834-412A-9E44-1BA065BD74E0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4839B456-FDA6-4BEB-8D20-3376989267D7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{49BABFCE-DC11-4F95-ACBC-9C8BE5EDC36D}" = lport=139 | protocol=6 | dir=in | app=system |
"{4DE142EE-3AC5-4683-A93D-73C964D0A799}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{56A0396B-6F40-4055-A5C3-5063299FB17E}" = rport=138 | protocol=17 | dir=out | app=system |
"{66F5B08D-0A57-46B4-AA17-F10C3C22F759}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{8C8F29E3-63A1-4816-81E5-EE4150655CFB}" = lport=445 | protocol=6 | dir=in | app=system |
"{90695147-1B32-4BF1-929C-80FA22015799}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A86F6B4F-9E54-4DB3-AA76-A0A683C3E610}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{AFC82FD5-38F0-4F3E-9E7D-057741979768}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C4066647-0930-4F92-AED6-7BFA6D998905}" = lport=10243 | protocol=6 | dir=in | app=system |
"{EAB4A630-A4D2-4BD4-8678-B51E957BE3FC}" = lport=2869 | protocol=6 | dir=in | app=system |
"{EFE6FD3C-175A-4490-963E-25D99B7C8EA2}" = rport=445 | protocol=6 | dir=out | app=system |
"{F48DB664-08F0-4795-9171-196F48F7B1D2}" = lport=80 | protocol=6 | dir=in | name=www |
"{F5167275-B910-4332-8B20-73F7A0B8BBCF}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FFA4C39C-5201-4494-9C67-A43E86E58075}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06D07C9B-2AD0-4369-AB48-298D5D18296B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{0AF7B335-6CF4-4D3E-8667-438F4A4EADDA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1253855C-B82A-4533-A923-299F385CEE73}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{15EA55BC-0D82-4443-B1D0-D1D174C8B98A}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{31EF75E5-69F3-4986-A494-697A2D4B0B79}" = protocol=17 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"{3367344A-00FA-45DB-846E-477E214F9D96}" = protocol=17 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe |
"{36C659E4-9313-4E22-A9CA-B5B3FE55F6F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{47A7770A-CDF0-42BE-B810-BC82EC215190}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4CF43D84-0084-43ED-B110-3D63EDF671BC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{4E9C997D-58B2-4974-9A3B-5B3FBC9FBDDD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{55224F95-277E-482D-BC14-B97F8D85E435}" = protocol=6 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"{5E76D313-567F-495F-8B8C-24A65DD02DA5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6156A7B9-18E4-4FF5-AF53-F97D16C2D1AF}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{664CA150-E671-4567-90EC-299E6D3B4035}" = protocol=6 | dir=out | app=system |
"{791C8FDF-21B4-4874-B18A-F02E0285293E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{80C8EE46-FD19-483A-B00E-A9CCE3000760}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{8CC52C5F-AA3B-41D7-A1B7-203AA9B2C047}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{94D74F6B-79F1-46DB-A69A-A8B39BE3639D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AB6B0AAB-C44F-418A-969C-D4712E88839F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{ACE84729-F7CE-40F2-BBFE-1E21659DB267}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{C95F78A8-49C0-44EC-99C4-940067C828E7}" = protocol=6 | dir=in | app=c:\program files\arcsoft\totalmedia 3.5\totalmedia.exe |
"{DAD0094F-D544-4CED-A3C4-ECC5FD4C9F36}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E72A7411-CB21-440F-B894-74A43100BFD3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E9182B6C-9065-48DF-8991-4E7BE3001FE6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{5AE05BC8-C5D2-4583-AED7-24C58FC6768E}C:\users\info\appdata\roaming\bittorrent\bittorrent.exe" = protocol=6 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"TCP Query User{6C914251-2626-430D-84DE-5249E13427AF}C:\windows\explorer.exe" = protocol=6 | dir=in | app=c:\windows\explorer.exe |
"UDP Query User{0DF4C5BA-CE9D-4847-A7DD-9D84929383D0}C:\users\info\appdata\roaming\bittorrent\bittorrent.exe" = protocol=17 | dir=in | app=c:\users\info\appdata\roaming\bittorrent\bittorrent.exe |
"UDP Query User{3669F7DB-5032-4F4F-AA0A-01C4A71BADEC}C:\windows\explorer.exe" = protocol=17 | dir=in | app=c:\windows\explorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{152A537F-45E9-4B15-8847-2E3E5BE61859}" = Intel® Trusted Connect Service Client
