Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Meine Browser öffenen keine Websites mehr und Downloads werden nicht zuende geführt (https://www.trojaner-board.de/104006-browser-oeffenen-keine-websites-mehr-downloads-zuende-gefuehrt.html)

ShaunBrought 09.10.2011 19:46
Meine Browser öffenen keine Websites mehr und Downloads werden nicht zuende geführt
 
Hallo Freunde der digitalen Problemlösungen,

ich habe seit einer Woche einen HP Laptop Pavilion dv7 mit folgendem Inhalt:

- Win7 Home Premium 64 bit (6.1 Build 7601)
- BIOS InsydeH2O Version 03.60.48F.1A
- Intel Core i7-2630QM CPU @ 2.00 GHz (8 CPUs), ~2.0GHz
- 8192 MB RAM
- Directx 11

Installierte Programme sind Norton Internet Security 2011 und Zone Alarm, sowie der Opera Browser.

Seit den ersten Stunden kann ich allerdings fast keine Internetseite direkt laden, ich muss zig mal aktualisieren bis die Seite erscheint. Andernfalls erscheint nur weiß bzw. typische Hieroglyphen a la Matrix. Auch Downloads brechen spätestens bei 99% ab, egal ob Flash Player, Zone Alarm Aktualisierung oder was auch immer. Das Problem besteht auch, wenn ich mich an einem anderen Router einwähle.

Nun, im Anschluß dann diese OTL-Datei, die bei mir übrigens ohne weitere ausgegeben wurde.

Vielen Dank für eure Bemühungen,
einen guten Wochenstart,

Shaun Brought


OTL logfile created on: 09.10.2011 20:16:48 - Run 2
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Master Sebi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

7,95 Gb Total Physical Memory | 6,08 Gb Available Physical Memory | 76,47% Memory free
15,90 Gb Paging File | 13,76 Gb Available in Paging File | 86,55% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 683,15 Gb Total Space | 619,45 Gb Free Space | 90,67% Space Free | Partition Type: NTFS
Drive D: | 15,19 Gb Total Space | 1,65 Gb Free Space | 10,90% Space Free | Partition Type: NTFS
Drive E: | 4,18 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 963,70 Mb Total Space | 502,31 Mb Free Space | 52,12% Space Free | Partition Type: FAT

Computer Name: SEBISSUPERLÄPPI | User Name: Master Sebi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011.10.09 18:35:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Master Sebi\Desktop\OTL.exe
PRC - [2011.10.07 21:46:25 | 000,419,624 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2011.10.07 14:02:23 | 001,242,448 | ---- | M] (Valve Corporation) -- C:\spiele\Steam\steam.exe
PRC - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe
PRC - [2011.03.08 12:21:10 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2011.02.28 15:08:30 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.02.17 22:48:24 | 000,265,544 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2011.02.17 22:48:12 | 000,642,888 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2011.02.17 22:47:58 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2011.02.15 15:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
PRC - [2011.01.27 12:38:04 | 000,318,520 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011.01.25 22:56:34 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2011.01.13 04:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.01.13 04:00:38 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.12.22 22:25:02 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.22 22:24:58 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.09 15:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe
PRC - [2010.06.28 12:59:52 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 12:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.02.03 00:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe


