Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: CouponDropDown

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 12.04.2013, 16:12   #16
ryder
/// TB-Ausbilder
 
CouponDropDown - Standard

CouponDropDown



Na dann müssen wir weiter nachsehen:



Kontrollscan mit OTL
  • Starte bitte OTL.exe - falls noch nicht vorhanden: LINK
  • Stelle sicher, dass "Alle Benuzter Scannen" angehakt ist!
  • Drücke den Quick Scan Button.
  • Poste die OTL.txt hier in deinen Thread.
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 12.04.2013, 18:33   #17
paula1504
 
CouponDropDown - Standard

CouponDropDown



Code:
ATTFilter
OTL Extras logfile created on: 12.04.2013 19:04:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Max Miller\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,09% Memory free
6,73 Gb Paging File | 5,86 Gb Available in Paging File | 87,05% Paging File free
Paging file location(s): C:\pagefile.sys 5000 5000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 12,32 Gb Free Space | 25,22% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 23,04 Gb Free Space | 23,00% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 232,47 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
 
Computer Name: MAX-MILLER | User Name: Max Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = FirefoxHTML] -- C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
https [open] -- "C:\Programme\Mozilla Firefox\firefox.exe" -osint -url "%1" (Mozilla Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"6112:TCP" = 6112:TCP:*:Enabled:Local Host
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\ICQ7M\ICQ.exe" = C:\Programme\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Programme\Gigabyte\BIOS\gwf32.exe" = C:\Programme\Gigabyte\BIOS\gwf32.exe:*:Enabled:gwflash -- ()
"C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service -- (SiSoftware)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Programme\ICQ7M\ICQ.exe" = C:\Programme\ICQ7M\ICQ.exe:*:Enabled:ICQ7M -- (ICQ, LLC.)
"C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe" = C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service -- (SiSoftware)
"C:\Programme\HP\HP Deskjet 3070 B611 series\Bin\DeviceSetup.exe" = C:\Programme\HP\HP Deskjet 3070 B611 series\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP Geräteeinrichtung (HP Deskjet 3070 B611 series) -- (Hewlett-Packard Co.)
"C:\Programme\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe" = C:\Programme\HP\HP Deskjet 3070 B611 series\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netzwerkkommunikator (HP Deskjet 3070 B611 series) -- (Hewlett-Packard Co.)
"C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe" = C:\Programme\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe:*:Enabled:Ubisoft Game Launcher -- ()
"C:\Programme\Ubisoft\Related Designs\ANNO 2070\Anno5.exe" = C:\Programme\Ubisoft\Related Designs\ANNO 2070\Anno5.exe:*:Enabled:ANNO 2070 -- (Related Designs)
"C:\Programme\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe" = C:\Programme\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe:*:Enabled:ANNO 2070 -- (Related Designs Software)
"C:\Programme\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe" = C:\Programme\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe:*:Enabled:ANNO 2070 -- ()
"E:\PROGRAMM\eMule0.47c\eMule0.49c\eMule0.49c\emule.exe" = E:\PROGRAMM\eMule0.47c\eMule0.49c\eMule0.49c\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
"C:\Programme\Spamihilator\spamihilator.exe" = C:\Programme\Spamihilator\spamihilator.exe:*:Enabled:Spamihilator -- (Michel Krämer)
"C:\Programme\Spamihilator\cdcc.exe" = C:\Programme\Spamihilator\cdcc.exe:*:Enabled:Spamihilator DCC-Filter-Konfiguration -- ()
"C:\Programme\Spamihilator\dccproc.exe" = C:\Programme\Spamihilator\dccproc.exe:*:Enabled:Spamihilator DCC-Filter -- ()
"C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe" = C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit -- (Apple Inc.)
"C:\Programme\Skype\Phone\Skype.exe" = C:\Programme\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.)
"E:\PROGRAMM\eMule0.47c\eMule0.47c\emule.exe" = E:\PROGRAMM\eMule0.47c\eMule0.47c\emule.exe:*:Enabled:eMule -- (hxxp://www.emule-project.net)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"@BIOS" = @BIOS
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{062BFFA1-0CCC-400B-B840-F162328D8C00}" = winLAME prerelease4
"{0893078B-8A9A-84D6-D393-119B9B0B033A}" = CCC Help French
"{0E2A60F7-2907-5718-FF16-7D8FAF70051E}" = CCC Help Chinese Standard
"{11464943-4682-4F6B-A96D-D4E8C26DD111}_is1" = Kalenderchen 5
"{14FAE013-AE19-4FC9-B5BF-E56ADC01ECE6}" = CCC Help Turkish
"{17BB2784-6EE4-D7FF-FE63-58A3AD2B3708}" = CCC Help Russian
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{233588CF-96D5-46AF-EF74-7EC382662791}" = Catalyst Control Center Graphics Full Existing
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 17
"{2AEBE10C-D819-4EBF-BC60-03BF2327D340}" = Microsoft XML Parser and SDK
"{2BBCB7D2-55AA-4156-92B7-CE870624B3AB}" = Spamihilator 1.5.0 (32-Bit)
"{3248F0A8-6813-11D6-A77B-00B0D0150070}" = J2SE Runtime Environment 5.0 Update 7
"{3248F0A8-6813-11D6-A77B-00B0D0150090}" = J2SE Runtime Environment 5.0 Update 9
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0150110}" = J2SE Runtime Environment 5.0 Update 11
"{3260ECBC-9DDF-E7A3-0863-449473BC7BD5}" = CCC Help Chinese Traditional
"{350C97B3-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{39C6C229-CFFD-639E-229A-E463FCD87478}" = CCC Help German
"{41844F24-9CA6-11D4-A74E-00D0B76FE248}" = VBA (2816b)
"{498A4E3D-562E-4129-8722-6DCAB12384AE}" = Windows Communication Foundation Language Pack - DEU
