Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Meine Log Files

Meine Log Files


Log-Analyse und Auswertung: Meine Log Files

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 07.05.2011, 16:01   #1
GigantCj
 
Meine Log Files - Standard

Meine Log Files


Ich hoffe ich hab das richtige Forum erwischt und richtig verstanden um was es geht. Hier meine Files:OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.05.2011 16:43:06 - Run 1
OTL by OldTimer - Version 3.2.22.3 Folder = C:\Users\****\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 70,00% Memory free
16,00 Gb Paging File | 13,00 Gb Available in Paging File | 84,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,76 Gb Total Space | 279,80 Gb Free Space | 60,07% Space Free | Partition Type: NTFS
 
Computer Name: DAVID_G-PC | User Name: **** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.05.07 16:33:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\David Goetzinger\Desktop\OTL.exe
PRC - [2011.05.01 20:53:11 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2011.04.28 09:42:41 | 000,403,240 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011.02.25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.11.17 16:45:52 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\steam.exe
PRC - [2010.11.17 15:18:08 | 000,476,464 | ---- | M] (Stardock Corporation) -- C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe
PRC - [2010.08.03 09:44:28 | 000,858,696 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\ColorOnly\LCDYT.exe
PRC - [2010.08.03 09:44:16 | 000,498,248 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\ColorOnly\LCDWebCam.exe
PRC - [2010.08.03 09:43:32 | 000,850,504 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\ColorOnly\LCDMovieViewer.exe
PRC - [2010.08.03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2010.07.03 13:13:26 | 000,075,064 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2010.05.14 11:44:46 | 000,501,480 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
PRC - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2010.02.26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe
PRC - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE
PRC - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2009.08.04 17:29:52 | 000,346,320 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.06.24 12:10:00 | 000,525,640 | R--- | M] (WinZip Computing, S.L.) -- C:\Program Files (x86)\WinZip\WZQKPICK.EXE
PRC - [2009.06.04 01:55:16 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2009.06.04 01:49:56 | 001,213,440 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2007.09.19 11:17:26 | 001,969,824 | ---- | M] () -- C:\Windows\SysWOW64\WTMKM.exe
PRC - [2007.09.17 17:48:48 | 000,364,192 | ---- | M] () -- C:\Windows\SysWOW64\atwtusb.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.05.07 16:33:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\David Goetzinger\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.01.27 00:55:36 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.01.26 19:01:28 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.06.17 06:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2011.05.04 19:55:35 | 003,274,328 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_3f211bc.dll -- (Akamai)
SRV - [2011.04.28 09:42:41 | 000,403,240 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.02.28 19:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 11:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.07.03 13:13:26 | 000,075,064 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010.04.24 01:10:34 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2010.04.24 01:10:28 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2010.03.21 00:17:41 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2010.03.20 23:59:15 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.26 02:21:50 | 000,126,392 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\ccSvcHst.exe -- (N360)
SRV - [2009.08.24 14:38:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Gigabyte\EasySaver\ESSVR.EXE -- (ES lite Service)
SRV - [2009.08.04 17:29:54 | 000,219,360 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.08.03 23:02:10 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.06 18:53:50 | 001,220,608 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.22 14:42:30 | 000,303,616 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.02.22 14:42:26 | 000,035,328 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.01.27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.01.27 01:37:20 | 009,085,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.01.27 00:13:32 | 000,299,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:03:42 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.17 14:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.09.13 12:33:18 | 000,020,552 | ---- | M] (Devguru Co., Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dgderdrv.sys -- (dgderdrv)
DRV:64bit: - [2010.09.13 12:28:48 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.08.23 22:17:08 | 000,173,104 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2010.07.20 12:38:24 | 000,159,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2010.07.20 12:38:24 | 000,125,416 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2010.07.20 12:38:24 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2010.06.22 00:07:36 | 000,131,688 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2010.05.06 11:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.05.06 06:01:59 | 000,451,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symtdiv.sys -- (SYMTDIv)
DRV:64bit: - [2010.05.06 06:01:44 | 000,053,808 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)
DRV:64bit: - [2010.04.29 07:03:51 | 000,150,064 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010.04.24 01:10:32 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2010.04.24 01:10:28 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2010.04.24 01:10:28 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2010.04.24 01:10:20 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2010.04.22 05:02:20 | 000,221,232 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symefa64.sys -- (SymEFA)
DRV:64bit: - [2010.04.22 04:29:51 | 000,505,392 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2010.04.22 04:29:51 | 000,032,304 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2010.04.07 12:14:50 | 000,446,304 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr6164.sys -- (rt61x64)