========== Modules (No Company Name) ==========

MOD - [2011.10.07 21:46:25 | 014,410,024 | ---- | M] () -- C:\spiele\Steam\bin\libcef.dll
MOD - [2011.10.07 21:46:25 | 000,914,216 | ---- | M] () -- C:\spiele\Steam\bin\avcodec-52.dll
MOD - [2011.10.07 21:46:25 | 000,190,248 | ---- | M] () -- C:\spiele\Steam\bin\chromehtml.dll
MOD - [2011.10.07 21:46:25 | 000,155,432 | ---- | M] () -- C:\spiele\Steam\bin\avformat-52.dll
MOD - [2011.10.07 21:46:25 | 000,091,432 | ---- | M] () -- C:\spiele\Steam\bin\avutil-50.dll
MOD - [2011.10.06 00:53:32 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c50469ff6d839d05170666f623e7ceb8\IAStorUtil.ni.dll
MOD - [2011.10.06 00:53:32 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\5f372e58dfe4ae5e62245625b925700f\IAStorCommon.ni.dll
MOD - [2011.10.06 00:16:14 | 011,819,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\33b601c8e2cf4993e68d763389246197\System.Web.ni.dll
MOD - [2011.10.06 00:16:09 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e3e3b399b69c569ab1ed3b0ace2c8c20\System.Runtime.Remoting.ni.dll
MOD - [2011.10.06 00:15:44 | 012,433,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0d43c5e77ee7b8466700b16d7e7d4bb7\System.Windows.Forms.ni.dll
MOD - [2011.10.06 00:15:39 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\9e87dd8fe5d0f925d80a6a6eaf74fdb9\System.Drawing.ni.dll
MOD - [2011.10.06 00:15:26 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\6124dbbfd45927c4a6226d6e6bca6253\WindowsBase.ni.dll
MOD - [2011.10.06 00:15:22 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\16d2854bf69d59d94e64a918365705f1\System.Xml.ni.dll
MOD - [2011.10.06 00:15:19 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\36d0ed3f2a65b9d67933ed46dfcd2ccb\System.Configuration.ni.dll
MOD - [2011.10.06 00:15:17 | 007,963,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\3da7c6c1a0f26ae91883fd8b03ec192d\System.ni.dll
MOD - [2011.10.06 00:15:07 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\16b68fcaff063835ae0ee348a1201f2a\mscorlib.ni.dll
MOD - [2011.06.21 21:40:14 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2011.05.13 18:58:10 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2011.03.15 19:58:38 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.02.16 22:47:28 | 000,682,040 | ---- | M] (Hewlett-Packard) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Auto\HPAuto.exe -- (HPAuto)
SRV:64bit: - [2010.10.11 02:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010.09.22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010.06.15 17:50:10 | 000,823,288 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2011.10.07 21:46:25 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.04.17 02:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Unknown | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\ccSvcHst.exe -- (NIS)
SRV - [2011.03.11 12:23:16 | 000,297,984 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2011.03.01 21:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.28 15:08:30 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2011.02.25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2011.02.17 22:48:24 | 000,265,544 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2011.02.15 15:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2011.01.25 13:56:32 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2011.01.13 04:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.12.22 22:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2010.12.22 22:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2010.11.09 15:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.10.12 19:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010.06.28 13:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\SysWOW64\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011.09.29 18:52:24 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011.08.29 09:17:12 | 003,065,408 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.07.08 17:45:12 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symnets.sys -- (SymNetS)
DRV:64bit: - [2011.05.13 18:58:16 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.13 18:57:58 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.03.31 05:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011.03.31 05:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\srtspx64.sys -- (SRTSPX) Symantec Real Time Storage Protection (PEL)
DRV:64bit: - [2011.03.15 20:28:58 | 009,259,520 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.15 19:24:40 | 000,301,056 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.15 04:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011.03.11 12:23:16 | 000,521,728 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.17 03:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.27 18:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2011.01.27 08:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\symds64.sys -- (SymDS)
DRV:64bit: - [2011.01.27 07:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\ironx64.sys -- (SymIRON)
DRV:64bit: - [2011.01.13 03:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.01.13 02:10:44 | 000,333,928 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.12.17 04:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.12.10 23:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.12.10 23:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.10.20 02:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)
DRV:64bit: - [2010.10.15 11:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010.07.28 09:13:50 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010.05.15 16:30:52 | 000,458,840 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2011.09.29 23:35:09 | 001,152,632 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20110929.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2011.09.29 18:52:02 | 002,048,632 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20111008.008\EX64.SYS -- (NAVEX15)
DRV - [2011.09.29 18:52:02 | 000,481,912 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2011.09.29 18:52:02 | 000,136,824 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2011.09.29 18:52:02 | 000,117,880 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20111008.008\ENG64.SYS -- (NAVENG)
DRV - [2011.09.28 14:19:28 | 000,488,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20111007.030\IDSviA64.sys -- (IDSVia64)
DRV - [2010.06.15 17:49:48 | 000,033,528 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2011.10.09 18:20:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn\ [2011.10.09 17:27:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_1_3 [2011.10.09 20:13:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2011.10.04 21:27:46 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Symantec NCO BHO) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.6.0.29\coIEPlg.dll (Symantec Corporation)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe (Hewlett-Packard Development Company L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files (x86)\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [Steam] C:\spiele\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.50.140.248 195.50.140.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{11B83500-BC88-49AA-B9CC-EC3AD16BCEA6}: DhcpNameServer = 195.50.140.248 195.50.140.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6D1D754F-27EC-4E03-A33B-0639D3126973}: DhcpNameServer = 195.50.140.248 195.50.140.180
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.05.09 00:07:46 | 000,000,070 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{a6e65b07-eaa6-11e0-8229-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{a6e65b07-eaa6-11e0-8229-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Setup.exe -- [2011.05.09 00:07:46 | 000,355,168 | R--- | M] (Valve Corporation)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP



CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011.10.09 20:14:11 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Master Sebi\Desktop\OTL.exe
[2011.10.09 18:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.09 18:21:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.09 18:20:56 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.10.09 18:20:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.10.08 02:36:55 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\Documents\Duke Nukem Forever
[2011.10.08 01:46:59 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2011.10.07 22:31:19 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\2K Games
[2011.10.07 22:30:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2011.10.07 14:02:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2011.10.07 14:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2011.10.06 01:30:34 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Tific
[2011.10.06 01:30:33 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Symantec
[2011.10.06 00:15:28 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Solid State Networks
[2011.10.05 02:01:23 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\HP
[2011.10.05 02:01:20 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\AuthenTec
[2011.10.04 21:39:07 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Opera
[2011.10.04 21:39:07 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Opera
[2011.10.04 21:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera
[2011.10.04 21:27:50 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\Documents\ForceField Shared Files
[2011.10.04 21:27:50 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\CheckPoint
[2011.10.04 21:25:29 | 000,000,000 | ---D | C] -- C:\Program Files\CheckPoint
[2011.10.04 21:25:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZoneAlarm
[2011.10.04 21:25:14 | 000,046,592 | ---- | C] (Zone Labs Inc.) -- C:\Windows\SysWow64\vsutil_loc0407.dll
[2011.10.04 21:25:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\ZoneLabs
[2011.10.04 21:23:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zone Labs
[2011.10.04 21:23:27 | 000,000,000 | ---D | C] -- C:\ProgramData\CheckPoint
[2011.10.04 21:23:26 | 000,000,000 | ---D | C] -- C:\Windows\Internet Logs
[2011.10.04 21:22:34 | 000,000,000 | ---D | C] -- C:\progz
[2011.10.04 15:37:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2011.10.04 15:36:23 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Hewlett-Packard_Developme
[2011.10.04 15:21:41 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Diagnostics
[2011.09.30 02:35:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011.09.29 20:31:56 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\Desktop\Blur mit anderen GamePad´s möglich - ComputerBase Forum-Dateien
[2011.09.29 19:55:13 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\bizarre creations
[2011.09.29 19:47:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blur(TM)
[2011.09.29 19:33:16 | 000,000,000 | ---D | C] -- C:\Windows\USB Vibration
[2011.09.29 19:33:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\USB Vibration
[2011.09.29 19:29:43 | 000,000,000 | ---D | C] -- C:\spiele
[2011.09.29 19:21:51 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\Documents\CyberLink
[2011.09.29 19:21:50 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\CyberLink
[2011.09.29 19:11:13 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Macromedia
[2011.09.29 18:42:12 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\Documents\Symantec
[2011.09.29 18:41:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.09.29 18:34:48 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Adobe
[2011.09.29 18:34:18 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\ATI
[2011.09.29 18:34:18 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\ATI
[2011.09.29 18:33:19 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Intel Corporation
[2011.09.29 18:33:16 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Synaptics
[2011.09.29 18:33:05 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.09.29 18:33:05 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Searches
[2011.09.29 18:33:05 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.09.29 18:32:58 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Identities
[2011.09.29 18:32:55 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Contacts
[2011.09.29 18:32:30 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\hpqlog
[2011.09.29 18:32:27 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\RemEngine
[2011.09.29 18:31:58 | 000,000,000 | ---D | C] -- C:\windowsprogramme
[2011.09.29 18:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011.09.29 18:31:57 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Skype
[2011.09.29 18:31:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011.09.29 18:26:33 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\VirtualStore
[2011.09.29 18:24:54 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Hewlett-Packard
[2011.09.29 18:24:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music and Media
[2011.09.29 18:24:48 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Hewlett-Packard
[2011.09.29 18:24:46 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Hewlett-Packard_Company
[2011.09.29 18:22:43 | 000,000,000 | --SD | C] -- C:\Users\Master Sebi\AppData\Roaming\Microsoft
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Videos
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Saved Games
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Pictures
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Music
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Links
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Favorites
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Downloads
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Documents
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\Desktop
[2011.09.29 18:22:43 | 000,000,000 | R--D | C] -- C:\Users\Master Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Vorlagen
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\AppData\Local\Verlauf
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\AppData\Local\Temporary Internet Files
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Startmenü
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\SendTo
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Recent
