| Adrian_Malko | 27.09.2011 17:23 |
Beim öffnen von firefox bginnt Musik im Hintergrund
Es hat alles schon mit meinem alten Laptop begonnen. Plötzlich lief Musik im Hintergrund obwohl ich weder einen Player an hatte, noch bei youtube war oder sonstige Videos gestreamt wurden. Hinzu kam noch, dass bei Google die Suchergebnisse zwar richtig angezeigt wurden, ich beim klicken allerdings auf Werbewebseiten gelandet bin.
Seit 2 Tagen habe ich nun einen neuen Laptop. Im Vorfeld muss ich wohl noch erwähnen, dass ich fast ausschliesslich nur auf einer externen Festplatte speichere. Jedenfalls ertönt wieder diese Musik im Hintergrund sobald ich Firefox öffne. Die Googleproblematik gibt es anscheinend nicht mehr.
Ich verstehe nicht woran es liegen kann, denn bei der Installation von Firefox habe ich mir die Software frisch von chip.de besorgt und meine externe Festplatte habe ich öfters mit einem Antivirus programm gescannt (Trend Micro Titanium Internet Security) allerdings ohne Befunde.
Hier nun meine OTL logfile Code:
OTL logfile created on: 27.09.2011 16:44:22 - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,98 Gb Total Physical Memory | 6,41 Gb Available Physical Memory | 80,37% Memory free
15,96 Gb Paging File | 14,23 Gb Available in Paging File | 89,16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200,28 Gb Total Space | 161,16 Gb Free Space | 80,47% Space Free | Partition Type: NTFS
Drive D: | 240,48 Gb Total Space | 240,39 Gb Free Space | 99,96% Space Free | Partition Type: NTFS
Drive G: | 931,51 Gb Total Space | 752,98 Gb Free Space | 80,83% Space Free | Partition Type: NTFS
Computer Name: CEREBRO | User Name: Andreas Malleschitz | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.09.27 16:17:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.23 21:14:22 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.07.18 15:27:40 | 001,170,432 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011.06.10 19:49:10 | 002,255,360 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.05.20 20:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.02.25 19:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.11.15 19:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010.10.07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.07.10 07:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2009.11.02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
========== Modules (No Company Name) ==========
MOD - [2011.07.18 15:27:40 | 000,203,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011.06.10 19:49:10 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2011.02.19 06:23:39 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.19 06:23:39 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2011.02.19 06:23:24 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2011.02.18 22:13:30 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2011.02.18 22:13:26 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2011.02.18 22:13:16 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2011.02.18 22:13:09 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2011.02.18 22:12:53 | 012,432,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\3afcd5168c7a6cb02eab99d7fd71e102\System.Windows.Forms.ni.dll
MOD - [2011.02.18 22:12:37 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2011.02.18 22:12:28 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2011.02.18 22:12:25 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2011.02.18 22:12:24 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2011.02.18 22:12:18 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2009.11.02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011.06.08 07:09:26 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2011.06.08 03:54:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2011.02.16 20:20:04 | 000,256,336 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe -- (Amsp)
SRV:64bit: - [2011.01.25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.09.23 03:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.04.13 04:33:32 | 000,332,272 | ---- | M] (Google Inc.) [On_Demand | Stopped] -- C:\ProgramData\Partner\Partner.exe -- (Partner Service)
SRV - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.03.13 19:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.03.02 06:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 19:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.06.08 04:42:26 | 009,360,896 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.06.08 03:16:14 | 000,309,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.30 20:46:46 | 000,114,704 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.03.13 19:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 19:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 19:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 19:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 19:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 19:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 19:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.07 20:22:46 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.03.04 17:16:20 | 000,436,840 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.01.18 11:16:46 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.12.31 12:30:10 | 000,138,024 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.11.29 10:50:38 | 000,044,672 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.11.20 15:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 15:32:48 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010.11.20 15:32:48 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 13:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 13:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.04 12:52:54 | 000,038,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2010.11.04 12:52:52 | 000,075,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2010.09.23 09:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.17 10:52:28 | 000,144,464 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmcomm.sys -- (tmcomm)
DRV:64bit: - [2010.09.17 10:52:28 | 000,105,552 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2010.09.17 10:52:28 | 000,090,704 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmactmon.sys -- (tmactmon)
DRV:64bit: - [2010.09.17 10:52:28 | 000,067,664 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmevtmgr.sys -- (tmevtmgr)
DRV:64bit: - [2010.02.18 18:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.12.02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009.12.02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009.12.02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009.12.02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:34:18 | 000,057,344 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.05.26 04:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..extensions.enabledItems: {22C7F6C6-8D67-4534-92B5-529A0EC09405}:6.5.0.1234
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{22C7F6C6-8D67-4534-92B5-529A0EC09405}: C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\firefoxextension\ [2011.09.26 20:02:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.27 15:30:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.22\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.27 15:29:41 | 000,000,000 | ---D | M]
[2011.09.27 15:30:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2011.09.27 15:30:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\n6j6swjr.default\extensions
[2011.09.27 15:29:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2011.09.26 20:02:19 | 000,000,000 | ---D | M] (Trend Micro NSC Firefox Extension) -- C:\PROGRAM FILES\TREND MICRO\AMSP\MODULE\20004\1.5.1464\6.6.1081\FIREFOXEXTENSION
[2011.09.03 01:49:07 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.03 01:49:07 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.03 01:49:07 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.03 01:49:07 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.03 01:49:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O2:64bit: - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)
O2:64bit: - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O2 - BHO: (TmIEPlugInBHO Class) - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll (Trend Micro Inc.)