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}" = Microsoft Games for Windows - LIVE 
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.1
"{4F11FC80-CE8C-1BD4-5C39-EBE5744E5135}" = CCC Help Portuguese
"{4FAB2BA7-E16C-95D2-F326-60A68409373F}" = Catalyst Control Center HydraVision Full
"{529AA9A8-5020-6CFB-A809-BC5943C87077}" = CCC Help Thai
"{53604297-26FD-516D-6FF7-1063BA64A0A4}" = Catalyst Control Center Graphics Light
"{55BD3B0B-F054-9341-514F-295A5F7EA450}" = CCC Help Spanish
"{5A4FA9C8-ED56-08C3-153B-FC5C19256290}" = CCC Help Dutch
"{606D713B-B60C-11D6-A47A-00B0D03E4223}" = SolidWorks 2003
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6C390D51-E5F0-4FCD-24C4-731ACAF34571}" = CCC Help Japanese
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7228FD8C-3B9E-4204-AE36-8A466107685B}" = Windows Workflow Foundation DE Language Pack
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7AA8FA9A-1656-7DBD-633B-FE7A62BBED0C}" = CCC Help Czech
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}" = HP Update
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8937FCB2-2FC6-4FC3-9FB5-DE2C92DB9C38}" = Microsoft .NET Framework 2.0 Language Pack - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C22131B-8634-CECF-F0D1-A2ECC160B450}" = CCC Help Norwegian
"{8D7507C3-DF2B-4740-8700-8227C2C7AE81}" = HP Deskjet 3070 B611 series - Grundlegende Software für das Gerät
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{90FBE4D0-2ACA-A8A8-2CC4-CFFBAE528504}" = CCC Help Finnish
"{92DF2F1B-F63C-4D9A-B3E1-B2D11AE29790}" = Windows Presentation Foundation Language Pack (DEU)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D74375E-3012-E7D2-9229-B220C91F326A}" = Catalyst Control Center Core Implementation
"{9EE8BDCA-7505-4895-D91E-8108DD16292E}" = CCC Help English
"{9F20CE56-3828-432D-A3C5-3EC6A2ED93C6}" = HP Deskjet 3070 B611 series Hilfe
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A8AF8BD3-61B5-7945-4D1B-217421F604FC}" = CCC Help Hungarian
"{AA46E1C5-A709-6D9B-D99D-92E4C6E042A9}" = CCC Help Korean
"{AA62A33C-9E5E-3913-7D88-7E58A8CB1493}" = CCC Help Greek
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.6) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B41F5ED6-4D67-4FAA-B787-D5DF1DD0EC80}" = REALTEK RTL8185 Wireless LAN Driver and Utility
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B653F643-A1B4-9936-2DB6-FEA9A3110D8D}" = ccc-core-preinstall
"{B71C4637-0247-78CE-6A3D-D61645CB8921}" = ccc-utility
"{BAF78226-3200-4DB4-BE33-4D922A799840}" = Windows Presentation Foundation
"{BC2E7C0B-1AC6-5F6C-F31D-E1E72D8E0B5C}" = CCC Help Danish
"{BF8C7DA7-2DE6-ED67-6C82-6BE82F8BA8D3}" = Catalyst Control Center Graphics Full New
"{C0919A13-29A7-4798-A81A-E3D38B25FD27}" = powerPARTS 2005.2
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C151CE54-E7EA-4804-854B-F515368B0798}" = Athlon 64 Processor Driver
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite XII.SP2c
"{C409F338-BB20-6C4A-F40D-20CA07AF714C}" = CCC Help Polish
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}" = Badoo Desktop
"{D4B7B2DC-E688-A9D6-6EC0-56AE540E074C}" = Catalyst Control Center Localization All
"{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}" = NVIDIA PhysX v8.10.29
"{D9CD701B-3F04-FC69-D974-F3A7F5E9BA30}" = CCC Help Swedish
"{D9D93D74-107D-4BD3-87D0-AABCF7C98BD5}" = Catalyst Control Center - Branding
"{E213321B-1E88-B38D-DAB2-D8CB9355984A}" = Skins
"{F2A7F421-1679-48D5-B918-96999014ED53}" = Microsoft .NET Framework 3.0 German Language Pack
"{F4148D8F-ED3A-3097-509C-04D5560220F9}" = ccc-core-static
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F7E68997-E626-952B-A7BF-F72066CD5D77}" = Catalyst Control Center Graphics Previews Common
"{FA36C82B-464D-51F2-A6A1-0BC9140BE067}" = CCC Help Italian
"{FB08F381-6533-4108-B7DD-039E11FBC27E}" = Realtek AC'97 Audio
"{FD052FB9-FE90-4438-B355-15EDC89D8FB1}" = Microsoft Games for Windows - LIVE Redistributable
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"All ATI Software" = ATI - Dienstprogramm zur Deinstallation der Software
"ATI Display Driver" = ATI Display Driver
"DivX Setup" = DivX-Setup
"EPSON Printer and Utilities" = EPSON-Drucker-Software
"HP Photo Creations" = HP Photo Creations
"ie8" = Windows Internet Explorer 8
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 4.1.4
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 2.0 Language Pack - DEU" = Microsoft .NET Framework 2.0 Language Pack - DEU
"Microsoft .NET Framework 3.0 German Language Pack" = Microsoft .NET Framework 3.0 German Language Pack
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Revo Uninstaller" = Revo Uninstaller 1.94
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TOPSIM - Startup! Produktion - BPlan" = TOPSIM - Startup! Produktion - BPlan
"VLC media player" = VLC media player 1.0.5
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"WinRAR archiver" = WinRAR
"Zylom Games Player Plugin" = Zylom Games Player Plugin
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 19.03.2013 17:57:45 | Computer Name = MAX-MILLER | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich -877762207.
 
Error - 03.04.2013 16:44:33 | Computer Name = MAX-MILLER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung Skype.exe, Version 6.1.0.129, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x00000200.
 
Error - 03.04.2013 16:48:30 | Computer Name = MAX-MILLER | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich -859215299.
 
Error - 03.04.2013 20:57:21 | Computer Name = MAX-MILLER | Source = Application Error | ID = 1000
Description = Fehlgeschlagene Anwendung explorer.exe, Version 6.0.2900.5512, fehlgeschlagenes
 Modul unknown, Version 0.0.0.0, Fehleradresse 0x4ebb74b2.
 