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Netzwerkumgebung
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Lokale Einstellungen
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Documents\Eigene Videos
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Documents\Eigene Musik
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Eigene Dateien
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Documents\Eigene Bilder
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Druckumgebung
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Cookies
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\AppData\Local\Anwendungsdaten
[2011.09.29 18:22:43 | 000,000,000 | -HSD | C] -- C:\Users\Master Sebi\Anwendungsdaten
[2011.09.29 18:22:43 | 000,000,000 | -H-D | C] -- C:\Users\Master Sebi\AppData
[2011.09.29 18:22:43 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Temp
[2011.09.29 18:22:43 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Local\Microsoft
[2011.09.29 18:22:43 | 000,000,000 | ---D | C] -- C:\Users\Master Sebi\AppData\Roaming\Media Center Programs
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\Programme
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2011.09.29 18:22:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011.10.09 20:20:20 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.09 20:20:20 | 000,031,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.09 20:12:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.09 20:12:47 | 2106,478,591 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.09 20:11:15 | 000,000,000 | ---- | M] () -- C:\Users\Master Sebi\defogger_reenable
[2011.10.09 19:13:42 | 000,050,477 | ---- | M] () -- C:\Users\Master Sebi\Desktop\Defogger.exe
[2011.10.09 18:35:38 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Master Sebi\Desktop\OTL.exe
[2011.10.09 18:21:01 | 000,001,105 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.09 18:00:32 | 001,680,142 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1206000.01D\Cat.DB
[2011.10.09 17:27:06 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForMaster Sebi.job
[2011.10.08 01:46:59 | 000,000,208 | ---- | M] () -- C:\Users\Master Sebi\Desktop\Duke Nukem Forever.url
[2011.10.07 21:50:01 | 000,000,703 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.10.07 13:35:15 | 000,276,216 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.06 00:25:27 | 001,472,002 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.06 00:25:27 | 000,643,866 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.06 00:25:27 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.06 00:25:27 | 000,126,394 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.06 00:25:27 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.06 00:23:42 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.10.04 21:39:02 | 000,001,829 | ---- | M] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.10.04 21:28:01 | 000,420,800 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011.10.04 21:25:15 | 000,005,977 | ---- | M] () -- C:\Windows\SysWow64\vsconfig.xml
[2011.09.29 20:31:57 | 000,154,373 | ---- | M] () -- C:\Users\Master Sebi\Desktop\Blur mit anderen GamePad´s möglich - ComputerBase Forum.htm
[2011.09.29 19:47:21 | 000,001,708 | ---- | M] () -- C:\Users\Public\Desktop\Blur(TM).lnk
[2011.09.29 19:18:31 | 000,002,590 | ---- | M] () -- C:\Users\Public\Desktop\WildTangent Games App - hp.lnk
[2011.09.29 18:56:00 | 000,002,489 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011.09.29 18:52:24 | 000,174,200 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2011.09.29 18:52:24 | 000,007,488 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2011.09.29 18:52:24 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2011.09.29 18:31:58 | 000,002,511 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.09.29 16:30:00 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.09.29 16:30:00 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011.10.09 20:11:15 | 000,000,000 | ---- | C] () -- C:\Users\Master Sebi\defogger_reenable
[2011.10.09 20:10:23 | 000,050,477 | ---- | C] () -- C:\Users\Master Sebi\Desktop\Defogger.exe
[2011.10.09 18:21:01 | 000,001,105 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.08 01:46:59 | 000,000,208 | ---- | C] () -- C:\Users\Master Sebi\Desktop\Duke Nukem Forever.url
[2011.10.07 20:33:54 | 000,000,356 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForMaster Sebi.job
[2011.10.07 14:02:07 | 000,000,703 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2011.10.06 00:23:42 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2011.10.04 22:33:05 | 143,322,624 | ---- | C] () -- C:\Users\Master Sebi\Desktop\Heiko P.mp3
[2011.10.04 21:39:02 | 000,001,841 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[2011.10.04 21:39:01 | 000,001,829 | ---- | C] () -- C:\Users\Public\Desktop\Opera.lnk
[2011.10.04 21:25:14 | 000,005,977 | ---- | C] () -- C:\Windows\SysWow64\vsconfig.xml
[2011.10.04 21:25:01 | 000,420,800 | ---- | C] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2011.09.29 20:31:55 | 000,154,373 | ---- | C] () -- C:\Users\Master Sebi\Desktop\Blur mit anderen GamePad´s möglich - ComputerBase Forum.htm
[2011.09.29 19:47:21 | 000,001,708 | ---- | C] () -- C:\Users\Public\Desktop\Blur(TM).lnk
[2011.09.29 18:42:07 | 000,002,489 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2011.09.29 18:33:12 | 000,001,405 | ---- | C] () -- C:\Users\Master Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.09.29 18:33:06 | 000,001,439 | ---- | C] () -- C:\Users\Master Sebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.09.29 18:24:48 | 000,002,233 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MusicStation.lnk
[2011.08.29 09:21:38 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.08.29 09:12:45 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2011.08.29 09:11:33 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.08.29 09:11:31 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.08.29 09:11:30 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.08.29 09:11:28 | 000,003,155 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.29 09:07:01 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.06.21 12:14:44 | 000,000,068 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2011.02.22 16:40:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010.12.17 04:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== LOP Check ==========