O2 - BHO: (Partner BHO Class) - {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} - C:\ProgramData\Partner\Partner.dll (Google Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (TmBpIeBHO Class) - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [Trend Micro Client Framework] C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe (Trend Micro Inc.)
O4:64bit: - HKLM..\Run: [Trend Micro Titanium] C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6ECB58AB-916C-4CEF-BDFD-C7996FE650BB}: NameServer = 217.0.43.33 217.0.43.17
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe64.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\TmIEPlg.dll (Trend Micro Inc.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmbp {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.6.1010\6.6.1010\TmBpIe32.dll (Trend Micro Inc.)
O18 - Protocol\Handler\tmpx {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1464\6.6.1081\TmIEPlg32.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.08.11 05:12:17 | 000,000,000 | RH-D | M] - G:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002.10.16 19:56:50 | 000,000,036 | RH-- | M] () - G:\autorun.inf -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {47B3BDBB-F2AE-4B55-95C8-921C25DB3B76} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5A604D2C-E968-429B-8327-62B5CE52126D} - .NET Framework
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9793EDE2-499E-4A14-8220-523691D8F91B} - .NET Framework
ActiveX: {C6BAF60B-6E91-453F-BFF9-D3789CFEFCDD} - .NET Framework
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CE4BC71D-A88B-4943-BB3D-AF9C0E7D4387} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {FE600E50-2C69-46D5-ACAA-2B617006245C} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
MsConfig:64bit - StartUpReg: ASUS Screen Saver Protector - hkey= - key= - C:\Windows\AsScrPro.exe (ASUS)
MsConfig:64bit - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2011.09.27 16:41:31 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2011.09.27 16:17:01 | 000,582,656 | ---- | C] (OldTimer Tools) -- C:\Users\Andreas Malleschitz\Desktop\OTL.exe
[2011.09.27 15:30:32 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mozilla
[2011.09.27 15:30:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox
[2011.09.27 15:29:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011.09.26 20:02:19 | 000,000,000 | ---D | C] -- C:\temp
[2011.09.26 19:28:40 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.09.26 19:27:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.09.26 19:27:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.09.26 19:27:50 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.09.26 19:27:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.09.26 18:19:32 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\***\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.26 18:07:11 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\SoftGrid Client
[2011.09.26 18:07:07 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011.09.26 18:06:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
[2011.09.26 18:04:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.09.26 18:04:15 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2011.09.26 18:04:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Application Virtualization Client
[2011.09.26 18:03:37 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TP
[2011.09.26 17:13:25 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Mozilla
[2011.09.26 16:28:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Diagnostics
[2011.09.25 20:08:42 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Google
[2011.09.25 20:02:08 | 000,000,000 | -HSD | C] -- C:\aws
[2011.09.25 20:02:08 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\ASUS WebStorage
[2011.09.25 20:02:01 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Macromedia
[2011.09.25 20:01:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Adobe
[2011.09.24 13:39:47 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft Games
[2011.09.24 13:38:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\iWin
[2011.09.24 13:34:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\ASUS WebStorage
[2011.09.24 13:34:08 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\FLEXnet
[2011.09.24 13:34:06 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Nuance
[2011.09.24 13:33:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Zeon
[2011.09.24 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\BMExplorer
[2011.09.24 13:26:34 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Bluetooth Folder
[2011.09.24 13:26:19 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
[2011.09.24 13:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.09.24 13:25:07 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.09.24 13:25:06 | 000,000,000 | R--D | C] -- C:\Users\***\Searches
[2011.09.24 13:24:56 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Identities
[2011.09.24 13:24:53 | 000,000,000 | R--D | C] -- C:\Users\***\Contacts
[2011.09.24 13:24:29 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\AsusTools
[2011.09.24 13:24:29 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2011.09.24 13:24:28 | 000,000,000 | -H-D | C] -- C:\ASUS.DAT
[2011.09.24 13:24:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Power2Go
[2011.09.24 13:24:02 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\VirtualStore
[2011.09.24 13:23:45 | 000,000,000 | --SD | C] -- C:\Users\***\AppData\Roaming\Microsoft
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Videos
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Saved Games
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Pictures
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Music
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Links
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Favorites
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Downloads
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Documents
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\Desktop
[2011.09.24 13:23:45 | 000,000,000 | R--D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Vorlagen