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{23C3F5C0-566B-478B-AAB6-197ADAD0C945}" = Uniblue SpeedUpMyPC 2009
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros Client Installation Program
"{2C26B97F-698E-4E04-B398-8203B147859B}_is1" = TOPP Vorlagen-Druckstudio (5156)
"{33FFD86B-569C-9E8D-6659-A1F84D07CAD0}" = AMD Catalyst Install Manager
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{520C1D80-935C-42B9-9340-E883849D804F}_is1" = DriverTuner 3.1.0.0
"{53B17A98-5BF0-40BC-AAFF-850A357975AC}" = HP Quick Launch
"{5F32D89B-D3A0-4562-AC03-F6DE4614AE1A}" = DVB-T USB DEVICE
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74292F90-895A-4FC6-A692-9641532B1B63}" = ArcSoft TotalMedia 3.5
"{7A21C722-F259-4976-B7AA-6658E5FDEDAF}" = Google Drive
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = Genesys USB Mass Storage Device
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{BBBA20E0-D9F3-4C6F-83AC-D66EFC0BFA93}" = Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{DC24971E-1946-445D-8A82-CE685433FA7D}" = Realtek USB 2.0 Card Reader
"{DDBB7C89-1A09-441E-AA0F-6AA465755C17}" = REALTEK DTV USB DEVICE
"{E085FD28-F22C-4D41-00A1-F0751BF8EFC1}" = Need for Speed™ Most Wanted PC Demo
"{E2E7A0E8-77C4-495F-8FA3-63DAEDAA2DB3}" = F-Secure PSC Prerequisites
"{E63E34A7-E552-412B-9E40-FD6FC5227ABA}" = Uniblue RegistryBooster 2009
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"6D0D8C013A1992A83A403358172679D9BA46DF3B" = Windows-Treiberpaket - Intel(R) Corporation (IntcDAud) MEDIA (06/19/2012 6.14.00.3097)
"78687D16D0A71C3BDAA0468F5661543CDF26FD7C" = Windows-Treiberpaket - Intel System (10/05/2012 9.2.0.1032)
"7E9FE2A1075EF0CBC79E935D39DCE2F811618FE7" = Windows-Treiberpaket - Intel System (10/05/2012 9.2.0.1032)
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Applian FLV and Media Player" = Applian FLV and Media Player 3.1.1.12
"BEBD188D699DEE8649A9B6D18A94D552D9616614" = Windows-Treiberpaket - Intel USB (10/05/2012 9.2.0.1032)
"Bitdefender" = Bitdefender Internet Security 2013
"BitTorrent" = BitTorrent
"DA98CAF7C61E6CF8439BF7FFDAFE5717CFF73687" = Windows-Treiberpaket - Intel System (10/05/2012 9.2.0.1032)
"DriverEasy_is1" = DriverEasy 4.4.2
"Finale NotePad 2012" = Finale NotePad 2012
"Free YouTube Download_is1" = Free YouTube Download version 3.2.0.128
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.2.0
"HitmanPro37" = HitmanPro 3.7
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 19.0 (x86 de)" = Mozilla Firefox 19.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Revo Uninstaller" = Revo Uninstaller 1.94
"SynTPDeinstKey" = Synaptics TouchPad Driver
"TuneUp Utilities 2013" = TuneUp Utilities 2013
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3437191235-2556486254-1160177188-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1&1 Mail & Media WEB.DE MailCheck GC" = WEB.DE MailCheck für Google Chrome
"Google Chrome" = Google Chrome
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 09.03.2013 15:43:51 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
Error - 09.03.2013 15:46:22 | Computer Name = Alexander-HP630 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\DriverTuner\DPInst64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.03.2013 16:39:11 | Computer Name = Alexander-HP630 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Easeware\drivereasy\aud_allos_6.0.1.6804_pv\Vista64\MaxxAudioControl64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.03.2013 16:39:12 | Computer Name = Alexander-HP630 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Easeware\drivereasy\aud_allos_6.0.1.6804_pv\Vista64\RAVBg64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.03.2013 16:39:12 | Computer Name = Alexander-HP630 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Easeware\drivereasy\aud_allos_6.0.1.6804_pv\Vista64\RAVCpl64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.03.2013 16:39:15 | Computer Name = Alexander-HP630 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Easeware\drivereasy\aud_allos_6.0.1.6804_pv\Vista64\vncutil64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.03.2013 16:39:17 | Computer Name = Alexander-HP630 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\Easeware\drivereasy\aud_allos_6.0.1.6804_pv\WDM\vncutil64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 09.03.2013 16:40:06 | Computer Name = Alexander-HP630 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\drivertuner\DPInst64.exe".
