Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virus der MSN installiert (https://www.trojaner-board.de/104318-virus-msn-installiert.html)

Franziska99 20.10.2011 09:37
Virus der MSN installiert
 
Hallo,

mein Freund hat gestern ein Mail einer Freundin geöffnet und versucht die Attachments downzuloaden. Dies gelang, aber die Bilder ließen sich nicht öffnen, dafür war sofort ein Virus da:

Das Foto am Bildschirmhintergrund hat sch ca 20 Mal vergrößert. Der Versuch einen neutralen Windows-Desktophintegrund zu wählen, scheiterte ebenfalls. Wenn ich ein solches Bild auswähle erscheint es auch zigmal vergrößert.

Es erschienen ganz viel Fehlermeldungen, dass Laufwerk C zerstört sei etc.


Plötzlich erschien MSN unten in der Startleiste (Wir hatten es schon lange deaktiviert)

Beim Internet Explorer war plötzlich alles voll mit Unmengen an Toolbars

Wenn man links unten auf Start klickt, kommt ja normalerweise so eine Auflistung "Desktop, Arbeitsplatz..." da ist es nun leer.

Was habe ich gemacht: Zuerst versucht alles zu schließen. Dann waren ein paar Spybot-Meldungen, da habe ich stets auf "verweigern" geklickt. Dann habe ich alle Elemente aus der Toolbar gelöscht und über Systemsteuerung die MSN-Sachen deinstalliert.
Soweit alles wieder gut. Antivir-Free-Edition hat nichts gefunden als ich sie laufen ließ.
Jedoch, links unten am Desktop wenn man auf Start klickt erscheint immer noch nur ein leeres Feld und der Desktophintergrund sieht immer noch schrecklich aus.

Ich bin mir sicher, dass der Virus noch wo ist nur weiß ich nicht was ich jetzt tun soll. Was schlagt ihr vor?

Mein Freund hat seiner Freundin geschrieben, dass sie einen Virus mitgeschickt hat. Leider arbeitet er mit ihr zusammen und muss ab und zu Mails von ihr lesen und öffnen. Wie sollen wir hier künftig vorgehen?

Ich wäre euch sehr dankbar für einen Tipp!!!!


Liebe Grüße!

cosinus 20.10.2011 13:33
Zitat:
Leider arbeitet er mit ihr zusammen und muss ab und zu Mails von ihr lesen und öffnen. Wie sollen wir hier künftig vorgehen?
Hat sie denn wirklich die Mail geschickt oder war das jmd anders?
Ihr Rechner mit ziemlicher Sicherheit ebenfalls verseucht.

Franziska99 20.10.2011 15:25
Ja, sie hat das Mail selbst geschickt. Wir haben ihr eh schon gesagt, dass der Virus von ihr kommt.
Aber hast du einen Tipp wie ich gegen den Virus oder Trojaner vorgehen kann? Welche Schritte ich setzen soll? Wie weiter screenen?

cosinus 20.10.2011 16:08
Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Franziska99 21.10.2011 20:59
Lieber Cosinus,
danke für deinen Tipp:
Hier das Logfile. Hast du eine Idee was ich nu tun könnte? Danke!

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 7994

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

21.10.2011 21:56:26
mbam-log-2011-10-21 (21-56-13).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Durchsuchte Objekte: 365128
Laufzeit: 1 Stunde(n), 5 Minute(n), 13 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 0
Infizierte Dateien: 10

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Bad: (C:\Users\me\LOCALS~1\Temp\c299fe4c.com) Good: () -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
c:\Users\me\local settings\Temp\c299fe4c.com (Trojan.Agent) -> No action taken.
c:\programdata\rpghdcgkerkxaj.exe (Trojan.FakeAlert) -> No action taken.
c:\Users\me\AppData\Local\Temp\0.3533170396177622.exe (Trojan.Agent) -> No action taken.
c:\Users\me\AppData\Local\Temp\CE9D.tmp (Trojan.Inject) -> No action taken.
c:\Users\me\AppData\Local\Temp\jar_cache4034905738880367870.tmp (Trojan.Agent) -> No action taken.
c:\Users\me\AppData\Local\Temp\net_framework_update_4.0.exe (Trojan.Inject) -> No action taken.
c:\Users\me\AppData\Local\Temp\p5tm1qbi6dss92.exe.tmp (Trojan.FakeAlert) -> No action taken.
c:\Users\me\local settings\Temp\eb7dfe4c.com (Trojan.Agent) -> No action taken.
c:\Windows\Temp\tmp0000002da7ae4be4c8836ccd (Trojan.Dropper) -> No action taken.
c:\Users\me\AppData\Local\Temp\0.6787907833935126.exe (Exploit.Drop.2) -> No action taken.

cosinus 22.10.2011 16:13
Zitat:
-> No action taken.
Die Funde müssen mit Malwarebytes entfernt waren! Bitte nachholen falls noch nicht getan!

Franziska99 22.10.2011 20:16
Hi,
danke für den Hinweis. ich hab das gemcht und auch den ESET-Test gemacht. Dabei wurden einige infizierte Dateien gefunden, 13 sogar glaube ich. Das Logfile sieht aber so aus:
ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

Das problem am PC also dieses Riesen Desktophintergrundbild und dass ich wenn ich auf Start/Windows links unten gehe keine EInträge sehe wie Arbeitsplatz etc besteht immer noch

cosinus 23.10.2011 18:12
Du hast das Log auch von hier geöffnet? => "%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"

Franziska99 23.10.2011 20:10
Wenn ich diesen Pfad eingebe, dann kommt immer eine Fehlermeldung, mit einem roten Kreis und weißem x, die sagt, dass der Pfad nicht existiert, dann hab ich den anderen Pfad versucht und eben o.-g. LogFile ist gekommen

cosinus 24.10.2011 09:40
Dann hast du ein 63-Bit-Windows wenn dieser Pfad Pfad stimmt => "%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"

Du hast vor dem Ausführen von ESET den Browser auch per Rechtsklick "als Administrator ausführen" gestartet?

Edit: Ist natürlich 64-Bit und nicht 63-Bit gemeint :)

Franziska99 25.10.2011 23:21
Du hattest natürlich recht, der Fehler war der mit dem Administrator. Dies ist nun das File:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3d138bc6977e7f4f9fd058f90fc52cd0
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-24 09:15:47
# local_time=2011-10-24 11:15:47 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 652899 94383495 168571 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776573 100 56 15296 157010837 0 0
# compatibility_mode=8192 67108863 100 0 183521 183521 0 0
# scanned=59098
# found=0
# cleaned=0
# scan_time=4016
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=3d138bc6977e7f4f9fd058f90fc52cd0
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-10-25 08:07:31
# local_time=2011-10-25 10:07:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=1797 16775165 100 100 689385 94419981 205057 0
# compatibility_mode=2560 16777215 100 0 0 0 0 0
# compatibility_mode=5892 16776573 100 56 158 157047323 0 0
# compatibility_mode=8192 67108863 100 0 220007 220007 0 0
# scanned=202438
# found=3
# cleaned=0
# scan_time=6634
C:\Users\me\Desktop\Fotos\Zeug und Privat\Hochzeit!\Fotobuch-Dateien\entwickeln\opilein\SoftonicDownloader42529.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\me\Desktop\Internet\SoftonicDownloader66221.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000 I
C:\Users\me\Downloads\SoftonicDownloader_para_system-restore-manager.exe a variant of Win32/SoftonicDownloader.A application (unable to clean) 00000000000000000000000000000000

cosinus 26.10.2011 11:55
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

Franziska99 26.10.2011 13:16
Danke für den Tipp, hier das FileOTL Logfile:
Code:
OTL logfile created on: 26.10.2011 13:35:03 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\me\Desktop
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
3,96 Gb Total Physical Memory | 1,79 Gb Available Physical Memory | 45,19% Memory free
8,11 Gb Paging File | 5,75 Gb Available in Paging File | 70,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 283,40 Gb Total Space | 175,57 Gb Free Space | 61,95% Space Free | Partition Type: NTFS
Drive E: | 14,65 Gb Total Space | 7,30 Gb Free Space | 49,83% Space Free | Partition Type: NTFS
 