DRV:64bit: - [2010.02.26 02:22:52 | 000,615,040 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\cchpx64.sys -- (ccHP)
DRV:64bit: - [2010.02.18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010.02.04 03:40:47 | 000,433,200 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\N360x64\0403000.005\symds64.sys -- (SymDS)
DRV:64bit: - [2010.01.08 01:12:00 | 000,031,832 | ---- | M] (KORG INC.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KORGUM64.SYS -- (KORGUMDS)
DRV:64bit: - [2009.11.23 17:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 17:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.11.20 19:16:00 | 000,056,424 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)
DRV:64bit: - [2009.09.02 11:09:34 | 000,221,696 | ---- | M] (Realtek ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2009.08.14 17:09:42 | 000,120,960 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.30 13:58:42 | 000,236,544 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009.07.17 20:52:00 | 000,201,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.06 08:22:56 | 000,014,336 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\otmfilter.sys -- (otmfilter.sys)
DRV:64bit: - [2009.07.01 12:54:54 | 000,030,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGPBTDD.sys -- (LGPBTDD)
DRV:64bit: - [2009.06.19 13:59:08 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM)
DRV:64bit: - [2009.06.19 13:59:06 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 03:49:58 | 001,561,112 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2009.06.04 03:49:42 | 000,118,296 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2009.06.04 03:49:34 | 000,213,016 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2009.06.04 03:49:26 | 000,015,896 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2009.06.04 03:49:18 | 000,179,224 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2009.06.04 03:49:08 | 000,684,312 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2009.06.04 03:49:00 | 000,580,632 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2009.06.04 03:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2009.06.04 03:48:50 | 001,417,240 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2009.06.04 03:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2009.06.04 03:48:38 | 000,094,744 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2009.06.04 03:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2009.06.04 03:48:30 | 000,202,776 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009.06.02 10:55:20 | 001,207,808 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.05.18 23:17:08 | 000,034,152 | R--- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.14 03:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.04.30 07:06:58 | 000,339,360 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvmf6264.sys -- (NVNET)
DRV:64bit: - [2009.02.03 17:46:14 | 000,077,952 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV:64bit: - [2009.02.03 17:40:13 | 000,077,432 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV:64bit: - [2009.02.03 17:37:50 | 000,075,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01.sys -- (sfdrv01) StarForce Protection Environment Driver (version 1.x)
DRV:64bit: - [2008.06.24 07:21:18 | 000,027,136 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\elanusb.sys -- (ELANUSB)
DRV:64bit: - [2007.02.08 19:47:24 | 000,107,384 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfvfs02.sys -- (sfvfs02) StarForce Protection VFS Driver (version 2.x)
DRV:64bit: - [2006.06.14 16:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2011.05.07 16:36:48 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2011.04.15 22:29:04 | 001,127,032 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20110430.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.03.31 19:32:07 | 001,828,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110506.037\EX64.SYS -- (NAVEX15)
DRV - [2011.03.31 19:32:07 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20110506.037\ENG64.SYS -- (NAVENG)
DRV - [2011.03.14 20:58:28 | 000,476,792 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20110506.001\IDSviA64.sys -- (IDSVia64)
DRV - [2010.09.13 12:28:48 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2010.08.23 01:00:00 | 000,475,696 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2010.08.23 01:00:00 | 000,132,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009.12.25 02:00:27 | 000,086,584 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWow64\drivers\adfs.sys -- (adfs)
DRV - [2004.04.08 12:06:08 | 000,070,400 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prohlp02.sys -- (prohlp02)
DRV - [2004.04.08 10:46:50 | 000,054,272 | ---- | M] (Protection Technology) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\prodrv06.sys -- (prodrv06)
DRV - [2003.12.01 17:20:52 | 000,004,832 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfhlp01.sys -- (sfhlp01)
DRV - [2003.09.06 14:22:08 | 000,006,944 | ---- | M] (Protection Technology) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\prosync1.sys -- (prosync1)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {89f4495b-b1f0-4ee7-995d-980dceed80a8} - C:\Program Files (x86)\Softonic_Deutsch_Movavi\tbSof0.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2346991
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6F 89 35 F1 FC 23 CA 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {89f4495b-b1f0-4ee7-995d-980dceed80a8} - C:\Program Files (x86)\Softonic_Deutsch_Movavi\tbSof0.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaultthis.engineName: "Softonic Deutsch Movavi Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2346991&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Yahoo"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: anycolor.pavlos256@gmail.com:0.3.3
FF - prefs.js..extensions.enabledItems: yyginstantplay@yoyogames.com:1.1.0.24
FF - prefs.js..extensions.enabledItems: {89f4495b-b1f0-4ee7-995d-980dceed80a8}:3.3.3.2
FF - prefs.js..extensions.enabledItems: {fbc8441e-a153-45b0-8e93-87521a5812a1}:2.1
FF - prefs.js..extensions.enabledItems: netviewero2o@netviewero2o:1.0
FF - prefs.js..extensions.enabledItems: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:2.0
FF - prefs.js..extensions.enabledItems: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:4.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.51
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.3.3.2
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.11.3.15590
 
FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\ProgramData\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c} [2009.10.30 18:49:29 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\netviewero2o@netviewero2o: C:\Program Files (x86)\Netviewer\Support\Plugin\FF plugin\NVFFSupport [2010.05.16 18:34:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPlgn\ [2010.08.25 11:01:43 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\coFFPlgn\ [2010.08.23 22:17:45 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.11.14 21:42:08 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.05.01 20:53:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.01 20:53:13 | 000,000,000 | ---D | M]
 
[2009.10.30 18:54:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Extensions
[2011.05.07 13:43:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions
[2010.06.27 15:08:42 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.04.18 21:30:06 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011.03.26 21:06:29 | 000,000,000 | ---D | M] (Softonic Deutsch Movavi Community Toolbar) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\{89f4495b-b1f0-4ee7-995d-980dceed80a8}
[2010.02.07 21:27:33 | 000,000,000 | ---D | M] (VMN Toolbar) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\{fbc8441e-a153-45b0-8e93-87521a5812a1}
[2010.08.20 22:28:43 | 000,000,000 | ---D | M] (AnyColor) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\anycolor.pavlos256@gmail.com
[2011.03.26 21:06:29 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\engine@conduit.com
[2011.04.27 14:54:59 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\toolbar@ask.com
[2011.01.31 17:56:16 | 000,000,000 | ---D | M] ("YoYo Games InstantPlay") -- C:\Users\David Goetzinger\AppData\Roaming\mozilla\Firefox\Profiles\lljwif2n.default\extensions\yyginstantplay@yoyogames.com
[2009.07.16 11:24:10 | 000,000,908 | ---- | M] () -- C:\Users\David Goetzinger\AppData\Roaming\Mozilla\Firefox\Profiles\lljwif2n.default\searchplugins\conduit.xml
[2011.02.05 10:01:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.01 12:09:38 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.28 11:26:15 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.01 11:45:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.02.05 10:01:31 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2010.11.14 21:42:08 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES (X86)\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2010.05.16 18:34:55 | 000,000,000 | ---D | M] (Netviewer Support) -- C:\PROGRAM FILES (X86)\NETVIEWER\SUPPORT\PLUGIN\FF PLUGIN\NVFFSUPPORT
[2010.08.23 22:17:45 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\COFFPLGN
[2010.08.25 11:01:43 | 000,000,000 | ---D | M] (Norton IPS) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\IPSFFPLGN
[2010.11.12 19:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.05.01 20:53:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.01 20:53:12 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.01 20:53:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.01 20:53:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.01 20:53:12 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.6209.1142\swg64.dll (Google Inc.)
O2 - BHO: (Netviewer Support) - {4BE8B65B-EE14-40C1-B6BB-31E494FE6EBA} - C:\PROGRA~2\NETVIE~1\Support\Plugin\IEPLUG~1\NVIEPL~1.DLL (Netviewer AG)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Softonic Deutsch Movavi Toolbar) - {89f4495b-b1f0-4ee7-995d-980dceed80a8} - C:\Program Files (x86)\Softonic_Deutsch_Movavi\tbSof0.dll (Conduit Ltd.)
O2 - BHO: (VMN Toolbar Astro Gemini) - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~2\VMNTOO~1\VMNTOO~1.DLL (Visicom Media Inc. )
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.6209.1142\swg.dll (Google Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Softonic Deutsch Movavi Toolbar) - {89f4495b-b1f0-4ee7-995d-980dceed80a8} - C:\Program Files (x86)\Softonic_Deutsch_Movavi\tbSof0.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (VMN Toolbar Astro Gemini) - {A057A204-BACC-4D26-8287-79A187E26987} - C:\PROGRA~2\VMNTOO~1\VMNTOO~1.DLL (Visicom Media Inc. )