[2011.09.29 19:55:13 | 000,000,000 | ---D | M] -- C:\Users\Master Sebi\AppData\Roaming\bizarre creations
[2011.10.04 21:27:50 | 000,000,000 | ---D | M] -- C:\Users\Master Sebi\AppData\Roaming\CheckPoint
[2011.10.04 21:39:07 | 000,000,000 | ---D | M] -- C:\Users\Master Sebi\AppData\Roaming\Opera
[2011.09.29 18:33:16 | 000,000,000 | ---D | M] -- C:\Users\Master Sebi\AppData\Roaming\Synaptics
[2011.10.06 01:30:34 | 000,000,000 | ---D | M] -- C:\Users\Master Sebi\AppData\Roaming\Tific
[2009.07.14 07:08:49 | 000,008,434 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========


< %SYSTEMDRIVE%\*. >
[2011.09.29 18:32:55 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.06.21 22:27:44 | 000,000,000 | -HSD | M] -- C:\boot
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.09.29 18:22:32 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.08.29 09:32:14 | 000,000,000 | -H-D | M] -- C:\HP
[2011.08.29 09:10:19 | 000,000,000 | ---D | M] -- C:\Intel
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.10.04 21:25:29 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.10.09 18:20:56 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.10.09 18:21:01 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.09.29 18:22:32 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.09 17:47:44 | 000,000,000 | ---D | M] -- C:\progz
[2011.09.29 18:23:34 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.10.07 14:02:05 | 000,000,000 | ---D | M] -- C:\spiele
[2011.09.29 18:23:32 | 000,000,000 | ---D | M] -- C:\SWSetup
[2011.10.09 20:18:43 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.09.29 18:23:40 | 000,000,000 | -H-D | M] -- C:\SYSTEM.SAV
[2011.10.09 17:55:47 | 000,000,000 | R--D | M] -- C:\Users
[2011.10.09 18:05:20 | 000,000,000 | ---D | M] -- C:\Windows
[2011.09.29 18:31:58 | 000,000,000 | ---D | M] -- C:\windowsprogramme