Computer Name: ME-PC | User Name: me | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.10.26 13:32:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\me\Desktop\OTL.exe
PRC - [2011.09.27 19:10:37 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.01 14:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
PRC - [2011.06.29 07:57:17 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.04.29 13:00:02 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.30 19:12:37 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009.11.13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
PRC - [2009.01.26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008.12.18 20:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe
PRC - [2008.12.18 06:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe
PRC - [2008.05.08 00:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008.05.08 00:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.01.25 15:26:00 | 000,253,976 | ---- | M] (Telekom Austria TA AG) -- C:\Program Files (x86)\aon\OnlineFestplatte\OnlineFestplatte.exe
PRC - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.10.18 21:24:10 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll
MOD - [2011.10.18 21:22:47 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll
MOD - [2011.10.18 21:22:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll
MOD - [2011.10.18 15:39:03 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll
MOD - [2011.10.18 15:38:33 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll
MOD - [2011.10.18 15:38:19 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll
MOD - [2011.10.18 15:35:49 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll
MOD - [2011.10.18 15:35:35 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll
MOD - [2010.06.03 13:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2009.11.13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
MOD - [2009.11.13 17:15:00 | 000,365,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
MOD - [2009.11.13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
MOD - [2009.11.13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
MOD - [2009.11.13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
MOD - [2009.11.13 17:15:00 | 000,062,704 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbShared.resources.dll
MOD - [2009.11.13 17:15:00 | 000,046,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
MOD - [2009.11.13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll
MOD - [2009.04.09 23:29:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
MOD - [2009.03.30 06:40:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 06:40:04 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Web.Services.resources.dll
MOD - [2009.03.30 06:40:03 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.12.18 06:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll
MOD - [2008.12.18 06:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll
MOD - [2008.12.18 06:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll
MOD - [2008.12.18 06:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll
MOD - [2008.12.18 06:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2009.03.31 17:00:18 | 000,268,288 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe -- (STacSV)
SRV:64bit: - [2009.03.31 17:00:02 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2006.11.02 13:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.07.07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.06.29 07:57:17 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.04.29 13:00:02 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.23 14:33:42 | 001,141,200 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)
SRV - [2009.09.23 13:17:22 | 000,358,600 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)
SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.12.18 20:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV - [2008.05.08 00:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)
SRV - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.06.29 07:57:17 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)
DRV:64bit: - [2011.06.29 07:57:17 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.06.16 08:59:52 | 000,033,336 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)
DRV:64bit: - [2010.04.19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.09.23 17:10:04 | 000,218,056 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.31 18:53:54 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)
DRV:64bit: - [2009.03.31 18:48:56 | 010,275,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.03.31 17:00:28 | 000,477,696 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)
DRV:64bit: - [2009.03.31 16:19:00 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009.03.19 17:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)
DRV:64bit: - [2009.03.06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)
DRV:64bit: - [2008.12.30 22:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2008.12.21 19:26:28 | 004,735,488 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)
DRV:64bit: - [2008.08.31 20:19:24 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)
DRV:64bit: - [2008.08.31 20:15:58 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008.01.21 04:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)
DRV:64bit: - [2006.11.02 09:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=1&barid={99045929-FA63-11E0-ADE7-00256441E933}
IE - HKLM\..\URLSearchHook: {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "iLivid Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic.com4 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "iLivid Web Search"
FF - prefs.js..browser.search.selectedEngine: "iLivid Web Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: {0974848a-b5bc-49f2-9778-307742b4a55d}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {9545d41d-bb9b-4859-a157-3a4c7e8a2a95}:2.6.0.15
FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..extensions.enabledItems: de-AT@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: es-AR@dictionaries.addons.mozilla.org:2.5
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442
FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0
FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.4.1.00
FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.3.0.1
FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431232&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "softonic.com4 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431232&SearchSource=13"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\me\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.30 12:45:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.30 12:45:29 | 000,000,000 | ---D | M]
 
[2011.10.19 17:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\me\AppData\Roaming\mozilla\Extensions
[2011.10.26 01:18:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions
[2011.03.15 22:52:37 | 000,000,000 | ---D | M] (softonic.com4 Community Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}
[2010.05.27 13:46:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.31 10:51:37 | 000,000,000 | ---D | M] (tv_ecuador Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}
[2011.10.19 17:06:09 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.10.19 17:04:23 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.03.31 14:30:01 | 000,000,000 | ---D | M] (German Dictionary, extended for Austria) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\de-AT@dictionaries.addons.mozilla.org
[2011.03.15 22:52:37 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com
[2011.03.07 12:56:50 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\en-US@dictionaries.addons.mozilla.org
[2011.05.20 13:57:50 | 000,000,000 | ---D | M] (Diccionario español Argentina) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\es-AR@dictionaries.addons.mozilla.org
[2010.06.08 11:28:50 | 000,000,929 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\conduit.xml
[2011.10.19 17:05:55 | 000,002,520 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\SearchResults.xml
[2011.10.19 17:04:16 | 000,003,915 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\sweetim.xml
[2011.10.19 17:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.10.14 08:45:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.10.19 17:06:15 | 000,000,000 | ---D | M] (SearchCore for Browsers) -- C:\PROGRAM FILES (X86)\SEARCHCORE FOR BROWSERS\SEARCHCORE FOR BROWSERS\FIREFOXEXTENSION
[2011.09.30 12:45:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.30 12:45:27 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.30 12:45:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.19 17:05:55 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
[2011.09.30 12:45:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.30 12:45:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.11.26 18:56:18 | 000,357,940 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 201.149.146.147      www.hsbc.com.mx
O1 - Hosts: 201.149.146.147      hsbc.com.mx
O1 - Hosts: 201.149.146.147      conexion.bital.com.mx
O1 - Hosts: 201.149.146.147      conexion.bital.com
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 12311 more lines...
O2:64bit: - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)
O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKCU..\Run: [OnlineFestplatte] C:\Program Files (x86)\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)
O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
F3:64bit: - HKCU WinNT: Load - (C:\Users\me\LOCALS~1\Temp\c299fe4c.com) -  File not found
F3 - HKCU WinNT: Load - (C:\Users\me\LOCALS~1\Temp\c299fe4c.com) - File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldde-at.cab (Windows Live Hotmail Photo Upload Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F81080F-8BF9-4403-99DF-BC89BAA29DC1}: NameServer = 195.3.96.67,213.33.98.136
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74DD69DC-0EC8-458E-ABC0-E27EED445441}: DhcpNameServer = 10.0.0.138 10.0.0.138
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.10.26 13:32:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\me\Desktop\OTL.exe
[2011.10.22 19:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2011.10.21 19:57:10 | 000,000,000 | ---D | C] -- C:\Users\me\AppData\Roaming\Malwarebytes
[2011.10.21 19:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.10.21 19:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.10.21 19:56:09 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.10.21 19:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011.10.19 17:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\WiseFixer
[2011.10.19 17:06:54 | 000,000,000 | ---D | C] -- C:\Users\me\AppData\Local\Ilivid Player
[2011.10.19 17:06:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}
[2011.10.19 17:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid
[2011.10.19 17:06:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar
[2011.10.19 17:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2011.10.19 17:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchCore for Browsers
[2011.10.19 17:05:39 | 000,000,000 | ---D | C] -- C:\Users\me\AppData\Local\PackageAware
[2011.10.19 17:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM
[2011.10.19 17:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM
[2011.10.19 16:07:48 | 000,000,000 | ---D | C] -- C:\Users\me\Local Settings
[2011.10.13 15:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2009.08.04 19:41:53 | 008,653,312 | ---- | C] (Dell, Inc.                                                  ) -- C:\Users\me\AppData\Roaming\DataSafeDotNet.exe
 