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Verlauf
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Temporary Internet Files
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Startmenü
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\SendTo
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Recent
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Netzwerkumgebung
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Lokale Einstellungen
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Videos
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Musik
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Eigene Dateien
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Documents\Eigene Bilder
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Druckumgebung
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Cookies
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\AppData\Local\Anwendungsdaten
[2011.09.24 13:23:45 | 000,000,000 | -HSD | C] -- C:\Users\***\Anwendungsdaten
[2011.09.24 13:23:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Temp
[2011.09.24 13:23:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Microsoft
[2011.09.24 13:23:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011.09.24 13:23:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2011.09.24 13:23:45 | 000,000,000 | ---D | C] -- C:\Users\***\AppData
========== Files - Modified Within 30 Days ==========
[2011.09.27 16:48:34 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.09.27 16:48:34 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.09.27 16:48:18 | 008,511,174 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.09.27 16:48:18 | 000,696,810 | ---- | M] () -- C:\Windows\SysNative\perfh00C.dat
[2011.09.27 16:48:18 | 000,695,856 | ---- | M] () -- C:\Windows\SysNative\perfh00A.dat
[2011.09.27 16:48:18 | 000,693,212 | ---- | M] () -- C:\Windows\SysNative\perfh013.dat
[2011.09.27 16:48:18 | 000,691,866 | ---- | M] () -- C:\Windows\SysNative\perfh010.dat
[2011.09.27 16:48:18 | 000,681,940 | ---- | M] () -- C:\Windows\SysNative\prfh0816.dat
[2011.09.27 16:48:18 | 000,678,588 | ---- | M] () -- C:\Windows\SysNative\perfh019.dat
[2011.09.27 16:48:18 | 000,655,722 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.09.27 16:48:18 | 000,619,046 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.09.27 16:48:18 | 000,553,008 | ---- | M] () -- C:\Windows\SysNative\perfh008.dat
[2011.09.27 16:48:18 | 000,438,874 | ---- | M] () -- C:\Windows\SysNative\perfh001.dat
[2011.09.27 16:48:18 | 000,390,604 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2011.09.27 16:48:18 | 000,358,530 | ---- | M] () -- C:\Windows\SysNative\perfh00D.dat
[2011.09.27 16:48:18 | 000,137,642 | ---- | M] () -- C:\Windows\SysNative\perfc00A.dat
[2011.09.27 16:48:18 | 000,134,524 | ---- | M] () -- C:\Windows\SysNative\prfc0816.dat
[2011.09.27 16:48:18 | 000,133,546 | ---- | M] () -- C:\Windows\SysNative\perfc013.dat
[2011.09.27 16:48:18 | 000,132,830 | ---- | M] () -- C:\Windows\SysNative\perfc019.dat
[2011.09.27 16:48:18 | 000,131,008 | ---- | M] () -- C:\Windows\SysNative\perfc00C.dat
[2011.09.27 16:48:18 | 000,130,332 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.09.27 16:48:18 | 000,127,944 | ---- | M] () -- C:\Windows\SysNative\perfc010.dat
[2011.09.27 16:48:18 | 000,107,506 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2011.09.27 16:48:18 | 000,107,506 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.09.27 16:48:18 | 000,089,858 | ---- | M] () -- C:\Windows\SysNative\perfc008.dat
[2011.09.27 16:48:18 | 000,080,102 | ---- | M] () -- C:\Windows\SysNative\perfc001.dat
[2011.09.27 16:48:18 | 000,070,212 | ---- | M] () -- C:\Windows\SysNative\perfc00D.dat
[2011.09.27 16:41:11 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.09.27 16:41:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.09.27 16:40:42 | 2131,529,727 | -HS- | M] () -- C:\hiberfil.sys
[2011.09.27 16:38:19 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2011.09.27 16:31:34 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part10.rar
[2011.09.27 16:19:30 | 001,110,476 | ---- | M] () -- C:\Users\***\Desktop\7z920.exe
[2011.09.27 16:17:45 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2011.09.27 16:16:44 | 000,050,477 | ---- | M] () -- C:\Users\A***\Desktop\Defogger.exe
[2011.09.27 16:06:07 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.09.27 16:00:12 | 000,001,966 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011.09.27 15:57:40 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part09.rar
[2011.09.27 15:30:51 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011.09.27 15:30:11 | 000,001,941 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.09.27 15:08:07 | 000,001,249 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011.09.26 22:27:50 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part08.rar
[2011.09.26 21:51:44 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part07.rar
[2011.09.26 21:25:58 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part06.rar
[2011.09.26 19:59:41 | 029,177,280 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part05.rar
[2011.09.26 19:45:02 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part04.rar
[2011.09.26 19:27:56 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.26 19:00:52 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part03.rar
[2011.09.26 18:30:32 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part02.rar
[2011.09.26 18:22:13 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Andreas Malleschitz\Desktop\mbam-setup-1.51.2.1300.exe
[2011.09.26 18:10:36 | 000,684,297 | ---- | M] () -- C:\Users\Andreas Malleschitz\Desktop\unhide.exe
[2011.09.26 18:04:52 | 008,618,964 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.26 17:57:55 | 104,857,600 | ---- | M] () -- C:\Users\***\Desktop\bieof10g.part01.rar
[2011.09.26 17:37:23 | 000,223,790 | ---- | M] () -- C:\Users\***\l_15667e48c33040af8b06d08b4bdd20b9.jpg
[2011.09.26 17:35:15 | 000,123,405 | ---- | M] () -- C:\Users\***\girls4.jpg
[2011.09.26 17:35:08 | 000,101,761 | ---- | M] () -- C:\Users\***\girls3.jpg