Die
abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 10.03.2013 08:49:30 | Computer Name = Alexander-HP630 | Source = Winlogon | ID = 4103
Description = Fehler bei der Windows-Lizenzaktivierung. Fehler 0x00000000.
Error - 10.03.2013 14:00:04 | Computer Name = Alexander-HP630 | Source = Windows Backup | ID = 4104
Description =
Error - 10.03.2013 14:34:26 | Computer Name = Alexander-HP630 | Source = VSS | ID = 8194
Description =
[ Media Center Events ]
Error - 03.12.2012 14:10:35 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 19:10:35 - Fehler beim Herstellen der Internetverbindung. 19:10:35
- Serververbindung konnte nicht hergestellt werden..
Error - 03.12.2012 14:10:44 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 19:10:40 - Fehler beim Herstellen der Internetverbindung. 19:10:40
- Serververbindung konnte nicht hergestellt werden..
Error - 04.12.2012 09:37:39 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 14:37:39 - Fehler beim Herstellen der Internetverbindung. 14:37:39
- Serververbindung konnte nicht hergestellt werden..
Error - 04.12.2012 09:37:47 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 14:37:44 - Fehler beim Herstellen der Internetverbindung. 14:37:44
- Serververbindung konnte nicht hergestellt werden..
Error - 05.12.2012 12:09:49 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 17:09:49 - Directory konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
Error - 06.12.2012 11:54:39 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 16:54:39 - Fehler beim Herstellen der Internetverbindung. 16:54:39
- Serververbindung konnte nicht hergestellt werden..
Error - 06.12.2012 11:54:48 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 16:54:44 - Fehler beim Herstellen der Internetverbindung. 16:54:44
- Serververbindung konnte nicht hergestellt werden..
Error - 14.12.2012 10:40:37 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 15:40:37 - Fehler beim Herstellen der Internetverbindung. 15:40:37
- Serververbindung konnte nicht hergestellt werden..
Error - 14.12.2012 10:40:47 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 15:40:43 - Fehler beim Herstellen der Internetverbindung. 15:40:43
- Serververbindung konnte nicht hergestellt werden..
Error - 15.12.2012 15:52:47 | Computer Name = Alexander-PC | Source = MCUpdate | ID = 0
Description = 20:52:47 - Fehler beim Herstellen der Internetverbindung. 20:52:47
- Serververbindung konnte nicht hergestellt werden..