Error - 03.04.2013 20:57:32 | Computer Name = MAX-MILLER | Source = Application Error | ID = 1001
Description = Fehlerhafter Speicherbereich 1091520410.
 
Error - 05.04.2013 03:17:45 | Computer Name = MAX-MILLER | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 06.04.2013 03:27:01 | Computer Name = MAX-MILLER | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 06.04.2013 10:29:32 | Computer Name = MAX-MILLER | Source = WmiAdapter | ID = 4099
Description = Dienst konnte nicht geöffnet werden.
 
Error - 06.04.2013 10:30:50 | Computer Name = MAX-MILLER | Source = Application Hang | ID = 1002
Description = Stillstehende Anwendung firefox.exe, Version 19.0.2.4814, Stillstandmodul
 hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.
 
Error - 06.04.2013 10:31:17 | Computer Name = MAX-MILLER | Source = Application Hang | ID = 1001
Description = Fehlerhafter Speicherbereich -840653343.
 
[ System Events ]
Error - 11.04.2013 02:52:06 | Computer Name = MAX-MILLER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Ad-Aware" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%1053
 
Error - 11.04.2013 02:52:06 | Computer Name = MAX-MILLER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   PDDSLHND
 
Error - 11.04.2013 10:34:55 | Computer Name = MAX-MILLER | Source = PlugPlayManager | ID = 11
Description = Das Gerät "Root\LEGACY_ESGIGUARD\0000" wurde ohne vorbereitende Maßnahmen
 vom System entfernt.
 
Error - 11.04.2013 10:37:12 | Computer Name = MAX-MILLER | Source = DCOM | ID = 10010
Description = Der Server "{9B1F122C-2982-4E91-AA8B-E071D54F2A4D}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 11.04.2013 10:38:16 | Computer Name = MAX-MILLER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Ad-Aware" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 11.04.2013 10:38:16 | Computer Name = MAX-MILLER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   PDDSLHND
 
Error - 11.04.2013 20:39:30 | Computer Name = MAX-MILLER | Source = DCOM | ID = 10010
Description = Der Server "{9B1F122C-2982-4E91-AA8B-E071D54F2A4D}" konnte innerhalb
 des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
 
Error - 12.04.2013 02:48:49 | Computer Name = MAX-MILLER | Source = Dhcp | ID = 1002
Description = Die IP-Adresslease 192.168.1.33 für die Netzwerkkarte mit der Netzwerkadresse
 00148535DC16 wurde durch  den DHCP-Server 192.168.1.1 abgelehnt (der DHCP-Server 
hat eine DHCPNACK-Meldung gesendet).
 
Error - 12.04.2013 02:48:57 | Computer Name = MAX-MILLER | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Ad-Aware" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%3
 
Error - 12.04.2013 02:48:58 | Computer Name = MAX-MILLER | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   PDDSLHND
 
[ TuneUp Events ]
Error - 27.03.2013 04:14:31 | Computer Name = MAX-MILLER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 27.03.2013 04:14:32 | Computer Name = MAX-MILLER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
Error - 06.04.2013 10:30:14 | Computer Name = MAX-MILLER | Source = TuneUp.UtilitiesSvc | ID = 300
Description = 
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 12.04.2013 19:04:31 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Max Miller\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,92 Gb Available Physical Memory | 46,09% Memory free
6,73 Gb Paging File | 5,86 Gb Available in Paging File | 87,05% Paging File free
Paging file location(s): C:\pagefile.sys 5000 5000 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 48,83 Gb Total Space | 12,32 Gb Free Space | 25,22% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 23,04 Gb Free Space | 23,00% Space Free | Partition Type: NTFS
Drive F: | 232,88 Gb Total Space | 232,47 Gb Free Space | 99,83% Space Free | Partition Type: NTFS
 