[2011.09.26 17:35:01 | 000,092,294 | ---- | M] () -- C:\Users\***\girls2.jpg
[2011.09.26 17:34:54 | 000,089,536 | ---- | M] () -- C:\Users\***\joannakrupa01g.jpg
[2011.09.26 17:34:20 | 000,160,562 | ---- | M] () -- C:\Users\***\wilde.jpg
[2011.09.25 17:11:27 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2011.09.25 17:09:31 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2011.09.25 17:08:23 | 000,275,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.09.24 13:23:34 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2011.09.24 13:23:34 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
========== Files Created - No Company Name ==========
[2011.09.27 16:38:19 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2011.09.27 16:18:50 | 001,110,476 | ---- | C] () -- C:\Users\***\Desktop\7z920.exe
[2011.09.27 16:16:44 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2011.09.27 16:04:48 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part10.rar
[2011.09.27 16:03:21 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part09.rar
[2011.09.27 15:30:51 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011.09.27 15:30:11 | 000,001,941 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.09.26 21:54:13 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part08.rar
[2011.09.26 21:27:06 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part07.rar
[2011.09.26 20:57:15 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part06.rar
[2011.09.26 19:48:44 | 029,177,280 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part05.rar
[2011.09.26 19:27:56 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.09.26 19:11:06 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part04.rar
[2011.09.26 18:32:31 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part03.rar
[2011.09.26 18:10:20 | 000,684,297 | ---- | C] () -- C:\Users\***\Desktop\unhide.exe
[2011.09.26 18:04:52 | 008,618,964 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.26 18:02:10 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part02.rar
[2011.09.26 17:37:22 | 000,223,790 | ---- | C] () -- C:\Users\***\l_15667e48c33040af8b06d08b4bdd20b9.jpg
[2011.09.26 17:35:14 | 000,123,405 | ---- | C] () -- C:\Users\***\girls4.jpg
[2011.09.26 17:35:07 | 000,101,761 | ---- | C] () -- C:\Users\***\girls3.jpg
[2011.09.26 17:35:01 | 000,092,294 | ---- | C] () -- C:\Users\***\girls2.jpg
[2011.09.26 17:34:54 | 000,089,536 | ---- | C] () -- C:\Users\***\joannakrupa01g.jpg
[2011.09.26 17:34:19 | 000,160,562 | ---- | C] () -- C:\Users\***\wilde.jpg
[2011.09.26 17:30:58 | 104,857,600 | ---- | C] () -- C:\Users\***\Desktop\bieof10g.part01.rar
[2011.09.24 13:26:00 | 000,001,407 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.09.24 13:25:12 | 000,001,441 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.09.24 13:24:09 | 000,045,056 | ---- | C] () -- C:\Windows\SysNative\acovcnt.exe
[2011.08.23 21:07:03 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.08.23 21:03:33 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.06.08 07:03:12 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.04.13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.07.29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.02.26 08:50:32 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
========== LOP Check ==========
[2011.09.25 20:02:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ASUS WebStorage
[2011.09.24 13:38:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\iWin
[2011.09.24 13:34:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nuance
[2011.09.26 22:32:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SoftGrid Client
[2011.09.26 18:07:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2011.09.24 13:33:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Zeon
[2009.07.14 07:08:49 | 000,008,000 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2011.09.24 13:24:52 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2011.09.27 16:41:28 | 000,000,000 | -H-D | M] -- C:\ASUS.DAT
[2011.04.13 04:49:40 | 000,000,000 | ---D | M] -- C:\AsusVibeData
[2011.09.25 20:02:08 | 000,000,000 | -HSD | M] -- C:\aws
[2009.07.29 08:03:34 | 000,000,000 | -HSD | M] -- C:\Boot
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.08.23 21:14:28 | 000,000,000 | ---D | M] -- C:\eSupport
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2011.09.26 18:04:15 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.09.27 15:29:34 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2011.09.26 19:27:54 | 000,000,000 | ---D | M] -- C:\ProgramData
[2011.09.24 13:21:41 | 000,000,000 | -HSD | M] -- C:\Recovery
[2011.09.27 16:51:03 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.09.26 20:02:19 | 000,000,000 | ---D | M] -- C:\temp
[2011.09.24 13:23:44 | 000,000,000 | R--D | M] -- C:\Users
[2011.09.27 15:30:51 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.manifest /3 >
< MD5 for: EXPLORER.EXE >
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SysWOW64\explorer.exe
[2010.11.20 14:17:10 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.20 15:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\explorer.exe
[2010.11.20 15:24:46 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\SoftwareDistribution\Download\71d84967e1e9a8a414d570c6caa8bb08\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
< MD5 for: REGEDIT.EXE >
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
< MD5 for: USERINIT.EXE >
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:50 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:26 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
< MD5 for: WININIT.EXE >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
< MD5 for: WINLOGON.EXE >
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:32 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
< >
========== Alternate Data Streams ==========
@Alternate Data Stream - 140 bytes -> C:\ProgramData\Temp:81F83028
< End of report >
hab gelesen, dass ihr bei Laptops gerne einen MBRCheck hättet; also bitteschön: Code:
MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: ASUSTeK Computer Inc.