========== Files - Modified Within 30 Days ==========
 
[2011.10.26 13:32:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\me\Desktop\OTL.exe
[2011.10.26 13:04:37 | 000,175,446 | ---- | M] () -- C:\Users\me\Desktop\CV_meinname_2011.pdf
[2011.10.26 12:59:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.10.26 12:50:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.10.26 12:31:35 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.10.26 12:24:43 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.10.26 12:24:42 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.10.24 17:53:49 | 4255,502,336 | -HS- | M] () -- C:\hiberfil.sys
[2011.10.24 17:51:22 | 001,453,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.10.24 17:51:22 | 000,632,576 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.10.24 17:51:22 | 000,599,206 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.10.24 17:51:22 | 000,127,804 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.10.24 17:51:22 | 000,105,220 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.10.21 19:56:16 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.21 15:53:11 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat
[2011.10.21 15:53:11 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat
[2011.10.21 15:53:11 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat
[2011.10.21 15:53:11 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat
[2011.10.21 15:52:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.10.21 15:52:36 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2011.10.19 16:24:44 | 000,000,440 | ---- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.19 16:22:28 | 000,000,280 | ---- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.19 16:22:28 | 000,000,192 | ---- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.18 15:33:12 | 000,406,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.10.13 15:13:24 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011.09.29 09:53:16 | 000,012,288 | ---- | M] () -- C:\Users\me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== Files Created - No Company Name ==========
 
[2011.10.26 13:04:35 | 000,175,446 | ---- | C] () -- C:\Users\me\Desktop\CV_meinName_2011.pdf
[2011.10.21 19:56:16 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.10.21 15:52:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2011.10.21 15:52:36 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2011.10.19 16:22:28 | 000,000,280 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.19 16:22:28 | 000,000,192 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
[2011.10.19 16:14:31 | 000,000,440 | ---- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2010.08.05 13:23:15 | 000,004,096 | -H-- | C] () -- C:\Users\me\AppData\Local\keyfile3.drm
[2010.07.06 22:12:43 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI
[2010.04.26 21:27:31 | 000,000,552 | ---- | C] () -- C:\Users\me\AppData\Local\d3d8caps.dat
[2010.03.21 23:14:31 | 000,159,568 | ---- | C] () -- C:\Users\me\AppData\Roaming\mdbu.bin
[2009.12.12 21:57:01 | 000,000,952 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2009.12.03 19:58:37 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.12.03 19:57:52 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.12.03 19:57:19 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.11.27 23:44:02 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2009.11.26 21:31:48 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2009.11.26 17:49:13 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old
[2009.08.22 19:42:57 | 000,012,288 | ---- | C] () -- C:\Users\me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.08.09 20:43:06 | 000,000,680 | ---- | C] () -- C:\Users\me\AppData\Local\d3d9caps.dat
[2009.07.25 20:54:58 | 001,449,296 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2009.07.16 22:30:35 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.16 22:30:34 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.16 22:30:34 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.07.16 22:30:33 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.16 20:21:24 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin
[2009.04.30 12:52:55 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe
[2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
 
========== LOP Check ==========
 
[2010.10.25 22:36:35 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Audacity
[2010.11.28 18:29:05 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\HartlauerFotoService3
[2009.07.25 20:56:39 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\mquadr.at
[2010.08.04 16:04:24 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Passware
[2010.12.10 23:07:07 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\PCDr
[2011.10.24 17:52:52 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2009.08.09 19:03:43 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Adobe
[2010.08.04 19:50:09 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Apple Computer
[2010.10.25 22:36:35 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Audacity
[2010.12.16 00:14:40 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Avira
[2009.12.12 21:56:55 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Corel
[2009.11.26 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Creative
[2009.07.23 19:53:10 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Dell
[2011.04.26 18:34:20 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Google
[2010.11.28 18:29:05 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\HartlauerFotoService3
[2009.07.23 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Identities
[2009.11.26 19:02:20 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\InstallShield
[2009.07.25 20:41:28 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Macromedia
[2011.10.21 19:57:10 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Malwarebytes
[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Media Center Programs
[2011.04.19 08:57:20 | 000,000,000 | --SD | M] -- C:\Users\me\AppData\Roaming\Microsoft
[2009.07.25 21:01:19 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Mozilla
[2009.07.25 20:56:39 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\mquadr.at
[2010.08.04 16:04:24 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Passware
[2009.11.26 17:45:52 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\PC Tools
[2010.12.10 23:07:07 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\PCDr
[2009.11.26 17:10:29 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Reallusion
[2011.10.25 16:38:13 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Skype
[2011.06.30 12:14:42 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\skypePM
 
< %APPDATA%\*.exe /s >
[2010.03.01 17:07:32 | 008,653,312 | ---- | M] (Dell, Inc.                                                  ) -- C:\Users\me\AppData\Roaming\DataSafeDotNet.exe
[2011.08.05 09:24:32 | 003,085,984 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\me\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2009.12.12 21:53:57 | 000,010,134 | R--- | M] () -- C:\Users\me\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe
[2009.12.12 21:53:57 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\me\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe
[2011.05.25 09:20:21 | 054,781,576 | ---- | M] (Dell Inc) -- C:\Users\me\AppData\Roaming\PCDr\Update\Binaries\full_dsc_5830_10_64_01.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\1896387c-8e3c-4f22-a505-7ab08837056a\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\2ea69e88-4f72-49ec-8da6-131d9582d376\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\593732cd-961e-4cdf-ae1f-109bc41fb5de\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\6e480718-1c97-4209-98ea-cc41ec957132\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\8727ea8d-9566-4892-a20b-611c54c4ef4f\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\940818f6-4b99-4b88-b7ab-09025fbc14b1\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\9a189859-e826-40d3-97ad-f0e650e7c53e\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\9b57786a-86a2-4459-90d0-a09e6567be22\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\a700a9ce-8481-445f-9bd6-4b99f3e46bfc\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\c7febcfa-9c2f-401c-b3a9-c143a0abf4dd\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\dbe1d4ff-493b-426e-8090-0cfa7bfd2921\DellSignedAppUpdaterRules\AddCertificate.exe
[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\efdac406-cee2-441d-a2f3-ee1d458cacc2\DellSignedAppUpdaterRules\AddCertificate.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2009.04.30 12:21:29 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=5EB9EF6EEC5D873E94992095A1719BF6 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_39c3f1ccf31998cb\atapi.sys
[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
[2009.04.30 12:21:29 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.30 12:21:29 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_393a5501d9fbf901\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2008.08.31 20:15:58 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Drivers\storage\R197861\IaStor.sys
[2008.05.08 00:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
[2008.08.31 20:15:58 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Windows\SysNative\drivers\iaStor.sys
[2008.05.08 00:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys
[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
 
< MD5 for: USER32.DLL  >
[2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll
[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe
[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe
[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2011.10.21 15:52:46 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2011.10.21 15:52:46 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2011.10.21 15:52:46 | 009,704,960 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8

< End of report >
--- --- ---

Franziska99 26.10.2011 13:18
[Log ist bereits vollständig in #13 /cosinus]

cosinus 26.10.2011 13:44
Was ein Quatsch, es ist doch schon vollständig gepostet worden beim ersten Versuch als es in CODE-Tags umschlossen war! Ich werd die anderen Beiträge daher mal editieren.

cosinus 26.10.2011 14:09
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!