Computer Name: MAX-MILLER | User Name: Max Miller | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.04.12 19:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Max Miller\Desktop\OTL.exe
PRC - [2013.04.11 21:37:17 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.03.06 10:32:29 | 000,170,912 | ---- | M] (Oracle Corporation) -- C:\Programme\Java\jre7\bin\jqs.exe
PRC - [2013.01.05 11:13:51 | 002,024,960 | ---- | M] (Michel Krämer) -- C:\Programme\Spamihilator\spamihilator.exe
PRC - [2012.10.15 02:26:44 | 000,127,040 | ---- | M] (ICQ, LLC.) -- C:\Programme\ICQ7M\ICQ.exe
PRC - [2012.07.03 10:04:54 | 000,252,848 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe
PRC - [2010.05.18 23:01:12 | 003,498,496 | ---- | M] (Daniel Manger Software) -- C:\Programme\Kalenderchen\Kalenderchen.exe
PRC - [2009.09.06 13:38:06 | 000,071,096 | ---- | M] () -- F:\temp\CDBurnerXP\NMSAccessU.exe
PRC - [2008.04.22 18:23:02 | 000,098,488 | ---- | M] (SiSoftware) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe
PRC - [2008.04.14 04:22:45 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2008.04.14 04:22:34 | 000,256,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\msagent\agentsvr.exe
PRC - [2006.08.03 05:12:00 | 000,577,536 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\soundman.exe
PRC - [2006.05.22 17:24:02 | 000,675,840 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Programme\REALTEK RTL8185 Wireless LAN Driver and Utility\RtWLan.exe
PRC - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- E:\Programme\Winamp\winampa.exe
PRC - [2001.02.23 10:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.11 21:37:16 | 003,133,336 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2013.03.13 21:04:27 | 014,717,144 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2013.01.05 11:13:52 | 000,279,040 | ---- | M] () -- C:\Programme\Spamihilator\sqlite3.dll
MOD - [2013.01.05 11:13:52 | 000,060,416 | ---- | M] () -- C:\Programme\Spamihilator\zlib1.dll
MOD - [2012.12.18 16:28:26 | 000,301,056 | ---- | M] () -- C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2011.08.30 03:08:56 | 011,800,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\40893760431f8f0dcce3e18630e45b23\System.Web.ni.dll
MOD - [2011.08.30 03:08:46 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b7e0214a811f81e09041864081139641\System.Runtime.Remoting.ni.dll
MOD - [2011.08.30 03:08:06 | 012,430,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d00cc387e462e4c3cdcd112b137cac87\System.Windows.Forms.ni.dll
MOD - [2011.08.30 03:07:56 | 001,587,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7ed09623172a292eaee51e2e3bcaf784\System.Drawing.ni.dll
MOD - [2011.08.30 03:07:28 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\10154dcad2d62f226af2fd4211460a4b\System.Xml.ni.dll
MOD - [2011.08.30 03:07:21 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\77df2cd21a5b85a1605b335aa9ad9d44\System.Configuration.ni.dll
MOD - [2011.08.30 03:07:14 | 007,950,848 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\e6c79e1d71b0c9000afd7e5e439b5c54\System.ni.dll
MOD - [2011.07.22 11:45:45 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d9228d58804dfd75fd92a4d12ffac8af\Accessibility.ni.dll
MOD - [2011.07.22 11:44:20 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
MOD - [2009.12.22 14:20:06 | 001,728,512 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3489.18085__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:06 | 000,692,224 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Wizard\2.0.3489.18132__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:06 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3489.18159__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:06 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.3489.18145__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:06 | 000,290,816 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3489.18067__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:06 | 000,204,800 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3489.18086__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:06 | 000,077,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3489.18140__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:06 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3489.18075__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:06 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3489.18122__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:06 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3489.18080__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:06 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3489.18109__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:06 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3489.18075__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:06 | 000,011,776 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3489.18174__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2009.12.22 14:20:06 | 000,008,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3489.18174__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2009.12.22 14:20:06 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3489.18178__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2009.12.22 14:20:06 | 000,007,680 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3489.18174__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2009.12.22 14:20:05 | 000,364,544 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3489.18127__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:05 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3489.18160__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:05 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Dashboard\2.0.3489.18085__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3489.18127__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:05 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3489.18126__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:05 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Runtime\2.0.3489.18085__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:04 | 001,036,288 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Dashboard\2.0.3489.18097__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:04 | 000,811,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3489.18111__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:04 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3489.18135__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2009.12.22 14:20:04 | 000,225,280 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3489.18086__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:04 | 000,126,976 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3489.18120__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:04 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3489.18111__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:04 | 000,069,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Runtime\2.0.3489.18096__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:03 | 000,798,720 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.3489.18141__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:03 | 000,712,704 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3489.18076__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:03 | 000,675,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Dashboard\2.0.3489.18123__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:03 | 000,589,824 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3489.18087__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:03 | 000,450,560 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3489.18106__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:03 | 000,438,272 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3489.18110__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2009.12.22 14:20:03 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3489.18109__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:03 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3489.18090__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:03 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3489.18110__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:03 | 000,036,864 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3489.18120__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:03 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3489.18121__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2009.12.22 14:20:03 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2009.12.22 14:20:03 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3309.28608__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2009.12.22 14:20:03 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3309.28629__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2009.12.22 14:20:03 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3309.28627__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,073,728 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation\2.0.3309.28604__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2009.12.22 14:20:02 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3309.28618__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2009.12.22 14:20:02 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation\2.0.3309.28601__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2009.12.22 14:20:02 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3309.28603__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2009.12.22 14:20:02 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3309.28669__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2009.12.22 14:20:02 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3309.28630__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2009.12.22 14:20:02 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3309.28620__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3309.28611__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Foundation\2.0.3309.28626__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.OS\2.0.3309.28645__90ba9c70f846762e\DEM.OS.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Graphics\2.0.3309.28630__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3309.28617__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3309.28645__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3309.28647__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2009.12.22 14:20:02 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2009.12.22 14:20:01 | 000,503,808 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3489.18186__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2009.12.22 14:20:01 | 000,065,536 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,053,248 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,049,152 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3309.28634__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3309.28644__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3309.28636__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3309.28624__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3309.28632__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3309.28627__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.OverDrive3.Graphics.Shared\2.0.3309.28633__90ba9c70f846762e\CLI.Aspect.OverDrive3.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3309.28635__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.VPURecover.Graphics.Shared\2.0.3309.28631__90ba9c70f846762e\CLI.Aspect.VPURecover.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3309.28630__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2009.12.22 14:20:01 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Foundation\2.0.3309.28626__90ba9c70f846762e\APM.Foundation.dll