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (&Netviewer Support) - {E1F9EDE7-EF90-4A65-A5A4-D2FFEEA5D469} - C:\PROGRA~2\NETVIE~1\Support\Plugin\IEPLUG~1\NVIEPL~1.DLL (Netviewer AG)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\4.3.0.5\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Softonic Deutsch Movavi Toolbar) - {89F4495B-B1F0-4EE7-995D-980DCEED80A8} - C:\Program Files (x86)\Softonic_Deutsch_Movavi\tbSof0.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [atwtusb] C:\Windows\SysWow64\atwtusb.exe ()
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files (x86)\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [MacrokeyManager] C:\Windows\SysWow64\WTMKM.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [ISUSPM Startup] File not found
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - Startup: C:\Users\David Goetzinger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Impulse Now.lnk = C:\Program Files (x86)\Stardock\Impulse\Now\ImpulseNow.exe (Stardock Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_D183CA64F05FDD98.dll (Google Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex64-2.2.5.0.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {C49134CC-B5EF-458C-A442-E8DFE7B4645F} hxxp://www.yoyogames.com/plugins/activex/YoYo.cab (YYGInstantPlay Control)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15112/CTPID.cab (Creative Software AutoUpdate Support Package)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FB} - Deskscapes - C:\Program Files (x86)\Stardock\Object Desktop\DeskScapes3\deskscapes.dll (Stardock Corporation)
O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FD} - Stardock Vista ControlPanel Extension - File not found
O22:64bit: - SharedTaskScheduler: {EC654325-1273-C2A9-2B7C-45D29BCE68FF} - StardockDreamController - File not found
O22 - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysWOW64\DreamScene.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{55916025-ebff-11de-8474-c1f1c51c2192}\Shell - "" = AutoRun
O33 - MountPoints2\{55916025-ebff-11de-8474-c1f1c51c2192}\Shell\AutoRun\command - "" = E:\USBAutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.05.07 16:33:37 | 000,791,393 | ---- | C] (Lars Hederer ) -- C:\Users\David Goetzinger\Desktop\Erunt-setup.exe
[2011.05.07 16:33:37 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\David Goetzinger\Desktop\OTL.exe
[2011.05.07 16:33:37 | 000,446,464 | ---- | C] (OldTimer Tools) -- C:\Users\David Goetzinger\Desktop\TFC.exe
[2011.05.05 20:29:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
[2011.05.04 19:56:28 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\AppData\Local\{43514CFA-39A0-430F-AD54-9FF9F4EE4105}
[2011.05.04 19:56:27 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\AppData\Local\{DF21B171-CC8B-405A-8C35-6833AFE7E09C}
[2011.04.23 15:34:45 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\AppData\Roaming\Carambis
[2011.04.23 15:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2011.04.23 15:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carambis
[2011.04.21 12:52:00 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2011.04.21 12:50:38 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.04.21 12:50:12 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[2011.04.21 12:48:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
[2011.04.21 12:47:25 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live
[2011.04.21 12:14:39 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\AppData\Local\Windows Live
[2011.04.21 12:14:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
[2011.04.21 12:10:55 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2011.04.21 12:10:46 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2011.04.18 18:14:26 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\AppData\Local\PokerStars.NET