Code:
:OTL
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?st=1&barid={99045929-FA63-11E0-ADE7-00256441E933}
IE - HKLM\..\URLSearchHook: {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.telekom.at/suche
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.at/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
FF - prefs.js..browser.search.defaultenginename: "iLivid Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "softonic.com4 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "iLivid Web Search"
FF - prefs.js..browser.search.selectedEngine: "iLivid Web Search"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.startup.homepage: "http://www.searchqu.com/406"
FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2
FF - prefs.js..keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q="
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""
FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2431232&SearchSource=3&q={searchTerms}"
FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "softonic.com4 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2431232&SearchSource=13"
FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "http://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q="
[2011.03.15 22:52:37 | 000,000,000 | ---D | M] (softonic.com4 Community Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}
[2010.05.31 10:51:37 | 000,000,000 | ---D | M] (tv_ecuador Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}
[2011.10.19 17:06:09 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
[2011.10.19 17:04:23 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}
[2011.03.15 22:52:37 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com
[2010.06.08 11:28:50 | 000,000,929 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\conduit.xml
[2011.10.19 17:05:55 | 000,002,520 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\SearchResults.xml
[2011.10.19 17:04:16 | 000,003,915 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\sweetim.xml
[2011.10.19 17:06:15 | 000,000,000 | ---D | M] (SearchCore for Browsers) -- C:\PROGRAM FILES (X86)\SEARCHCORE FOR BROWSERS\SEARCHCORE FOR BROWSERS\FIREFOXEXTENSION
O2:64bit: - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)
O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)
O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
F3:64bit: - HKCU WinNT: Load - (C:\Users\me\LOCALS~1\Temp\c299fe4c.com) -  File not found
F3 - HKCU WinNT: Load - (C:\Users\me\LOCALS~1\Temp\c299fe4c.com) - File not found
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8:64bit: - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)
O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\Shell - "" = AutoRun
O33 - MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe
[2011.10.19 16:24:44 | 000,000,440 | ---- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP
[2011.10.19 16:22:28 | 000,000,280 | ---- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzP
[2011.10.19 16:22:28 | 000,000,192 | ---- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr
@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8
:Files
C:\Program Files (x86)\Windows iLivid Toolbar
C:\Program Files (x86)\SearchCore for Browsers
C:\Program Files (x86)\softonic.com4
C:\Program Files (x86)\SweetIM\Toolbars
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

Franziska99 26.10.2011 18:38
hallo, das ist das ergebnis. was sind die folgenden schritte?
danke und lg
teil 1