MOD - [2009.12.22 14:20:01 | 000,016,384 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3309.28617__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2009.12.22 14:20:00 | 000,544,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3489.18148__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2009.12.22 14:20:00 | 000,405,504 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3489.18080__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2009.12.22 14:20:00 | 000,106,496 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\MOM.Implementation\2.0.3489.18154__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2009.12.22 14:20:00 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3489.18065__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2009.12.22 14:20:00 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3489.18152__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2009.12.22 14:20:00 | 000,057,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3489.18066__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2009.12.22 14:20:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3309.28628__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2009.12.22 14:20:00 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3489.18167__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2009.12.22 14:20:00 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3309.28608__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2009.12.22 14:20:00 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3309.28614__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2009.12.22 14:20:00 | 000,024,576 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3309.28627__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2009.12.22 14:20:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3309.28612__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2009.12.22 14:20:00 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3309.28626__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2009.12.22 14:20:00 | 000,014,848 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2009.12.22 14:20:00 | 000,013,312 | ---- | M] () -- C:\WINDOWS\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2009.12.22 14:20:00 | 000,007,168 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3489.18063__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2009.12.22 14:19:59 | 001,142,784 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3489.18071__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2009.12.22 14:19:59 | 000,081,920 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATIDEMOS\2.0.3489.18065__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2009.12.22 14:19:59 | 000,040,960 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3309.28621__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2009.12.22 14:19:59 | 000,032,768 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.12.22 14:19:59 | 000,028,672 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CCC.Implementation\2.0.3489.18153__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.12.22 14:19:59 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3309.28624__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2009.12.22 14:19:59 | 000,020,480 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3309.28637__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2009.12.22 14:19:58 | 000,061,440 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\APM.Server\2.0.3489.18064__90ba9c70f846762e\APM.Server.dll
MOD - [2009.12.22 14:19:58 | 000,045,056 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\AEM.Server\2.0.3489.18063__90ba9c70f846762e\AEM.Server.dll
MOD - [2009.09.06 13:38:06 | 000,071,096 | ---- | M] () -- F:\temp\CDBurnerXP\NMSAccessU.exe
MOD - [2009.08.08 17:29:50 | 000,311,296 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.08.08 17:29:48 | 000,430,080 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.07.22 11:47:18 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2008.08.05 13:53:16 | 002,494,464 | ---- | M] () -- C:\Programme\K-Lite Codec Pack\ffdshow\ffdshow.ax
MOD - [2008.07.09 10:06:32 | 000,675,840 | ---- | M] () -- C:\Programme\K-Lite Codec Pack\Filters\ac3filter.ax
MOD - [2008.04.14 04:22:16 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2005.11.21 16:37:42 | 000,131,072 | ---- | M] () -- C:\Programme\REALTEK RTL8185 Wireless LAN Driver and Utility\EnumDevLib.dll
MOD - [2005.07.20 04:53:04 | 000,966,765 | ---- | M] () -- C:\Programme\REALTEK RTL8185 Wireless LAN Driver and Utility\acAuth.dll
MOD - [2003.04.17 08:54:16 | 000,012,288 | ---- | M] () -- E:\Programme\Winamp\winampa.exe
MOD - [2001.02.09 09:00:36 | 000,079,264 | ---- | M] () -- C:\Programme\Microsoft Office\Office10\BLNMGR.DLL
MOD - [2001.02.09 09:00:36 | 000,062,880 | ---- | M] () -- C:\Programme\Microsoft Office\Office10\BLNMGRPS.DLL
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Programme\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - File not found [Disabled | Stopped] -- C:\Programme\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2013.04.11 21:37:16 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2013.03.13 21:04:27 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.06 10:32:29 | 000,170,912 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Programme\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2009.09.06 13:38:06 | 000,071,096 | ---- | M] () [Auto | Running] -- F:\temp\CDBurnerXP\NMSAccessU.exe -- (NMSAccessU)
SRV - [2008.04.22 18:23:02 | 000,098,488 | ---- | M] (SiSoftware) [Auto | Running] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2001.02.23 10:07:30 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe -- (MDM)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | Boot | Stopped] --  -- (PDDSLHND)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\PDDSLADP.SYS -- (PDDSLADP)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NSDriver.sys -- (Ad-Watch Connect Filter)
DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2013.04.03 23:48:21 | 000,013,560 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\gfibto.sys -- (gfibto)
DRV - [2013.03.07 01:33:22 | 000,021,576 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2009.09.28 21:57:28 | 000,007,168 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\WINDOWS\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2009.08.08 16:57:59 | 000,721,904 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2009.07.21 18:30:48 | 003,565,056 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2008.04.13 20:53:09 | 000,040,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nmnt.sys -- (nm)
DRV - [2008.03.10 19:30:36 | 000,021,408 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2007.11.08 19:03:26 | 000,021,248 | ---- | M] (AVIRA GmbH) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2007.03.16 14:27:14 | 000,101,376 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\ACEDRV07.sys -- (ACEDRV07)
DRV - [2006.09.11 18:06:03 | 000,078,848 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\SSHDRV85.sys -- (SSHDRV85)
DRV - [2006.08.18 13:52:00 | 004,017,536 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\alcxwdm.sys -- (ALCXWDM)
DRV - [2005.05.17 11:45:08 | 000,092,800 | R--- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvata.sys -- (nvata)
DRV - [2005.04.05 21:22:30 | 000,012,928 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
DRV - [2005.04.05 21:22:28 | 000,033,536 | R--- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
DRV - [2005.03.09 15:53:00 | 000,043,008 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
DRV - [2004.05.21 10:59:54 | 000,283,392 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\GPlus.sys -- (TNET1130)
DRV - [2002.10.02 09:57:12 | 000,013,532 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SjyPkt.sys -- (SjyPkt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=1310455296&q={searchTerms}
IE - HKLM\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=64C023D324C2F60CBD244B515CA40206"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..browser.startup.homepage: "hxxp://www.freenet.de/"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: DTToolbar@toolbarnet.com:1.1.7.0190
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..extensions.enabledItems: wrc@avast.com:7.0.1466
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Programme\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Programme\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Programme\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Programme\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.46: C:\Programme\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Programme\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.46: C:\Programme\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Programme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Dokumente und Einstellungen\Max Miller\Lokale Einstellungen\Anwendungsdaten\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Programme\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Programme\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.12.20 11:38:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Programme\Mozilla Firefox\components [2013.04.11 21:37:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2013.04.11 21:37:02 | 000,000,000 | ---D | M]
 