[2011.04.18 18:14:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET
[2011.04.15 14:01:07 | 000,000,000 | ---D | C] -- C:\62b32b2fafdb0245191a8d
[2011.04.09 10:12:58 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\AppData\Roaming\RIFT
[2011.04.09 10:12:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RIFT
[2011.04.09 10:12:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RIFT Game
[2011.04.08 10:46:50 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\D-Robo-G Christmas V1.0
[2011.04.08 10:46:49 | 000,000,000 | ---D | C] -- C:\Windows\D-Robo-G Christmas V1.0 Uninstaller
[2011.04.08 10:40:35 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\Documents\Screensaver_projects
[2011.04.08 10:40:11 | 003,114,775 | ---- | C] (Jan Kolarik & Ondrej Vaverka) -- C:\Windows\D-Robo-G Christmas V1.0.scr
[2011.04.08 10:39:08 | 000,000,000 | ---D | C] -- C:\Users\David Goetzinger\Desktop\D-Robo-G_Screensavers
[2011.04.08 10:25:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstantStorm
[2009.06.04 01:57:38 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2009.06.04 01:32:54 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.05.07 16:45:01 | 000,012,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.05.07 16:45:01 | 000,012,704 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.05.07 16:37:43 | 000,000,426 | ---- | M] () -- C:\Windows\tasks\FileCure Startup.job
[2011.05.07 16:36:46 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.05.07 16:36:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.05.07 16:36:07 | 2146,295,807 | -HS- | M] () -- C:\hiberfil.sys
[2011.05.07 16:35:10 | 000,062,764 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000006-00001102-00000005-00311102}.rfx
[2011.05.07 16:35:10 | 000,062,764 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000006-00001102-00000005-00311102}.rfx
[2011.05.07 16:35:10 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000006-00001102-00000005-00311102}.rfx
[2011.05.07 16:33:51 | 000,791,393 | ---- | M] (Lars Hederer ) -- C:\Users\David Goetzinger\Desktop\Erunt-setup.exe
[2011.05.07 16:33:40 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\David Goetzinger\Desktop\OTL.exe
[2011.05.07 16:33:40 | 000,446,464 | ---- | M] (OldTimer Tools) -- C:\Users\David Goetzinger\Desktop\TFC.exe
[2011.05.07 16:01:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.05.04 20:10:16 | 040,855,131 | ---- | M] () -- C:\Users\David Goetzinger\Mein Aquarium.wmv
[2011.05.04 20:00:15 | 001,614,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.05.04 20:00:15 | 000,697,230 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.05.04 20:00:15 | 000,652,548 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.05.04 20:00:15 | 000,148,268 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.05.04 20:00:15 | 000,121,222 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.05.03 14:59:43 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\FileCure.job
[2011.04.28 18:53:26 | 078,427,295 | ---- | M] () -- C:\Users\David Goetzinger\Desktop\theme_of_never_ending_love.mp4
[2011.04.28 10:07:40 | 000,026,980 | ---- | M] () -- C:\Users\David Goetzinger\AppData\Roaming\phpdesigner.xml
[2011.04.23 15:34:45 | 000,005,115 | ---- | M] () -- C:\ProgramData\mtbjfghn.xbe
[2011.04.21 13:23:13 | 004,864,776 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.04.21 12:56:13 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.04.21 12:56:11 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.04.21 12:49:24 | 000,000,020 | ---- | M] () -- C:\Windows\`ù,
[2011.04.09 18:55:28 | 000,179,261 | ---- | M] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.09 10:15:08 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\RIFT spielen.lnk
[2011.04.08 10:44:38 | 003,114,775 | ---- | M] (Jan Kolarik & Ondrej Vaverka) -- C:\Windows\D-Robo-G Christmas V1.0.scr
 