Error: Unable to interpret <OTL logfile created on: 26.10.2011 18:59:41 - Run 2> in the current context!
Error: Unable to interpret <OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\me\Desktop> in the current context!
Error: Unable to interpret <64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation> in the current context!
Error: Unable to interpret <Internet Explorer (Version = 9.0.8112.16421)> in the current context!
Error: Unable to interpret <Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <3,96 Gb Total Physical Memory | 1,71 Gb Available Physical Memory | 43,16% Memory free> in the current context!
Error: Unable to interpret <8,11 Gb Paging File | 5,71 Gb Available in Paging File | 70,35% Paging File free> in the current context!
Error: Unable to interpret <Paging file location(s): ?:\pagefile.sys [binary data]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)> in the current context!
Error: Unable to interpret <Drive C: | 283,40 Gb Total Space | 175,48 Gb Free Space | 61,92% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret <Drive E: | 14,65 Gb Total Space | 7,30 Gb Free Space | 49,83% Space Free | Partition Type: NTFS> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Computer Name: ME-PC | User Name: me | Logged in as Administrator.> in the current context!
Error: Unable to interpret <Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans> in the current context!
Error: Unable to interpret <Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Processes (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <PRC - [2011.10.26 13:32:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\me\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <PRC - [2011.09.27 19:10:37 | 001,700,752 | ---- | M] (Bandoo Media, inc) -- C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe> in the current context!
Error: Unable to interpret <PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe> in the current context!
Error: Unable to interpret <PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe> in the current context!
Error: Unable to interpret <PRC - [2011.08.01 14:35:42 | 000,114,992 | R--- | M] (SweetIM Technologies Ltd.) -- C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe> in the current context!
Error: Unable to interpret <PRC - [2011.06.29 07:57:17 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe> in the current context!
Error: Unable to interpret <PRC - [2011.06.15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE> in the current context!
Error: Unable to interpret <PRC - [2011.04.29 13:00:02 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe> in the current context!
Error: Unable to interpret <PRC - [2010.11.30 19:12:37 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe> in the current context!
Error: Unable to interpret <PRC - [2009.11.13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe> in the current context!
Error: Unable to interpret <PRC - [2009.01.26 16:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe> in the current context!
Error: Unable to interpret <PRC - [2008.12.18 20:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) -- C:\Programme\Dell\DellDock\DockLogin.exe> in the current context!
Error: Unable to interpret <PRC - [2008.12.18 06:27:22 | 004,823,928 | ---- | M] (Dell Inc. and SightSpeed Inc.) -- C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe> in the current context!
Error: Unable to interpret <PRC - [2008.05.08 00:41:14 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe> in the current context!
Error: Unable to interpret <PRC - [2008.05.08 00:41:12 | 000,178,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe> in the current context!
Error: Unable to interpret <PRC - [2008.01.25 15:26:00 | 000,253,976 | ---- | M] (Telekom Austria TA AG) -- C:\Program Files (x86)\aon\OnlineFestplatte\OnlineFestplatte.exe> in the current context!
Error: Unable to interpret <PRC - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () -- C:\Windows\SysWOW64\PSIService.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Modules (No Company Name) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <MOD - [2011.10.18 21:24:10 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6bc98e9b5eedaa8f71c5454d36a4b772\System.Management.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2011.10.18 21:22:47 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\6b88a2bf58d8529fc33f8f3437a7ff06\System.Web.Services.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2011.10.18 21:22:22 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\40da9084d0863e07d7ce55953833b8b0\System.Configuration.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2011.10.18 15:39:03 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\c1c06a392871267db27f7cbc40e1c4fb\System.Xml.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2011.10.18 15:38:33 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1363115565fff5a641243a48f396f107\System.Windows.Forms.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2011.10.18 15:38:19 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\367c4043efc2f32d843cb588b0dc97fc\System.Drawing.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2011.10.18 15:35:49 | 007,950,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\f9c36ea806e77872dce891c77b68fac3\System.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2011.10.18 15:35:35 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b6632a8b2f276a8e31f5b0f6b2006cd1\mscorlib.ni.dll> in the current context!
Error: Unable to interpret <MOD - [2010.06.03 13:46:00 | 000,067,872 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 001,807,600 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 000,365,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 000,275,696 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 000,152,816 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 000,095,472 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 000,062,704 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbShared.resources.dll> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 000,046,320 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll> in the current context!
Error: Unable to interpret <MOD - [2009.11.13 17:15:00 | 000,017,648 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\CppUtils.dll> in the current context!
Error: Unable to interpret <MOD - [2009.04.09 23:29:00 | 000,058,608 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll> in the current context!
Error: Unable to interpret <MOD - [2009.03.30 06:40:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll> in the current context!
Error: Unable to interpret <MOD - [2009.03.30 06:40:04 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Web.Services.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Web.Services.resources.dll> in the current context!
Error: Unable to interpret <MOD - [2009.03.30 06:40:03 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll> in the current context!
Error: Unable to interpret <MOD - [2008.12.18 06:24:14 | 006,510,416 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtGui4.dll> in the current context!
Error: Unable to interpret <MOD - [2008.12.18 06:24:14 | 001,657,168 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtCore4.dll> in the current context!
Error: Unable to interpret <MOD - [2008.12.18 06:24:14 | 000,396,112 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtOpenGL4.dll> in the current context!
Error: Unable to interpret <MOD - [2008.12.18 06:24:14 | 000,366,928 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\QtNetwork4.dll> in the current context!
Error: Unable to interpret <MOD - [2008.12.18 06:24:14 | 000,027,472 | ---- | M] () -- C:\Program Files (x86)\Dell Video Chat\SDL.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Win32 Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SRV:64bit: - [2009.03.31 17:00:18 | 000,268,288 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe -- (STacSV)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2009.03.31 17:00:02 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe -- (AESTFilters)> in the current context!
Error: Unable to interpret <SRV:64bit: - [2006.11.02 13:16:05 | 000,046,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rundll32.exe -- (yksvc)> in the current context!
Error: Unable to interpret <SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)> in the current context!
Error: Unable to interpret <SRV - [2011.07.07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)> in the current context!
Error: Unable to interpret <SRV - [2011.06.29 07:57:17 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)> in the current context!
Error: Unable to interpret <SRV - [2011.06.15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)> in the current context!
Error: Unable to interpret <SRV - [2011.04.29 13:00:02 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)> in the current context!
Error: Unable to interpret <SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)> in the current context!
Error: Unable to interpret <SRV - [2009.09.23 14:33:42 | 001,141,200 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsSvc.exe -- (sdCoreService)> in the current context!
Error: Unable to interpret <SRV - [2009.09.23 13:17:22 | 000,358,600 | ---- | M] (PC Tools) [On_Demand | Stopped] -- C:\Program Files (x86)\Spyware Doctor\pctsAuxs.exe -- (sdAuxService)> in the current context!
Error: Unable to interpret <SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)> in the current context!
Error: Unable to interpret <SRV - [2008.12.18 20:05:28 | 000,155,648 | ---- | M] (Stardock Corporation) [Auto | Running] -- C:\Programme\Dell\DellDock\DockLogin.exe -- (DockLoginService)> in the current context!
Error: Unable to interpret <SRV - [2008.05.08 00:41:14 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel(R)> in the current context!
Error: Unable to interpret <SRV - [2006.11.02 21:40:12 | 000,174,656 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PSIService.exe -- (ProtexisLicensing)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Driver Services (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011.06.29 07:57:17 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2011.06.29 07:57:17 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.06.16 08:59:52 | 000,033,336 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MP4ConverterAudio.sys -- (MP4ConverterAudio)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2010.04.19 20:47:42 | 000,050,688 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.09.23 17:10:04 | 000,218,056 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.03.31 18:53:54 | 000,069,120 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RTSTOR64.SYS -- (RTSTOR)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.03.31 18:48:56 | 010,275,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.03.31 17:00:28 | 000,477,696 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\stwrt64.sys -- (STHDA)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.03.31 16:19:00 | 000,225,328 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Apfiltr.sys -- (ApfiltrService)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.03.19 17:02:00 | 000,311,296 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Vid.sys -- (OA009Vid)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2009.03.06 07:33:58 | 000,159,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\OA009Ufd.sys -- (OA009Ufd)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.12.30 22:00:22 | 000,172,032 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CtClsFlt.sys -- (CtClsFlt)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.12.21 19:26:28 | 004,735,488 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\NETw5v64.sys -- (NETw5v64) Intel(R)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.08.31 20:19:24 | 000,392,192 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\yk60x64.sys -- (yukonx64)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.08.31 20:15:58 | 000,395,288 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2008.01.21 04:46:55 | 000,317,952 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\e1e6032e.sys -- (e1express) Intel(R)> in the current context!
Error: Unable to interpret <DRV:64bit: - [2006.11.02 09:48:50 | 002,488,320 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\atikmdag.sys -- (R300)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Standard Registry (SafeList) ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Internet Explorer ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm> in the current context!
Error: Unable to interpret <IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?st=1&barid={99045929-FA63-11E0-ADE7-00256441E933}> in the current context!
Error: Unable to interpret <IE - HKLM\..\URLSearchHook: {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.telekom.at/suche> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.at/> in the current context!
Error: Unable to interpret <IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0> in the current context!
Error: Unable to interpret <IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== FireFox ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultenginename: "iLivid Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaultthis.engineName: "softonic.com4 Customized Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.defaulturl: ""> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.order.1: "iLivid Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.selectedEngine: "iLivid Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.search.suggest.enabled: false> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://www.searchqu.com/406"> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {0974848a-b5bc-49f2-9778-307742b4a55d}:3.2.5.2> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {9545d41d-bb9b-4859-a157-3a4c7e8a2a95}:2.6.0.15> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: en-US@dictionaries.addons.mozilla.org:5.0.1> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: engine@conduit.com:3.2.5.2> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: de-AT@dictionaries.addons.mozilla.org:2.0.2> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: es-AR@dictionaries.addons.mozilla.org:2.5> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8442> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {99079a25-328f-4bd4-be04-00955acaa0a7}:4.4.1.00> in the current context!
Error: Unable to interpret <FF - prefs.js..extensions.enabledItems: {EEE6C361-6118-11DC-9C72-001320C79847}:1.3.0.1> in the current context!
Error: Unable to interpret <FF - prefs.js..keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q="> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.browser.search.defaultenginename: ""> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431232&SearchSource=3&q={searchTerms}"> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.browser.search.selectedEngine: "softonic.com4 Customized Web Search"> in the current context!