[2008.09.14 10:25:36 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Extensions
[2013.04.04 01:01:38 | 000,000,000 | ---D | M] (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions
[2013.04.03 23:49:58 | 000,000,000 | ---D | M] (Ad-Aware Security Add-on) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
[2013.04.03 23:50:02 | 000,000,000 | ---D | M] (Lavasoft Search Plugin) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack
[2012.12.13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.04.04 01:01:38 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.03 23:54:38 | 000,001,610 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\searchplugins\ChatZumSearch.xml
[2013.04.11 21:37:00 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.20 11:38:24 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAMME\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.04.11 21:37:17 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Programme\mozilla firefox\components\browsercomps.dll
[2004.11.13 05:36:20 | 000,005,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\mozilla firefox\plugins\NPAdbESD.dll
[2009.10.23 15:01:34 | 000,102,400 | ---- | M] (Zylom) -- C:\Programme\mozilla firefox\plugins\npzylomgamesplayer.dll
[2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\bing.xml
[2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Programme\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2013.04.11 16:38:26 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programme\Gemeinsame Dateien\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - No CLSID value found.
O4 - HKLM..\Run: [Adobe ARM] C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Programme\Gemeinsame Dateien\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [DivXMediaServer] C:\Programme\DivX\DivX Media Server\DivXMediaServer.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Programme\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Programme\Gemeinsame Dateien\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [WinampAgent] E:\Programme\Winamp\Winampa.exe ()
O4 - HKCU..\Run: [Badoo Desktop] C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe (Badoo)
O4 - HKCU..\Run: [DMS-Kalenderchen] C:\Programme\Kalenderchen\Kalenderchen.exe (Daniel Manger Software)
O4 - HKCU..\Run: [ICQ] C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\REALTEK RTL8185 Wireless LAN Utility.lnk = C:\Programme\REALTEK RTL8185 Wireless LAN Driver and Utility\RtWLan.exe (Realtek Semiconductor Corp.)
O4 - Startup: C:\Dokumente und Einstellungen\Max Miller\Startmenü\Programme\Autostart\Spamihilator.lnk = C:\Programme\Spamihilator\spamihilator.exe (Michel Krämer)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Google Sidewiki... - res://C:\Programme\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll/cmsidewiki.html File not found
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - C:\Programme\ICQ7M\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\PROGRAMM\PartyPoker\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\PROGRAMM\PartyPoker\PartyPoker\RunApp.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3092AA21-DEE7-4BF1-ACB6-2E3D990DDB31}: DhcpNameServer = 192.168.1.1
O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.06.09 16:14:28 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.12 19:03:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Max Miller\Desktop\OTL.exe
[2013.04.12 16:32:15 | 002,347,384 | ---- | C] (ESET) -- C:\Dokumente und Einstellungen\Max Miller\Desktop\esetsmartinstaller_enu.exe
[2013.04.12 16:25:12 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.04.12 12:50:10 | 000,000,000 | ---D | C] -- C:\Programme\ESET
[2013.04.12 09:30:55 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
[2013.04.12 09:30:54 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.04.12 09:30:54 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware
[2013.04.12 09:30:04 | 010,285,040 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Max Miller\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.11 21:36:59 | 000,000,000 | ---D | C] -- C:\Programme\Mozilla Firefox
[2013.04.10 16:37:08 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.04.10 16:30:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.04.04 16:47:04 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Malwarebytes
[2013.04.04 16:46:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
[2013.04.04 01:14:21 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spybot - Search & Destroy
[2013.04.04 01:13:56 | 000,000,000 | ---D | C] -- C:\Programme\Spybot - Search & Destroy 2
[2013.04.03 23:55:01 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Max Miller\Lokale Einstellungen\Anwendungsdaten\Pokki
[2013.04.03 23:54:29 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\LavasoftStatistics
[2013.04.03 23:54:28 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ad-Aware Antivirus
[2013.04.03 23:50:54 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Ad-Aware Antivirus
[2013.04.03 23:50:15 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2013.04.03 23:50:11 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Max Miller\Lokale Einstellungen\Anwendungsdaten\adawarebp
[2013.04.03 23:50:09 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ad-Aware Browsing Protection
[2013.04.03 23:50:04 | 000,000,000 | ---D | C] -- C:\Programme\Toolbar Cleaner
[2013.04.03 23:50:00 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\SecureSearch
[2013.04.03 23:48:22 | 000,044,424 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013.04.03 23:48:22 | 000,013,560 | ---- | C] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013.04.03 23:48:18 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Ad-Aware Antivirus
[2013.04.03 18:50:14 | 000,000,000 | ---D | C] -- C:\Programme\VS Revo Group
[2013.04.03 18:50:14 | 000,000,000 | ---D | C] -- C:\Dokumente und Einstellungen\Max Miller\Startmenü\Programme\Revo Uninstaller
[2013.04.02 03:00:26 | 000,000,000 | RH-D | C] -- C:\Dokumente und Einstellungen\Max Miller\Recent
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.12 19:04:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.04.12 19:03:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Max Miller\Desktop\OTL.exe
[2013.04.12 18:41:00 | 000,000,516 | ---- | M] () -- C:\WINDOWS\tasks\HP Photo Creations Communicator.job
[2013.04.12 16:37:27 | 111,691,960 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Desktop\avast_free_antivirus_setup_8.0.1483.72.exe
[2013.04.12 16:32:23 | 002,347,384 | ---- | M] (ESET) -- C:\Dokumente und Einstellungen\Max Miller\Desktop\esetsmartinstaller_enu.exe
[2013.04.12 09:30:55 | 000,000,762 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.12 09:30:15 | 010,285,040 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Dokumente und Einstellungen\Max Miller\Desktop\mbam-setup-1.75.0.1300.exe
[2013.04.12 08:49:06 | 000,002,422 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.04.12 08:48:46 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.04.11 16:38:26 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.04.11 12:39:07 | 000,000,276 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2013.04.10 16:37:11 | 000,000,355 | RHS- | M] () -- C:\boot.ini
[2013.04.09 22:41:36 | 000,002,243 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Desktop\Skype.lnk
[2013.04.09 21:04:42 | 000,000,492 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Desktop\Verknüpfung mit adwcleaner.lnk
[2013.04.09 01:05:52 | 000,000,020 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\defogger_reenable
[2013.04.07 09:47:50 | 000,435,464 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.04.07 09:47:49 | 000,452,858 | ---- | M] () -- C:\WINDOWS\System32\perfh007.dat
[2013.04.07 09:47:49 | 000,082,530 | ---- | M] () -- C:\WINDOWS\System32\perfc007.dat
[2013.04.07 09:47:49 | 000,069,454 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.04.06 16:34:48 | 000,000,245 | ---- | M] () -- C:\Boot.bak
[2013.04.04 16:30:56 | 000,001,891 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.04.03 23:48:21 | 000,044,424 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\sbbd.exe
[2013.04.03 23:48:21 | 000,013,560 | ---- | M] (GFI Software) -- C:\WINDOWS\System32\drivers\gfibto.sys
[2013.04.03 18:50:14 | 000,000,895 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Desktop\Revo Uninstaller.lnk
[2013.04.02 11:44:54 | 000,233,984 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.03.23 10:19:45 | 000,002,999 | ---- | M] () -- C:\WINDOWS\System32\config.nt
[2013.03.18 02:02:19 | 000,150,025 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\misfits-big.jpg
[2013.03.18 01:54:21 | 000,221,612 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\misfits-leadin.jpg
[2013.03.18 00:29:36 | 000,011,539 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\ich2.jpg
[2013.03.18 00:17:55 | 000,030,440 | ---- | M] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\5.html
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.12 16:34:14 | 111,691,960 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Desktop\avast_free_antivirus_setup_8.0.1483.72.exe
[2013.04.12 09:30:55 | 000,000,762 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.04.10 16:37:11 | 000,000,245 | ---- | C] () -- C:\Boot.bak
[2013.04.10 16:37:09 | 000,262,448 | RHS- | C] () -- C:\cmldr
[2013.04.09 21:04:47 | 000,000,492 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Desktop\Verknüpfung mit adwcleaner.lnk
[2013.04.09 01:05:47 | 000,000,020 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\defogger_reenable
[2013.04.04 16:29:32 | 000,001,891 | ---- | C] () -- C:\WINDOWS\imsins.BAK
[2013.04.03 18:50:14 | 000,000,895 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Desktop\Revo Uninstaller.lnk
[2013.03.18 02:02:19 | 000,150,025 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\misfits-big.jpg
[2013.03.18 01:54:20 | 000,221,612 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\misfits-leadin.jpg
[2013.03.18 00:29:36 | 000,011,539 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\ich2.jpg
[2013.03.18 00:17:55 | 000,030,440 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Eigene Dateien\5.html
[2012.12.23 18:41:49 | 000,002,828 | -HS- | C] () -- C:\WINDOWS\System32\KGyGaAvL.sys
[2012.10.18 08:51:39 | 001,929,576 | ---- | C] () -- C:\WINDOWS\System32\HPScanTRDrv_DJ3070_B611.dll
[2012.10.18 08:50:13 | 000,000,057 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ament.ini
[2011.05.12 13:43:17 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2010.05.09 03:53:19 | 018,499,623 | ---- | C] () -- C:\Programme\vlc-1.0.5-win32.exe
[2009.10.24 19:26:43 | 000,000,016 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\WarcraftIIIAutoRefresh_Config.dat
[2008.11.08 16:19:29 | 000,002,191 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\.recently-used.xbel
[2008.07.03 01:47:01 | 007,118,848 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\sandra.mda
[2007.11.05 20:41:52 | 000,015,428 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\RefEdit.exd
[2007.05.24 22:46:34 | 000,003,155 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\MILLER.KSR
[2007.04.17 18:44:20 | 000,006,289 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\autosave.ksr
[2006.07.06 12:39:24 | 000,000,011 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\ho.dir
[2006.06.21 01:09:10 | 000,233,984 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Lokale Einstellungen\Anwendungsdaten\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2006.06.10 22:51:27 | 000,000,305 | ---- | C] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\addr_file.html
[2006.06.09 16:30:58 | 000,000,143 | ---- | C] () -- C:\Dokumente und Einstellungen\Max Miller\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
 