========== Files Created - No Company Name ==========
 
[2011.05.04 20:09:54 | 040,855,131 | ---- | C] () -- C:\Users\David Goetzinger\Mein Aquarium.wmv
[2011.04.28 19:39:51 | 078,427,295 | ---- | C] () -- C:\Users\David Goetzinger\Desktop\theme_of_never_ending_love.mp4
[2011.04.23 15:34:45 | 000,005,115 | ---- | C] () -- C:\ProgramData\mtbjfghn.xbe
[2011.04.21 13:27:00 | 000,001,439 | ---- | C] () -- C:\Users\David Goetzinger\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.04.21 12:56:13 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.04.21 12:56:11 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.04.21 12:49:51 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011.04.21 12:49:32 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011.04.21 12:49:23 | 000,000,020 | ---- | C] () -- C:\Windows\`ù,
[2011.04.21 12:48:49 | 000,001,458 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011.04.21 12:11:47 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2011.04.21 12:11:34 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2011.04.21 12:10:36 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2011.04.21 12:10:33 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2011.04.21 12:10:33 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2011.04.21 12:10:19 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2011.04.21 12:10:19 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.09 10:15:08 | 000,001,931 | ---- | C] () -- C:\Users\Public\Desktop\RIFT spielen.lnk
[2011.04.08 10:25:41 | 000,001,107 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InstantStorm.lnk
[2011.03.30 21:34:43 | 000,228,949 | ---- | C] () -- C:\Users\David Goetzinger\AppData\Local\debuggee.mdmp
[2010.12.21 04:27:20 | 000,003,113 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.11.14 18:34:24 | 000,216,943 | ---- | C] () -- C:\Windows\hpwins22.dat.temp
[2010.11.14 18:34:24 | 000,002,940 | ---- | C] () -- C:\Windows\hpwmdl22.dat.temp
[2010.10.08 22:41:41 | 001,576,620 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.07.26 21:46:25 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2010.07.03 13:13:28 | 000,215,128 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.07.03 13:13:26 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.07.03 13:13:26 | 000,075,064 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2010.05.29 15:34:33 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2010.03.20 23:56:23 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2010.03.09 19:13:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.07 22:34:56 | 000,000,632 | ---- | C] () -- C:\Windows\Edofma.INI
[2010.01.02 01:05:26 | 000,004,896 | ---- | C] () -- C:\ProgramData\kbkwknay.ayh
[2009.12.24 23:52:18 | 000,023,719 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009.12.24 00:13:23 | 000,007,594 | ---- | C] () -- C:\Users\David Goetzinger\AppData\Local\Resmon.ResmonCfg
[2009.12.19 21:09:18 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2009.12.19 21:09:18 | 000,002,412 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2009.12.18 21:16:49 | 000,221,291 | ---- | C] () -- C:\Windows\Imei_dll.dll
[2009.12.18 21:16:49 | 000,040,960 | ---- | C] () -- C:\Windows\Sublock.dll
[2009.12.06 17:51:56 | 000,364,192 | ---- | C] () -- C:\Windows\SysWow64\atwtusb.exe
[2009.12.06 17:51:53 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\InstallService.exe
[2009.12.06 17:51:51 | 001,969,824 | ---- | C] () -- C:\Windows\SysWow64\WTMKM.exe
[2009.12.06 17:51:49 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\ATWTINK.DLL
[2009.12.06 17:51:49 | 000,102,048 | ---- | C] () -- C:\Windows\RmTablet.exe
[2009.12.06 17:51:46 | 000,013,291 | R--- | C] () -- C:\Windows\SysWow64\PhotoImpact XL SE.ini
[2009.12.06 17:51:46 | 000,009,074 | R--- | C] () -- C:\Windows\SysWow64\Vista.ini
[2009.12.06 17:51:46 | 000,008,742 | R--- | C] () -- C:\Windows\SysWow64\XP_2000.ini
[2009.12.06 17:51:46 | 000,006,432 | ---- | C] () -- C:\Windows\aiptbl.ini
[2009.12.06 17:51:46 | 000,000,583 | R--- | C] () -- C:\Windows\SysWow64\MKProfile.ini
[2009.12.05 23:15:00 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.12.05 23:14:59 | 000,014,392 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.12.05 23:06:14 | 000,026,155 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2009.12.05 23:05:17 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.05 23:05:07 | 000,021,050 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2009.11.09 21:57:57 | 000,000,009 | ---- | C] () -- C:\Windows\ULEAD32.INI
[2009.11.03 13:15:37 | 000,026,980 | ---- | C] () -- C:\Users\David Goetzinger\AppData\Roaming\phpdesigner.xml
[2009.10.30 18:39:27 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.10.30 18:36:29 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.10.30 18:36:29 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.10.06 09:16:00 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2009.10.02 20:12:20 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009.09.24 20:36:49 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.08.27 09:04:12 | 000,207,400 | R--- | C] () -- C:\Windows\GSetup.exe
[2009.08.21 16:17:07 | 001,667,072 | ---- | C] () -- C:\Windows\SysWow64\libmysql.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.04 02:37:08 | 000,021,093 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2009.06.04 01:55:20 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2009.06.04 01:40:44 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2009.06.04 01:40:44 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2009.06.04 01:33:04 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2009.05.27 10:49:00 | 000,000,285 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2009.04.02 14:30:14 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
 