Error: Unable to interpret <FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT2431232&SearchSource=13"> in the current context!
Error: Unable to interpret <FF - prefs.js..sweetim.toolbar.previous.keyword.URL: "hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q="> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)> in the current context!
Error: Unable to interpret <FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)> in the current context!
Error: Unable to interpret <FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\me\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll File not found> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.09.30 12:45:29 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret <FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.23\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.30 12:45:29 | 000,000,000 | ---D | M]> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.10.19 17:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\me\AppData\Roaming\mozilla\Extensions> in the current context!
Error: Unable to interpret <[2011.10.26 01:18:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions> in the current context!
Error: Unable to interpret <[2011.03.15 22:52:37 | 000,000,000 | ---D | M] (softonic.com4 Community Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}> in the current context!
Error: Unable to interpret <[2010.05.27 13:46:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}> in the current context!
Error: Unable to interpret <[2010.05.31 10:51:37 | 000,000,000 | ---D | M] (tv_ecuador Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}> in the current context!
Error: Unable to interpret <[2011.10.19 17:06:09 | 000,000,000 | ---D | M] (Searchqu Toolbar) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}> in the current context!
Error: Unable to interpret <[2011.10.19 17:04:23 | 000,000,000 | ---D | M] (SweetIM Toolbar for Firefox) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}> in the current context!
Error: Unable to interpret <[2011.03.31 14:30:01 | 000,000,000 | ---D | M] (German Dictionary, extended for Austria) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\de-AT@dictionaries.addons.mozilla.org> in the current context!
Error: Unable to interpret <[2011.03.15 22:52:37 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com> in the current context!
Error: Unable to interpret <[2011.03.07 12:56:50 | 000,000,000 | ---D | M] (United States English Spellchecker) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\en-US@dictionaries.addons.mozilla.org> in the current context!
Error: Unable to interpret <[2011.05.20 13:57:50 | 000,000,000 | ---D | M] (Diccionario español Argentina) -- C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\es-AR@dictionaries.addons.mozilla.org> in the current context!
Error: Unable to interpret <[2010.06.08 11:28:50 | 000,000,929 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\conduit.xml> in the current context!
Error: Unable to interpret <[2011.10.19 17:05:55 | 000,002,520 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\SearchResults.xml> in the current context!
Error: Unable to interpret <[2011.10.19 17:04:16 | 000,003,915 | ---- | M] () -- C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\sweetim.xml> in the current context!
Error: Unable to interpret <[2011.10.19 17:06:15 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions> in the current context!
Error: Unable to interpret <[2011.10.14 08:45:46 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}> in the current context!
Error: Unable to interpret <[2011.10.19 17:06:15 | 000,000,000 | ---D | M] (SearchCore for Browsers) -- C:\PROGRAM FILES (X86)\SEARCHCORE FOR BROWSERS\SEARCHCORE FOR BROWSERS\FIREFOXEXTENSION> in the current context!
Error: Unable to interpret <[2011.09.30 12:45:27 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml> in the current context!
Error: Unable to interpret <[2011.09.30 12:45:27 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml> in the current context!
Error: Unable to interpret <[2011.09.30 12:45:27 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml> in the current context!
Error: Unable to interpret <[2011.10.19 17:05:55 | 000,002,520 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml> in the current context!
Error: Unable to interpret <[2011.09.30 12:45:27 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml> in the current context!
Error: Unable to interpret <[2011.09.30 12:45:27 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <O1 HOSTS File: ([2009.11.26 18:56:18 | 000,357,940 | R--- | M]) - C:\Windows\SysNative\drivers\etc\Hosts> in the current context!
Error: Unable to interpret <O1 - Hosts: 201.149.146.147 www.hsbc.com.mx> in the current context!
Error: Unable to interpret <O1 - Hosts: 201.149.146.147 hsbc.com.mx> in the current context!
Error: Unable to interpret <O1 - Hosts: 201.149.146.147 conexion.bital.com.mx> in the current context!
Error: Unable to interpret <O1 - Hosts: 201.149.146.147 conexion.bital.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.007guard.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 007guard.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 008i.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.008k.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 008k.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.00hq.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 00hq.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 010402.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.032439.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 032439.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.0scan.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 0scan.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1000gratisproben.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1000gratisproben.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.1001namen.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 1001namen.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.100888290cs.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 100888290cs.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 www.100sexlinks.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 100sexlinks.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 127.0.0.1 10sek.com> in the current context!
Error: Unable to interpret <O1 - Hosts: 12311 more lines...> in the current context!
Error: Unable to interpret <O2:64bit: - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O2 - BHO: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)> in the current context!
Error: Unable to interpret <O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()> in the current context!
Error: Unable to interpret <O2 - BHO: (SearchCore for Browsers) - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context!
Error: Unable to interpret <O2 - BHO: (SweetIM Toolbar Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)> in the current context!
Error: Unable to interpret <O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (softonic.com4 Toolbar) - {0974848a-b5bc-49f2-9778-307742b4a55d} - C:\Program Files (x86)\softonic.com4\tbsof1.dll (Conduit Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll ()> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)> in the current context!
Error: Unable to interpret <O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {472734EA-242A-422B-ADF8-83D1E48CC825} - No CLSID value found.> in the current context!
Error: Unable to interpret <O3 - HKCU\..\Toolbar\WebBrowser: (SweetIM Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)> in the current context!
Error: Unable to interpret <O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [DATAMNGR] C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe ()> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)> in the current context!
Error: Unable to interpret <O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [OnlineFestplatte] C:\Program Files (x86)\aon\Onlinefestplatte\OnlineFestplatte.exe (Telekom Austria TA AG)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [SightSpeed] C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe (Dell Inc. and SightSpeed Inc.)> in the current context!
Error: Unable to interpret <O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)> in the current context!
Error: Unable to interpret <F3:64bit: - HKCU WinNT: Load - (C:\Users\me\LOCALS~1\Temp\c299fe4c.com) - File not found> in the current context!
Error: Unable to interpret <F3 - HKCU WinNT: Load - (C:\Users\me\LOCALS~1\Temp\c299fe4c.com) - File not found> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1> in the current context!
Error: Unable to interpret <O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found> in the current context!
Error: Unable to interpret <O8:64bit: - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found> in the current context!
Error: Unable to interpret <O8 - Extra context menu item: Web-Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html ()> in the current context!
Error: Unable to interpret <O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)> in the current context!
Error: Unable to interpret <O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)> in the current context!
Error: Unable to interpret <O1364bit: - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O13 - gopher Prefix: missing> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)> in the current context!
Error: Unable to interpret <O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)> in the current context!
Error: Unable to interpret <O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)> in the current context!
Error: Unable to interpret <O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)> in the current context!
Error: Unable to interpret <O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab (Java Plug-in 1.6.0_13)> in the current context!
Error: Unable to interpret <O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)> in the current context!
Error: Unable to interpret <O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx2.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldde-at.cab (Windows Live Hotmail Photo Upload Tool)> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138 10.0.0.138> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F81080F-8BF9-4403-99DF-BC89BAA29DC1}: NameServer = 195.3.96.67,213.33.98.136> in the current context!
Error: Unable to interpret <O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{74DD69DC-0EC8-458E-ABC0-E27EED445441}: DhcpNameServer = 10.0.0.138 10.0.0.138> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\ms-help - No CLSID value found> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found> in the current context!
Error: Unable to interpret <O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)> in the current context!
Error: Unable to interpret <O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll) - C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20 - AppInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll (Bandoo Media, inc)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)> in the current context!
Error: Unable to interpret <O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)> in the current context!
Error: Unable to interpret <O32 - HKLM CDRom: AutoRun - 1> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O33 - MountPoints2\D\Shell - "" = AutoRun> in the current context!
Error: Unable to interpret <O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\AutoRun.exe> in the current context!
Error: Unable to interpret <O34 - HKLM BootExecute: (autocheck autochk *)> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35:64bit: - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..comfile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O35 - HKLM\..exefile [open] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...com [@ = comfile] -- "%1" %*> in the current context!
Error: Unable to interpret <O37 - HKLM\...exe [@ = exefile] -- "%1" %*> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SafeBootMin:64bit: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret <SafeBootMin: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootMin: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootMin: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootMin: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <SafeBootNet:64bit: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NDIS Wrapper - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NetBIOSGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NetDDEGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Network - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: NetworkProvider - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: PNP_TDI - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: rdsessmgr - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: Streams Drivers - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: TDI - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: WudfPf - Driver> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: WudfUsbccidDriver - Driver> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret <SafeBootNet: AppMgmt - Service> in the current context!
Error: Unable to interpret <SafeBootNet: Base - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Boot Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Boot file system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: File system - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: HelpSvc - Service> in the current context!
Error: Unable to interpret <SafeBootNet: NDIS Wrapper - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: NetBIOSGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: NetDDEGroup - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Network - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: NetworkProvider - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: PCI Configuration - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: PNP Filter - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: PNP_TDI - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Primary disk - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: rdsessmgr - Service> in the current context!
Error: Unable to interpret <SafeBootNet: sacsvr - Service> in the current context!
Error: Unable to interpret <SafeBootNet: SCSI Class - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: Streams Drivers - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: System Bus Extender - Driver Group> in the current context!
Error: Unable to interpret <SafeBootNet: TDI - Driver Group> in the current context!