BIOS Manufacturer: American Megatrends Inc.
System Manufacturer: ASUSTeK Computer Inc.
System Product Name: K73BY
Logical Drives Mask: 0x0001007c
Kernel Drivers (total 219):
0x03066000 \SystemRoot\system32\ntoskrnl.exe
0x0301D000 \SystemRoot\system32\hal.dll
0x00BA0000 \SystemRoot\system32\kdcom.dll
0x00CB3000 \SystemRoot\system32\mcupdate_AuthenticAMD.dll
0x00CC0000 \SystemRoot\system32\PSHED.dll
0x00CD4000 \SystemRoot\system32\CLFS.SYS
0x00D32000 \SystemRoot\system32\CI.dll
0x00C00000 \SystemRoot\system32\drivers\Wdf01000.sys
0x00CA4000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x00ED8000 \SystemRoot\system32\drivers\ACPI.sys
0x00F2F000 \SystemRoot\system32\drivers\WMILIB.SYS
0x00F38000 \SystemRoot\system32\drivers\msisadrv.sys
0x00F42000 \SystemRoot\system32\drivers\pci.sys
0x00F75000 \SystemRoot\system32\drivers\vdrvroot.sys
0x00F82000 \SystemRoot\System32\drivers\partmgr.sys
0x00F97000 \SystemRoot\system32\drivers\compbatt.sys
0x00FA0000 \SystemRoot\system32\drivers\BATTC.SYS
0x00FAC000 \SystemRoot\system32\drivers\volmgr.sys
0x00E00000 \SystemRoot\System32\drivers\volmgrx.sys
0x00E5C000 \SystemRoot\system32\drivers\pciide.sys
0x00E63000 \SystemRoot\system32\drivers\PCIIDEX.SYS
0x00E73000 \SystemRoot\System32\drivers\mountmgr.sys
0x00E8D000 \SystemRoot\system32\drivers\atapi.sys
0x00E96000 \SystemRoot\system32\drivers\ataport.SYS
0x00EC0000 \SystemRoot\system32\drivers\msahci.sys
0x00FC1000 \SystemRoot\system32\DRIVERS\amd_sata.sys
0x0102F000 \SystemRoot\system32\DRIVERS\storport.sys
0x01092000 \SystemRoot\system32\DRIVERS\amd_xata.sys
0x0109F000 \SystemRoot\system32\drivers\amdxata.sys
0x010AA000 \SystemRoot\system32\drivers\fltmgr.sys
0x010F6000 \SystemRoot\system32\drivers\fileinfo.sys
0x0123B000 \SystemRoot\System32\Drivers\Ntfs.sys
0x0110A000 \SystemRoot\System32\Drivers\msrpc.sys
0x013DE000 \SystemRoot\System32\Drivers\ksecdd.sys
0x01168000 \SystemRoot\System32\Drivers\cng.sys
0x01200000 \SystemRoot\System32\drivers\pcw.sys
0x01211000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x01434000 \SystemRoot\system32\drivers\ndis.sys
0x01527000 \SystemRoot\system32\drivers\NETIO.SYS
0x01587000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x016C7000 \SystemRoot\System32\drivers\tcpip.sys
0x018CB000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x01915000 \SystemRoot\system32\drivers\volsnap.sys
0x01961000 \SystemRoot\System32\Drivers\spldr.sys
0x01969000 \SystemRoot\System32\drivers\rdyboost.sys
0x019A3000 \SystemRoot\System32\Drivers\mup.sys
0x019B5000 \SystemRoot\System32\drivers\hwpolicy.sys
0x019BE000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x01600000 \SystemRoot\system32\drivers\disk.sys
0x01616000 \SystemRoot\system32\drivers\CLASSPNP.SYS
0x01687000 \SystemRoot\system32\DRIVERS\cdrom.sys
0x016B1000 \SystemRoot\System32\Drivers\Null.SYS
0x016BA000 \SystemRoot\System32\Drivers\Beep.SYS
0x015B2000 \SystemRoot\System32\drivers\vga.sys
0x015C0000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
0x015E5000 \SystemRoot\System32\drivers\watchdog.sys
0x015F5000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0x01400000 \SystemRoot\system32\drivers\rdpencdd.sys
0x01409000 \SystemRoot\system32\drivers\rdprefmp.sys
0x01412000 \SystemRoot\System32\Drivers\Msfs.SYS
0x0141D000 \SystemRoot\System32\Drivers\Npfs.SYS
0x011DA000 \SystemRoot\system32\DRIVERS\tdx.sys
0x0121B000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x03A41000 \SystemRoot\system32\drivers\afd.sys
0x03ACA000 \SystemRoot\System32\DRIVERS\netbt.sys
0x03B0F000 \SystemRoot\system32\DRIVERS\wfplwf.sys
0x03B18000 \SystemRoot\system32\DRIVERS\pacer.sys
0x03B3E000 \SystemRoot\system32\DRIVERS\vwififlt.sys
0x03B54000 \SystemRoot\system32\DRIVERS\netbios.sys
0x03B63000 \SystemRoot\system32\DRIVERS\wanarp.sys
0x03B7E000 \SystemRoot\system32\DRIVERS\tmtdi.sys
0x03B9A000 \SystemRoot\system32\DRIVERS\termdd.sys
0x03BAE000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x03A00000 \SystemRoot\system32\drivers\nsiproxy.sys