[ Spybot - Search and Destroy Events ]
Error - 14.02.2013 10:55:06 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 19.02.2013 09:38:05 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 21.02.2013 13:14:11 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 23.02.2013 05:17:13 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 23.02.2013 16:11:47 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 01.03.2013 12:07:35 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 01.03.2013 14:53:53 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 03.03.2013 04:36:59 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 07.03.2013 12:12:31 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 07.03.2013 16:19:17 | Computer Name = Alexander-HP630 | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 18.02.2013 09:10:09 | Computer Name = Alexander-HP630 | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 18.02.2013 12:49:33 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
40517705
Error - 18.02.2013 12:51:45 | Computer Name = Alexander-HP630 | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 18.02.2013 12:51:45 | Computer Name = Alexander-HP630 | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 18.02.2013 12:56:23 | Computer Name = Alexander-HP630 | Source = DCOM | ID = 10010
Description =
Error - 18.02.2013 13:34:45 | Computer Name = Alexander-HP630 | Source = DCOM | ID = 10010
Description =
Error - 19.02.2013 09:08:17 | Computer Name = Alexander-HP630 | Source = BTHUSB | ID = 327697
Description = Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen
und wird nicht verwendet. Der Treiber wurde entladen.
Error - 19.02.2013 09:08:56 | Computer Name = Alexander-HP630 | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
40517705
Error - 19.02.2013 09:09:07 | Computer Name = Alexander-HP630 | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 19.02.2013 09:09:07 | Computer Name = Alexander-HP630 | Source = WMPNetworkSvc | ID = 866306
Description =
< End of report >
|
|
13.03.2013, 18:32
| #28 |
| /// Malware-holic | Minianwendungen werden nicht mehr richtig angezeigt Hi, bitte hau spybot runter, das programm ist schrott. otl fix Fixen mit OTL
Code:
ATTFilter :OTL
[2013.03.07 21:31:10 | 000,000,000 | ---D | M] (WEB.DE MailCheck) -- C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de
O2 - BHO: (no name) - {E33CF602-D945-461A-83F0-819F76A199F8} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
:files
:Commands
[emptytemp]
bitte teste, ob es im Firefox, internet explorer, und sonstigen evtl. instalierte Browser, irgendwelche ungewollten toolbars, umleitungen oder sonstigen Probleme gibt. Teste wie pc und programme allgemein laufen.
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
13.03.2013, 21:01
| #29 |
| | Minianwendungen werden nicht mehr richtig angezeigt hi, welches gute anti spyware programm wäre denn empfehlenswert? Code:
ATTFilter All processes killed
========== OTL ==========
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\webapps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\homebutton folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\coupon folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin\brand folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\skin folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\webapps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US\coupon folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\en-US folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\webapps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\help\page folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE\coupon folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale\de-DE folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\locale folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\defaults\preferences folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\defaults folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\webapps folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\weather folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\util folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\tracking folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\ticker folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\search\mcollect folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\search folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\pref folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\phish folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\newtab folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\neterror folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\main folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\hotnews folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\horoscope folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\highlight folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\help folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\email folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\ebay folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content\coupon folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\content folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de\components folder moved successfully.
C:\Programme\Mozilla Firefox\distribution\extensions\toolbar@web.de folder moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E33CF602-D945-461A-83F0-819F76A199F8}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
========== FILES ==========
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Info
->Temp folder emptied: 507297 bytes
->Temporary Internet Files folder emptied: 2252566 bytes
->Java cache emptied: 338928 bytes
->FireFox cache emptied: 10856699 bytes
->Google Chrome cache emptied: 97080918 bytes
->Opera cache emptied: 0 bytes
User: Malisa
->Temp folder emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 1461176 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1824 bytes
RecycleBin emptied: 47003998 bytes
Total Files Cleaned = 152,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 03132013_204708
Files\Folders moved on Reboot...
File\Folder C:\Windows\temp\~bdBBF2.tmp not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
|
|
14.03.2013, 20:52
| #30 |
| /// Malware-holic | Minianwendungen werden nicht mehr richtig angezeigt hi was ist mit dem Test? antispyware programme braucht man nicht, deckt jedes antimalware programm ab
__________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet |
|
| Themen zu Minianwendungen werden nicht mehr richtig angezeigt |
| angezeigt, gen, hallo zusammen, kleiner, kurzem, minianwendungen, möglicherweise, nicht mehr, richtig, schwarzer, virus, weißer, zusammen |
Textbox. 
Linear-Darstellung