Franziska99 26.10.2011 18:39
Teil 2

Error: Unable to interpret <SafeBootNet: WudfPf - Driver> in the current context!
Error: Unable to interpret <SafeBootNet: WudfUsbccidDriver - Driver> in the current context!
Error: Unable to interpret <SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System> in the current context!
Error: Unable to interpret <SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive> in the current context!
Error: Unable to interpret <SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers> in the current context!
Error: Unable to interpret <SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy> in the current context!
Error: Unable to interpret <SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers> in the current context!
Error: Unable to interpret <SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume> in the current context!
Error: Unable to interpret <SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices> in the current context!
Error: Unable to interpret <SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices> in the current context!
Error: Unable to interpret <SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)> in the current context!
Error: Unable to interpret <ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - > in the current context!
Error: Unable to interpret <ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0> in the current context!
Error: Unable to interpret <ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> in the current context!
Error: Unable to interpret <ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack> in the current context!
Error: Unable to interpret <ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> in the current context!
Error: Unable to interpret <ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - > in the current context!
Error: Unable to interpret <ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx> in the current context!
Error: Unable to interpret <ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help> in the current context!
Error: Unable to interpret <ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6> in the current context!
Error: Unable to interpret <ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools> in the current context!
Error: Unable to interpret <ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements> in the current context!
Error: Unable to interpret <ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player> in the current context!
Error: Unable to interpret <ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access> in the current context!
Error: Unable to interpret <ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7> in the current context!
Error: Unable to interpret <ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll> in the current context!
Error: Unable to interpret <ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings> in the current context!
Error: Unable to interpret <ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> in the current context!
Error: Unable to interpret <ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding> in the current context!
Error: Unable to interpret <ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts> in the current context!
Error: Unable to interpret <ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1> in the current context!
Error: Unable to interpret <ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help> in the current context!
Error: Unable to interpret <ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface> in the current context!
Error: Unable to interpret <ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP> in the current context!
Error: Unable to interpret <ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig> in the current context!
Error: Unable to interpret <ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> in the current context!
Error: Unable to interpret <ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)> in the current context!
Error: Unable to interpret <ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player> in the current context!
Error: Unable to interpret <ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> in the current context!
Error: Unable to interpret <ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack> in the current context!
Error: Unable to interpret <ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> in the current context!
Error: Unable to interpret <ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx> in the current context!
Error: Unable to interpret <ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help> in the current context!
Error: Unable to interpret <ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6> in the current context!
Error: Unable to interpret <ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools> in the current context!
Error: Unable to interpret <ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements> in the current context!
Error: Unable to interpret <ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player> in the current context!
Error: Unable to interpret <ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access> in the current context!
Error: Unable to interpret <ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7> in the current context!
Error: Unable to interpret <ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll> in the current context!
Error: Unable to interpret <ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings> in the current context!
Error: Unable to interpret <ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install> in the current context!
Error: Unable to interpret <ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding> in the current context!
Error: Unable to interpret <ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts> in the current context!
Error: Unable to interpret <ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player> in the current context!
Error: Unable to interpret <ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help> in the current context!
Error: Unable to interpret <ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface> in the current context!
Error: Unable to interpret <ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework> in the current context!
Error: Unable to interpret <ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP> in the current context!
Error: Unable to interpret <ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig> in the current context!
Error: Unable to interpret <ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)> in the current context!
Error: Unable to interpret <Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)> in the current context!
Error: Unable to interpret <Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <CREATERESTOREPOINT> in the current context!
Error: Unable to interpret <Restore point Set: OTL Restore Point> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files/Folders - Created Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.10.26 13:32:17 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\me\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2011.10.22 19:10:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET> in the current context!
Error: Unable to interpret <[2011.10.21 19:57:10 | 000,000,000 | ---D | C] -- C:\Users\me\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2011.10.21 19:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2011.10.21 19:56:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes> in the current context!
Error: Unable to interpret <[2011.10.21 19:56:09 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys> in the current context!
Error: Unable to interpret <[2011.10.21 19:56:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware> in the current context!
Error: Unable to interpret <[2011.10.19 17:10:40 | 000,000,000 | ---D | C] -- C:\Program Files\WiseFixer> in the current context!
Error: Unable to interpret <[2011.10.19 17:06:54 | 000,000,000 | ---D | C] -- C:\Users\me\AppData\Local\Ilivid Player> in the current context!
Error: Unable to interpret <[2011.10.19 17:06:50 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}> in the current context!
Error: Unable to interpret <[2011.10.19 17:06:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iLivid> in the current context!
Error: Unable to interpret <[2011.10.19 17:06:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows iLivid Toolbar> in the current context!
Error: Unable to interpret <[2011.10.19 17:05:57 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess> in the current context!
Error: Unable to interpret <[2011.10.19 17:05:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SearchCore for Browsers> in the current context!
Error: Unable to interpret <[2011.10.19 17:05:39 | 000,000,000 | ---D | C] -- C:\Users\me\AppData\Local\PackageAware> in the current context!
Error: Unable to interpret <[2011.10.19 17:04:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SweetIM> in the current context!
Error: Unable to interpret <[2011.10.19 17:04:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SweetIM> in the current context!
Error: Unable to interpret <[2011.10.19 16:07:48 | 000,000,000 | ---D | C] -- C:\Users\me\Local Settings> in the current context!
Error: Unable to interpret <[2011.10.13 15:13:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype> in the current context!
Error: Unable to interpret <[2009.08.04 19:41:53 | 008,653,312 | ---- | C] (Dell, Inc. ) -- C:\Users\me\AppData\Roaming\DataSafeDotNet.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files - Modified Within 30 Days ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.10.26 18:50:03 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job> in the current context!
Error: Unable to interpret <[2011.10.26 18:47:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2011.10.26 18:44:56 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2011.10.26 18:44:56 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0> in the current context!
Error: Unable to interpret <[2011.10.26 13:32:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\me\Desktop\OTL.exe> in the current context!
Error: Unable to interpret <[2011.10.26 13:04:37 | 000,175,446 | ---- | M] () -- C:\Users\me\Desktop\CV_meinname_2011.pdf> in the current context!
Error: Unable to interpret <[2011.10.26 12:31:35 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job> in the current context!
Error: Unable to interpret <[2011.10.24 17:53:49 | 4255,502,336 | -HS- | M] () -- C:\hiberfil.sys> in the current context!
Error: Unable to interpret <[2011.10.24 17:51:22 | 001,453,974 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2011.10.24 17:51:22 | 000,632,576 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat> in the current context!
Error: Unable to interpret <[2011.10.24 17:51:22 | 000,599,206 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat> in the current context!
Error: Unable to interpret <[2011.10.24 17:51:22 | 000,127,804 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat> in the current context!
Error: Unable to interpret <[2011.10.24 17:51:22 | 000,105,220 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat> in the current context!
Error: Unable to interpret <[2011.10.21 19:56:16 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context!
Error: Unable to interpret <[2011.10.21 15:53:11 | 000,008,798 | ---- | M] () -- C:\Windows\SysWow64\icrav03.rat> in the current context!
Error: Unable to interpret <[2011.10.21 15:53:11 | 000,008,798 | ---- | M] () -- C:\Windows\SysNative\icrav03.rat> in the current context!
Error: Unable to interpret <[2011.10.21 15:53:11 | 000,001,988 | ---- | M] () -- C:\Windows\SysWow64\ticrf.rat> in the current context!
Error: Unable to interpret <[2011.10.21 15:53:11 | 000,001,988 | ---- | M] () -- C:\Windows\SysNative\ticrf.rat> in the current context!
Error: Unable to interpret <[2011.10.21 15:52:46 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf> in the current context!