========== LOP Check ==========
 
[2010.02.07 21:27:21 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Astro Gemini Software
[2011.04.02 10:41:24 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Blender Foundation
[2011.04.23 15:34:45 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Carambis
[2010.11.21 15:23:13 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Dev-Cpp
[2010.06.26 16:39:57 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\DisplayTune
[2011.04.22 18:51:32 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\FileZilla
[2009.11.22 14:02:28 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\FOG Downloader
[2010.12.24 22:43:27 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\IcoFX
[2010.10.19 19:43:07 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\KORG
[2009.12.18 21:22:40 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\LG Electronics
[2010.07.26 21:50:30 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\MAGIX
[2009.12.27 21:27:32 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\NCH Swift Sound
[2010.05.16 18:34:56 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Netviewer
[2010.07.12 18:18:41 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\phpDesigner
[2011.04.09 11:42:12 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\RIFT
[2011.04.09 10:36:26 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Samsung
[2011.05.05 20:28:30 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\SoftGrid Client
[2010.02.07 13:51:59 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Stardock
[2010.10.19 21:06:40 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Synthesia
[2010.01.22 21:47:26 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\TeamViewer
[2011.03.27 21:19:32 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\TERMINAL Studio
[2011.02.26 18:54:16 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\The Creative Assembly
[2010.10.09 20:06:08 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\TP
[2010.09.04 22:34:55 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\TS3Client
[2010.12.04 14:30:29 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\Unity
[2010.02.07 21:27:28 | 000,000,000 | ---D | M] -- C:\Users\David Goetzinger\AppData\Roaming\vmntoolbar
[2010.01.29 21:29:05 | 000,000,000 | -H-D | M] -- C:\Users\David Goetzinger\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011.05.07 16:37:43 | 000,000,426 | ---- | M] () -- C:\Windows\Tasks\FileCure Startup.job
[2011.05.03 14:59:43 | 000,000,410 | ---- | M] () -- C:\Windows\Tasks\FileCure.job
[2010.10.10 11:05:33 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
--- --- ---
 