0x03A0C000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0x03A17000 \SystemRoot\System32\drivers\discache.sys
0x01000000 \SystemRoot\System32\Drivers\dfsc.sys
0x03A26000 \SystemRoot\system32\DRIVERS\blbdrive.sys
0x03A37000 \??\C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
0x00FD7000 \SystemRoot\system32\DRIVERS\tunnel.sys
0x02CC7000 \SystemRoot\system32\DRIVERS\atikmpag.sys
0x04804000 \SystemRoot\system32\DRIVERS\atikmdag.sys
0x03E87000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x03F7B000 \SystemRoot\System32\drivers\dxgmms1.sys
0x03FC1000 \SystemRoot\system32\DRIVERS\HDAudBus.sys
0x03FE5000 \SystemRoot\system32\DRIVERS\usbohci.sys
0x03E00000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0x03E56000 \SystemRoot\system32\DRIVERS\usbfilter.sys
0x03E64000 \SystemRoot\system32\DRIVERS\usbehci.sys
0x05144000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0x05162000 \SystemRoot\system32\DRIVERS\ETD.sys
0x03E75000 \SystemRoot\system32\DRIVERS\mouclass.sys
0x03FF0000 \SystemRoot\system32\DRIVERS\kbfiltr.sys
0x05186000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0x03FF8000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0x02D18000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
0x04291000 \SystemRoot\system32\DRIVERS\athrx.sys
0x044B8000 \SystemRoot\system32\DRIVERS\vwifibus.sys
0x044C5000 \SystemRoot\system32\DRIVERS\amdppm.sys
0x044DA000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0x044E3000 \SystemRoot\system32\DRIVERS\CompositeBus.sys
0x044F3000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
0x04509000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0x0452D000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0x04539000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0x04568000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0x04583000 \SystemRoot\system32\DRIVERS\raspptp.sys
0x045A4000 \SystemRoot\system32\DRIVERS\rassstp.sys
0x045BE000 \SystemRoot\system32\DRIVERS\swenum.sys
0x04200000 \SystemRoot\system32\DRIVERS\ks.sys
0x04243000 \SystemRoot\system32\DRIVERS\btath_bus.sys
0x0424E000 \SystemRoot\system32\DRIVERS\amdiox64.sys
0x04262000 \SystemRoot\system32\DRIVERS\umbus.sys
0x05195000 \SystemRoot\system32\DRIVERS\usbhub.sys
0x04274000 \SystemRoot\System32\Drivers\NDProxy.SYS
0x045C0000 \SystemRoot\system32\drivers\AtihdW76.sys
0x02D84000 \SystemRoot\system32\drivers\portcls.sys
0x02DC1000 \SystemRoot\system32\drivers\drmk.sys
0x045E1000 \SystemRoot\system32\drivers\ksthunk.sys
0x05EBC000 \SystemRoot\system32\drivers\RTKVHD64.sys
0x00030000 \SystemRoot\System32\win32k.sys
0x06180000 \SystemRoot\System32\drivers\Dxapi.sys
0x0618C000 \SystemRoot\System32\Drivers\crashdmp.sys
0x0619A000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x061A4000 \SystemRoot\System32\Drivers\dump_amd_sata.sys
0x061BA000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x061CD000 \SystemRoot\system32\DRIVERS\usbccgp.sys
0x061EA000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x061EC000 \SystemRoot\system32\DRIVERS\usbprint.sys
0x05E00000 \SystemRoot\system32\DRIVERS\usbscan.sys
0x05E11000 \SystemRoot\system32\DRIVERS\USBSTOR.SYS
0x05E2C000 \SystemRoot\system32\DRIVERS\monitor.sys
0x05E3A000 \SystemRoot\system32\DRIVERS\hidusb.sys
0x05E48000 \SystemRoot\system32\DRIVERS\HIDCLASS.SYS
0x05E61000 \SystemRoot\system32\DRIVERS\HIDPARSE.SYS
0x05E6A000 \SystemRoot\System32\Drivers\usbvideo.sys
0x05E98000 \SystemRoot\system32\DRIVERS\mouhid.sys
0x02C00000 \SystemRoot\system32\DRIVERS\btfilter.sys
0x045E7000 \SystemRoot\System32\Drivers\BTHUSB.sys
0x046FC000 \SystemRoot\System32\Drivers\bthport.sys
0x00550000 \SystemRoot\System32\TSDDD.dll
0x00790000 \SystemRoot\System32\cdd.dll
0x04788000 \SystemRoot\system32\DRIVERS\rfcomm.sys
0x047B4000 \SystemRoot\system32\DRIVERS\BthEnum.sys
0x047C4000 \SystemRoot\system32\DRIVERS\bthpan.sys
0x04600000 \SystemRoot\system32\DRIVERS\btath_rcp.sys
0x04625000 \SystemRoot\system32\drivers\btath_a2dp.sys