========== ZeroAccess Check ==========
 
[2006.06.09 16:28:11 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2009.04.29 06:33:23 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2013.04.03 23:59:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ad-Aware Antivirus
[2013.04.03 23:50:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ad-Aware Browsing Protection
[2013.04.10 22:46:16 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AVAST Software
[2013.01.29 19:33:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Badoo
[2009.10.11 18:28:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Canneverbe Limited
[2010.10.16 14:19:56 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Lite
[2009.08.08 17:00:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DAEMON Tools Pro
[2013.04.03 23:50:15 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2012.11.04 01:54:19 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Solidshield
[2012.11.15 09:35:43 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Spamihilator
[2013.04.09 20:57:11 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2006.06.10 14:07:30 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\UDL
[2012.11.20 12:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Visan
[2012.10.27 02:39:53 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Zylom
[2009.09.17 10:34:56 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{55A29068-F2CE-456C-9148-C869879E2357}
[2009.12.22 13:43:02 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC}
[2013.04.04 02:53:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Ad-Aware Antivirus
[2007.09.06 18:22:48 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Ascaron Entertainment
[2009.10.11 18:28:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Canneverbe_Limited
[2009.04.26 20:43:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Command & Conquer 3 Tiberium Wars
[2009.08.08 17:03:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\DAEMON Tools
[2012.11.28 04:43:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\DAEMON Tools Lite
[2009.08.08 16:57:55 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\DAEMON Tools Pro
[2013.01.08 03:28:46 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\DDMSettings
[2011.05.12 19:00:22 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\DeepBurner
[2006.06.10 17:14:50 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\EPSON
[2008.11.08 16:20:02 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\gtk-2.0
[2013.04.12 08:49:29 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\ICQ
[2012.10.15 02:27:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\ICQ Search
[2012.10.15 16:08:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Kalenderchen
[2007.02.07 13:16:37 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Leadertech
[2007.12.24 17:51:36 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\My Games
[2013.04.03 23:50:00 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\SecureSearch
[2013.04.12 08:49:33 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Spamihilator
[2006.11.01 11:40:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\TuneUp Software
[2012.11.04 01:29:09 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Ubisoft
[2013.01.31 18:20:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Unity
[2012.11.20 12:07:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Visan
 
========== Purity Check ==========
 
 

< End of report >
         
__________________


Alt 12.04.2013, 20:21   #18
ryder
/// TB-Ausbilder
 
CouponDropDown - Standard

CouponDropDown



Fix mit OTL
Warnung: Dieses Skript wurde nur für diesen User und diese spezielle Situation geschrieben. Auf anderen Computern ausgeführt kann es nachhaltige Schäden anrichten!
Hinweis: Wenn du deinen Benutzernamen unkenntlich gemacht hast, musst du wieder deinen richtigen Namen einsetzen, ansonsten wird das Skript nicht funktionieren.
  • Starte bitte die OTL.exe.
  • Kopiere nun den Inhalt aus der Codebox in die Textbox.
Code:
ATTFilter
:OTL
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
[2012.12.13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.04.04 01:01:38 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\PROGRAMM\PartyPoker\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\PROGRAMM\PartyPoker\PartyPoker\RunApp.exe File not found
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab (Reg Error: Key error.)