Themen zu Meine Log Files
adobe, akamai, bho, bingbar, bonjour, browser, conduit, device driver, error, explorer, firefox, format, google, helper, intranet, intrusion prevention, langs, launch, location, log, log file, log files, logfile, mozilla, nvidia, object, oldtimer, plug-in, programme, realtek, registry, scan, searchplugins, softonic, software, start menu, symantec, syswow64, vdeck.exe, vista, webcheck, windows


« Verdacht auf Keylogger | Windows recovery - leerer Desktop trotz unhide & Loganalyse »


Ähnliche Themen: Meine Log Files


  1. Schrauber rettete meine Laptop, mein Examen und meine Nerven :)
    Lob, Kritik und Wünsche - 18.09.2014 (0)
  2. Log Files Beurteilung: insb. Vorgehen bei Meldung in Log Files "Files to move or delete:..."
    Log-Analyse und Auswertung - 20.05.2014 (15)
  3. Such jemanden der Zeit und Lust hat sich meine Log-Files anzusehen
    Log-Analyse und Auswertung - 25.02.2013 (13)
  4. Meine Identität wurde über meine IP festgestellt?
    Log-Analyse und Auswertung - 13.02.2013 (5)
  5. O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSetting
    Mülltonne - 02.07.2012 (0)
  6. Spambot verschickt meine über meine Emailadresse
    Log-Analyse und Auswertung - 23.12.2011 (1)
  7. Spam-Mails über meine Mail-Adresse auf meine Kontakte geschickt!
    Log-Analyse und Auswertung - 28.11.2010 (1)
  8. C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
    Log-Analyse und Auswertung - 31.05.2009 (1)
  9. Sind meine HiJackThis Log-Files in Ordnung?
    Log-Analyse und Auswertung - 07.05.2009 (1)
  10. Bitte um Auswertung meine Hijackthis Log-Files
    Mülltonne - 19.10.2008 (0)
  11. Trojaner! Hilfe! wie entfernen? meine HiJackThis Log-Files
    Log-Analyse und Auswertung - 23.06.2008 (6)
  12. Log Files
    Log-Analyse und Auswertung - 08.01.2008 (1)
  13. VirusProtect !!! entfernen unmöglich !!! hier meine log files
    Plagegeister aller Art und deren Bekämpfung - 30.12.2007 (10)
  14. zip files
    Plagegeister aller Art und deren Bekämpfung - 15.08.2006 (3)
  15. meine log files
    Log-Analyse und Auswertung - 19.11.2005 (8)
  16. check meine log files
    Log-Analyse und Auswertung - 23.09.2004 (1)
  17. Bitte chackt doch mal jemand mit mehr Ahnung als ich meine log files,danke!
    Plagegeister aller Art und deren Bekämpfung - 06.06.2004 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Meine Log Files - Ich hoffe ich hab das richtige Forum erwischt und richtig verstanden um was es geht. Hier meine Files:OTL Logfile: Code: Alles auswählen Aufklappen ATTFilter OTL logfile created on: 07.05.2011 16:43:06 - Meine Log Files...
Archiv
Du betrachtest: Meine Log Files auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131