0x0468C000 \SystemRoot\system32\DRIVERS\btath_hcrp.sys
0x047E4000 \SystemRoot\system32\DRIVERS\btath_flt.sys
0x05EA5000 \SystemRoot\system32\DRIVERS\btath_lwflt.sys
0x02C48000 \SystemRoot\system32\drivers\luafv.sys
0x047F3000 \SystemRoot\system32\DRIVERS\Sftvollh.sys
0x02C6B000 \SystemRoot\system32\drivers\WudfPf.sys
0x02C8C000 \SystemRoot\system32\DRIVERS\lltdio.sys
0x06C3A000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x06C8D000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0x06CA0000 \SystemRoot\system32\DRIVERS\rspndr.sys
0x06CB8000 \??\C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
0x06CC0000 \SystemRoot\system32\drivers\HTTP.sys
0x06D89000 \SystemRoot\system32\DRIVERS\bowser.sys
0x06DA7000 \SystemRoot\System32\drivers\mpsdrv.sys
0x06DBF000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x07A87000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x07AD4000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x07AF8000 \SystemRoot\system32\DRIVERS\tmcomm.sys
0x07B1F000 \SystemRoot\system32\DRIVERS\tmevtmgr.sys
0x07B53000 \SystemRoot\system32\drivers\peauth.sys
0x07A00000 \SystemRoot\System32\Drivers\secdrv.SYS
0x082C8000 \SystemRoot\system32\DRIVERS\Sftfslh.sys
0x0837F000 \SystemRoot\system32\DRIVERS\Sftplaylh.sys
0x083CC000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x08200000 \SystemRoot\System32\drivers\tcpipreg.sys
0x08212000 \SystemRoot\System32\DRIVERS\srv2.sys
0x086E8000 \SystemRoot\System32\DRIVERS\srv.sys
0x08780000 \SystemRoot\system32\DRIVERS\Sftredirlh.sys
0x0878B000 \SystemRoot\system32\DRIVERS\WUDFRd.sys
0x087BC000 \SystemRoot\System32\Drivers\fastfat.SYS
0x087F2000 \??\C:\Windows\system32\drivers\mbam.sys
0x08671000 \SystemRoot\system32\DRIVERS\tmactmon.sys
0x77570000 \Windows\System32\ntdll.dll
0x48420000 \Windows\System32\smss.exe
0xFF890000 \Windows\System32\apisetschema.dll
0xFF0F0000 \Windows\System32\autochk.exe
0xFF7E0000 \Windows\System32\clbcatq.dll
0xFF770000 \Windows\System32\gdi32.dll
0x77410000 \Windows\System32\wininet.dll
0xFF6D0000 \Windows\System32\comdlg32.dll
0xFF670000 \Windows\System32\Wldap32.dll
0xFF5A0000 \Windows\System32\usp10.dll
0xFF4C0000 \Windows\System32\advapi32.dll
0xFF390000 \Windows\System32\rpcrt4.dll
0xFF280000 \Windows\System32\msctf.dll
0x77740000 \Windows\System32\psapi.dll
0x772C0000 \Windows\System32\urlmon.dll
0xFF070000 \Windows\System32\ole32.dll
0xFF050000 \Windows\System32\sechost.dll
0xFEFD0000 \Windows\System32\shlwapi.dll
0xFE240000 \Windows\System32\shell32.dll
0xFE230000 \Windows\System32\lpk.dll
0xFE1B0000 \Windows\System32\difxapi.dll
0x771A0000 \Windows\System32\kernel32.dll
0xFDFD0000 \Windows\System32\setupapi.dll
0x770A0000 \Windows\System32\user32.dll
0xFDFB0000 \Windows\System32\imagehlp.dll
0xFDF10000 \Windows\System32\msvcrt.dll
0xFDEE0000 \Windows\System32\imm32.dll
0x77730000 \Windows\System32\normaliz.dll
0xFDE90000 \Windows\System32\ws2_32.dll
0xFDE80000 \Windows\System32\nsi.dll
0xFDDA0000 \Windows\System32\oleaut32.dll
0x76E90000 \Windows\System32\iertutil.dll
0xFDD30000 \Windows\System32\KernelBase.dll
0xFDC90000 \Windows\System32\comctl32.dll
0xFDB20000 \Windows\System32\crypt32.dll
0xFDB00000 \Windows\System32\devobj.dll
0xFDAC0000 \Windows\System32\wintrust.dll
0xFDA80000 \Windows\System32\cfgmgr32.dll
0xFDA70000 \Windows\System32\msasn1.dll
0x767B0000 \Windows\SysWOW64\normaliz.dll
Processes (total 87):
0 System Idle Process
4 System
232 C:\Windows\System32\smss.exe
356 csrss.exe
448 C:\Windows\System32\wininit.exe
464 csrss.exe
504 C:\Windows\System32\services.exe
520 C:\Windows\System32\lsass.exe
528 C:\Windows\System32\lsm.exe
560 C:\Windows\System32\winlogon.exe
704 C:\Windows\System32\svchost.exe
784 C:\Windows\System32\svchost.exe
832 C:\Windows\System32\atiesrxx.exe
916 C:\Windows\System32\svchost.exe
960 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
636 C:\Windows\System32\svchost.exe
1060 C:\Windows\System32\atieclxx.exe
1136 C:\Windows\System32\svchost.exe