:files

:reg

:commands
[Emptytemp]
         
  • Schliesse bitte nun alle Programme.
  • Klicke nun bitte auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
  • Nach dem Neustart findest Du ein Textdokument auf deinem Desktop. ( Auch zu finden unter C:\_OTL\MovedFiles\<time_date>.txt)
  • Kopiere nun den Inhalt hier in deinen Thread, möglichst in Code-Tags.

Hinweis: Die Ausführung des Kommandos kann einige Minuten dauern und OTL scheint in dieser Zeit nicht zu reagieren. Bitte geduldig sein!
__________________
__________________

Alt 13.04.2013, 07:59   #19
paula1504
 
CouponDropDown - Standard

CouponDropDown



guten morgen ...nachdem ich den OTL fix über nacht laufen lassen habe und sich heute früh nix getan hatte...also weder hat sich ne log datei aufgetan noch wurde der pc neu hochgefahren habe ich nach knapp 7 stunden laufzeit alles mit einem kaltstart beendet da ich auch nicht mehr auf programme zugreifen konnte

Alt 13.04.2013, 10:59   #20
ryder
/// TB-Ausbilder
 
CouponDropDown - Standard

CouponDropDown



Dann reduzieren wir das mal ein wenig:

Code:
ATTFilter
:OTL
FF - prefs.js..extensions.enabledItems: ffxtlbr@Facemoods.com:1.2.1
[2012.12.13 22:29:00 | 000,199,445 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi
[2013.04.04 01:01:38 | 000,817,280 | ---- | M] () (No name found) -- C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\PROGRAMM\PartyPoker\PartyPoker\RunApp.exe File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - E:\PROGRAMM\PartyPoker\PartyPoker\RunApp.exe File not found
         

__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 13.04.2013, 15:03   #21
paula1504
 
CouponDropDown - Standard

CouponDropDown



diesesmal ging es ganz fix...

Code:
ATTFilter
========== OTL ==========
Prefs.js: ffxtlbr@Facemoods.com:1.2.1 removed from extensions.enabledItems
C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\movie2kdownloader@movie2kdownloader.com.xpi moved successfully.
C:\Dokumente und Einstellungen\Max Miller\Anwendungsdaten\Mozilla\Firefox\Profiles\g3xkmkvj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B7FE5D70-9AA2-40F1-9C6B-12A255F085E1}\ not found.
 
OTL by OldTimer - Version 3.2.69.0 log created on 04132013_160153
         

Alt 14.04.2013, 19:26   #22
ryder
/// TB-Ausbilder
 
CouponDropDown - Standard

CouponDropDown



Schön und verrätst du mir auch ob das was geholfen hat`?
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 14.04.2013, 22:05   #23
paula1504
 
CouponDropDown - Standard

CouponDropDown



klar...hat super geklappt...hoffe das es auch so bleibt...dieser virus is ja richtig hartnäckig...ich sage vielen vielen dank
eine kleine spende is auch schon unterwegs zu euch...also nochmal vielen dank für die mühe

lg paula

Alt 15.04.2013, 11:02   #24
ryder
/// TB-Ausbilder
 
CouponDropDown - Standard

CouponDropDown



Alles klar. Dann noch einen Durchlauf mit Delfix und du bist fertig
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Alt 16.04.2013, 13:11   #25
ryder
/// TB-Ausbilder
 
CouponDropDown - Standard

CouponDropDown



Schön, dass wir helfen konnten

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen

Falls du noch Lob oder Kritik loswerden möchtest, dann gibt es diesen Bereich hier: http://www.trojaner-board.de/lob-kritik-wuensche/
__________________
Digitale Freibeuter gegen Malware!
Keine Hilfe per PM!

Antwort

Themen zu CouponDropDown
ahnung, anzeige, anzeigen, befindet, coupondropdown, gmer, hoffe, keine ahnung, kleine, kleinen, konnte, logfiles, malwarebytes, nervige, neuling, poste, posten, problem, zutun




Ähnliche Themen: CouponDropDown


  1. Ad by CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 23.03.2015 (8)
  2. coupondropdown
    Plagegeister aller Art und deren Bekämpfung - 23.10.2013 (5)
  3. Win 7: CouponDropDown entfernen
    Log-Analyse und Auswertung - 24.08.2013 (10)
  4. CouponDropDown Virus
    Plagegeister aller Art und deren Bekämpfung - 12.08.2013 (83)
  5. Coupondropdown in shockwave flash
    Plagegeister aller Art und deren Bekämpfung - 26.07.2013 (2)
  6. CouponDropDown entfernen?
    Log-Analyse und Auswertung - 18.07.2013 (12)
  7. CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 18.07.2013 (21)
  8. Virus Coupondropdown auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 15.07.2013 (33)
  9. CouponDropDown
    Log-Analyse und Auswertung - 14.07.2013 (21)
  10. CouponDropDown - Virus?
    Plagegeister aller Art und deren Bekämpfung - 03.07.2013 (13)
  11. CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 12.05.2013 (15)
  12. CouponDropDown entfernen
    Log-Analyse und Auswertung - 26.04.2013 (9)
  13. Coupondropdown
    Plagegeister aller Art und deren Bekämpfung - 21.03.2013 (58)
  14. CouponDropDown - brauche Unterstützung
    Log-Analyse und Auswertung - 12.03.2013 (37)
  15. CouponDropDown entfernen
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (17)
  16. Mein PC ist mit CouponDropDown infiziert
    Plagegeister aller Art und deren Bekämpfung - 29.01.2013 (12)
  17. Coupondropdown und akamaihd.net
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (3)

Zum Thema CouponDropDown - Na dann müssen wir weiter nachsehen: Kontrollscan mit OTL Starte bitte OTL.exe - falls noch nicht vorhanden: LINK Stelle sicher, dass "Alle Benuzter Scannen" angehakt ist! Drücke den Quick Scan - CouponDropDown...
Archiv
Du betrachtest: CouponDropDown auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.