< %PROGRAMFILES%\*.exe >

< %LOCALAPPDATA%\*.exe >

< %systemroot%\*. /mp /s >

< %systemroot%\system32\*.manifest /3 >


< MD5 for: EXPLORER.EXE >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

< MD5 for: USERINIT.EXE >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

< MD5 for: WINLOGON.EXE >
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >

< End of report >

Larusso 09.10.2011 19:49
:hallo:

Deinstalliere mal Zone Alarm und berichte

felix1 09.10.2011 20:10
Hallo Larusso: Das stimmt erst erst mal:applaus:
@ShaunBrought
Ist ja mal eine gut ausgestatte Kiste. Herzliche Glückwunsch:Boogie:
Jedoch irritiert mich die Aufteilung der Festplatte/Festplatten. Was sollen fast ein Terra Fat-Dateisystem:rolleyes:
Wie groß ist die Festplatte denn überhaupt?

Shadow 09.10.2011 23:16
Zitat:
Zitat von felix1 (Beitrag 707903)
Jedoch irritiert mich die Aufteilung der Festplatte/Festplatten. Was sollen fast ein Terra Fat-Dateisystem
Mich irritiert da ganz was anderes :rolleyes:
"963,70 Mb Total Space | 502,31 Mb Free Space | 52,12% Space Free | Partition Type: FAT"

Mal ganz abgesehen von
terra = Erde
tera = Billion, 1000 Giga

683,15 GB NTFS
+ 15,19 GB NTFS
+ 963,70 MB FAT
~ 750 GB HDD - wo ist da dein Problem?

Larusso 09.10.2011 23:21
Könnte drive F nicht eventuell ein USB Stick sein

Shadow 09.10.2011 23:28
F: kann auch irgendwas von einer HP-speziellen Partition sein, ist aber ziemlich egal, es mag auch ein alter USB-Stick sein.
Mir ging es jetzt nur um die Anmerkung von felix1
Weder ist ein Tera-FAT-System vorhanden, noch eine augenscheinlich ungewöhnliche Festplattengröße.

cad 09.10.2011 23:50
OT

Zitat:
Zitat von Shadow (Beitrag 707930)
F: kann auch irgendwas von einer HP-speziellen Partition sein
Größe und Dateisystem passen zu der HP-Wiederherstellungspartition und wieder raushüpf :)

Shadow 09.10.2011 23:58
Meine ich auch aus der Erinnerung, wollte mich jetzt aber nicht festlegen, in vino veritas gilt nicht immer. :pfeiff:

ShaunBrought 10.10.2011 15:16
Ja, wunderbar! Zone Alarm ist deinstalliert und alles läuft wie am Schnürchen. Tausend Dank dafür! Dann aber die Frage nach der Sicherheit. Ich habe jetzt außer dem Norton keine sonstigen Programme, fühle mich etwas nackt im harten Web-Dschungel und es riecht so sehr nach Bundes-Trojaner ;) Ist die Angst begründet bzw. könnt ihr mir sonstige Sicherheitstools empfehlen?
Aber wie gesagt, vielen Dank für die schnelle Hilfe und ich löse das Rätsel: Ja, da war noch ein USB-Stick mit dran :P

Larusso 10.10.2011 15:35
Hier mal ein Post, den ich jedem schicke, der von mir aus dem Malwarebereich entlassen wurde.

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

ShaunBrought 10.10.2011 17:33
Wunderbar! Und dann klappts auch mit dem Nachbarn, ja? ;) Ich bedanke mich recht herzlich. Echt super, dass es euch gibt!!


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:38 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131