1324 C:\Windows\System32\FBAgent.exe
1348 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
1376 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
1484 C:\Windows\System32\spoolsv.exe
1520 C:\Windows\System32\svchost.exe
1728 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
1776 C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
1860 C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
1952 C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
2100 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
2120 C:\Windows\System32\svchost.exe
2152 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
2352 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
2368 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
2432 WmiPrvSE.exe
2548 C:\Windows\System32\taskhost.exe
2616 C:\Windows\System32\dwm.exe
2640 C:\Windows\explorer.exe
2892 C:\Windows\System32\taskeng.exe
2972 C:\Program Files\P4G\BatteryLife.exe
3016 C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
3060 C:\Windows\System32\taskeng.exe
1588 C:\Windows\AsScrPro.exe
2512 C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
2884 C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
2812 C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
1300 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
3112 C:\Windows\SysWOW64\ACEngSvr.exe
3168 C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
3180 C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
3260 C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
3268 C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
3276 C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
3288 C:\Program Files\Elantech\ETDCtrl.exe
3312 C:\Program Files\Windows Sidebar\sidebar.exe
3388 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
3496 C:\Windows\System32\svchost.exe
3608 C:\Windows\System32\svchost.exe
3660 WUDFHost.exe
3848 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
3944 C:\Windows\System32\svchost.exe
4044 C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
4068 C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
4076 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
4088 C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2508 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
3056 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
3920 C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
1208 C:\Windows\System32\SearchIndexer.exe
4372 C:\Program Files\Elantech\ETDCtrlHelper.exe
5048 C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
5456 C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
1364 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
5612 C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
3972 C:\Windows\System32\audiodg.exe
496 C:\Windows\System32\msiexec.exe
4320 C:\Windows\System32\dllhost.exe
5792 C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
5888 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
5108 C:\Windows\System32\conhost.exe
4580 C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
5912 C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
3832 C:\Windows\System32\conhost.exe
5952 C:\Windows\System32\SearchProtocolHost.exe
5724 C:\Windows\System32\SearchFilterHost.exe
2452 C:\Users\Andreas Malleschitz\Desktop\MBRCheck.exe
3400 C:\Windows\System32\conhost.exe
5384 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000006`40100000 (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x00000038`51e00000 (NTFS)
\\.\G: --> \\.\PhysicalDrive2 at offset 0x00000000`00100000 (NTFS)
\\.\Q: --> error 5
PhysicalDrive0 Model Number: WDCWD5000BPVT-80HXZT3, Rev: 01.01A01
PhysicalDrive2 Model Number: WDExt HDD 1021, Rev: 2002
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
931 GB \\.\PhysicalDrive2 Windows XP MBR code detected
SHA1: DA38B874B7713D1B51CBC449F4EF809B0DEC644A
Done!
Im Ahang ist noch das Extra des OTL. Hoffentlich ist es erstmal ausreichend und Ihr könnte mir weiterhelfen :( |