Error: Unable to interpret <[2011.10.21 15:52:36 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf> in the current context!
Error: Unable to interpret <[2011.10.19 16:24:44 | 000,000,440 | ---- | M] () -- C:\ProgramData\1kAlMiG2Kb7FzP> in the current context!
Error: Unable to interpret <[2011.10.19 16:22:28 | 000,000,280 | ---- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzP> in the current context!
Error: Unable to interpret <[2011.10.19 16:22:28 | 000,000,192 | ---- | M] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr> in the current context!
Error: Unable to interpret <[2011.10.18 15:33:12 | 000,406,608 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT> in the current context!
Error: Unable to interpret <[2011.10.13 15:13:24 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk> in the current context!
Error: Unable to interpret <[2011.09.29 09:53:16 | 000,012,288 | ---- | M] () -- C:\Users\me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Files Created - No Company Name ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2011.10.26 13:04:35 | 000,175,446 | ---- | C] () -- C:\Users\me\Desktop\CV_meinname_2011.pdf> in the current context!
Error: Unable to interpret <[2011.10.21 19:56:16 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk> in the current context!
Error: Unable to interpret <[2011.10.21 15:52:46 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf> in the current context!
Error: Unable to interpret <[2011.10.21 15:52:36 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf> in the current context!
Error: Unable to interpret <[2011.10.19 16:22:28 | 000,000,280 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzP> in the current context!
Error: Unable to interpret <[2011.10.19 16:22:28 | 000,000,192 | ---- | C] () -- C:\ProgramData\~1kAlMiG2Kb7FzPr> in the current context!
Error: Unable to interpret <[2011.10.19 16:14:31 | 000,000,440 | ---- | C] () -- C:\ProgramData\1kAlMiG2Kb7FzP> in the current context!
Error: Unable to interpret <[2010.08.05 13:23:15 | 000,004,096 | -H-- | C] () -- C:\Users\me\AppData\Local\keyfile3.drm> in the current context!
Error: Unable to interpret <[2010.07.06 22:12:43 | 000,000,146 | ---- | C] () -- C:\Windows\WININIT.INI> in the current context!
Error: Unable to interpret <[2010.04.26 21:27:31 | 000,000,552 | ---- | C] () -- C:\Users\me\AppData\Local\d3d8caps.dat> in the current context!
Error: Unable to interpret <[2010.03.21 23:14:31 | 000,159,568 | ---- | C] () -- C:\Users\me\AppData\Roaming\mdbu.bin> in the current context!
Error: Unable to interpret <[2009.12.12 21:57:01 | 000,000,952 | -HS- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys> in the current context!
Error: Unable to interpret <[2009.12.03 19:58:37 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll> in the current context!
Error: Unable to interpret <[2009.12.03 19:57:52 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin> in the current context!
Error: Unable to interpret <[2009.12.03 19:57:19 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll> in the current context!
Error: Unable to interpret <[2009.11.27 23:44:02 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol> in the current context!
Error: Unable to interpret <[2009.11.26 21:31:48 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat> in the current context!
Error: Unable to interpret <[2009.11.26 17:49:13 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll.old> in the current context!
Error: Unable to interpret <[2009.08.22 19:42:57 | 000,012,288 | ---- | C] () -- C:\Users\me\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini> in the current context!
Error: Unable to interpret <[2009.08.09 20:43:06 | 000,000,680 | ---- | C] () -- C:\Users\me\AppData\Local\d3d9caps.dat> in the current context!
Error: Unable to interpret <[2009.07.25 20:54:58 | 001,449,296 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI> in the current context!
Error: Unable to interpret <[2009.07.16 22:30:35 | 000,982,196 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin> in the current context!
Error: Unable to interpret <[2009.07.16 22:30:34 | 000,139,824 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin> in the current context!
Error: Unable to interpret <[2009.07.16 22:30:34 | 000,097,448 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin> in the current context!
Error: Unable to interpret <[2009.07.16 22:30:33 | 000,417,344 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin> in the current context!
Error: Unable to interpret <[2009.07.16 20:21:24 | 000,000,075 | RHS- | C] () -- C:\Windows\CT4CET.bin> in the current context!
Error: Unable to interpret <[2009.04.30 12:52:55 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin> in the current context!
Error: Unable to interpret <[2008.01.21 04:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini> in the current context!
Error: Unable to interpret <[2006.11.02 21:40:12 | 000,174,656 | ---- | C] () -- C:\Windows\SysWow64\PSIService.exe> in the current context!
Error: Unable to interpret <[2006.11.02 17:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat> in the current context!
Error: Unable to interpret <[2006.11.02 14:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat> in the current context!
Error: Unable to interpret <[2006.11.02 14:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT> in the current context!
Error: Unable to interpret <[2006.11.02 14:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat> in the current context!
Error: Unable to interpret <[2006.11.02 11:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== LOP Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <[2010.10.25 22:36:35 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Audacity> in the current context!
Error: Unable to interpret <[2010.11.28 18:29:05 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\HartlauerFotoService3> in the current context!
Error: Unable to interpret <[2009.07.25 20:56:39 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\mquadr.at> in the current context!
Error: Unable to interpret <[2010.08.04 16:04:24 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Passware> in the current context!
Error: Unable to interpret <[2010.12.10 23:07:07 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\PCDr> in the current context!
Error: Unable to interpret <[2011.10.24 17:52:52 | 000,032,534 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Purity Check ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Custom Scans ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*. >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %ALLUSERSPROFILE%\Application Data\*.exe /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*. >> in the current context!
Error: Unable to interpret <[2009.08.09 19:03:43 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Adobe> in the current context!
Error: Unable to interpret <[2010.08.04 19:50:09 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Apple Computer> in the current context!
Error: Unable to interpret <[2010.10.25 22:36:35 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Audacity> in the current context!
Error: Unable to interpret <[2010.12.16 00:14:40 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Avira> in the current context!
Error: Unable to interpret <[2009.12.12 21:56:55 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Corel> in the current context!
Error: Unable to interpret <[2009.11.26 19:06:36 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Creative> in the current context!
Error: Unable to interpret <[2009.07.23 19:53:10 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Dell> in the current context!
Error: Unable to interpret <[2011.04.26 18:34:20 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Google> in the current context!
Error: Unable to interpret <[2010.11.28 18:29:05 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\HartlauerFotoService3> in the current context!
Error: Unable to interpret <[2009.07.23 19:51:38 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Identities> in the current context!
Error: Unable to interpret <[2009.11.26 19:02:20 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\InstallShield> in the current context!
Error: Unable to interpret <[2009.07.25 20:41:28 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Macromedia> in the current context!
Error: Unable to interpret <[2011.10.21 19:57:10 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Malwarebytes> in the current context!
Error: Unable to interpret <[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Media Center Programs> in the current context!
Error: Unable to interpret <[2011.04.19 08:57:20 | 000,000,000 | --SD | M] -- C:\Users\me\AppData\Roaming\Microsoft> in the current context!
Error: Unable to interpret <[2009.07.25 21:01:19 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Mozilla> in the current context!
Error: Unable to interpret <[2009.07.25 20:56:39 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\mquadr.at> in the current context!
Error: Unable to interpret <[2010.08.04 16:04:24 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Passware> in the current context!
Error: Unable to interpret <[2009.11.26 17:45:52 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\PC Tools> in the current context!
Error: Unable to interpret <[2010.12.10 23:07:07 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\PCDr> in the current context!
Error: Unable to interpret <[2009.11.26 17:10:29 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Reallusion> in the current context!
Error: Unable to interpret <[2011.10.25 16:38:13 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\Skype> in the current context!
Error: Unable to interpret <[2011.06.30 12:14:42 | 000,000,000 | ---D | M] -- C:\Users\me\AppData\Roaming\skypePM> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %APPDATA%\*.exe /s >> in the current context!
Error: Unable to interpret <[2010.03.01 17:07:32 | 008,653,312 | ---- | M] (Dell, Inc. ) -- C:\Users\me\AppData\Roaming\DataSafeDotNet.exe> in the current context!
Error: Unable to interpret <[2011.08.05 09:24:32 | 003,085,984 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\me\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe> in the current context!
Error: Unable to interpret <[2009.12.12 21:53:57 | 000,010,134 | R--- | M] () -- C:\Users\me\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\ARPPRODUCTICON.exe> in the current context!
Error: Unable to interpret <[2009.12.12 21:53:57 | 000,065,536 | R--- | M] (InstallShield Software Corp.) -- C:\Users\me\AppData\Roaming\Microsoft\Installer\{F428D0FB-765D-40EB-BDD8-A1E7F5C597FA}\Shortcut0.C3A146F5_4B48_11D5_A819_00B0D0428C0C.exe> in the current context!
Error: Unable to interpret <[2011.05.25 09:20:21 | 054,781,576 | ---- | M] (Dell Inc) -- C:\Users\me\AppData\Roaming\PCDr\Update\Binaries\full_dsc_5830_10_64_01.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\1896387c-8e3c-4f22-a505-7ab08837056a\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\2ea69e88-4f72-49ec-8da6-131d9582d376\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\593732cd-961e-4cdf-ae1f-109bc41fb5de\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\6e480718-1c97-4209-98ea-cc41ec957132\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\8727ea8d-9566-4892-a20b-611c54c4ef4f\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\940818f6-4b99-4b88-b7ab-09025fbc14b1\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\9a189859-e826-40d3-97ad-f0e650e7c53e\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\9b57786a-86a2-4459-90d0-a09e6567be22\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\a700a9ce-8481-445f-9bd6-4b99f3e46bfc\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\c7febcfa-9c2f-401c-b3a9-c143a0abf4dd\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\dbe1d4ff-493b-426e-8090-0cfa7bfd2921\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret <[2010.10.12 13:36:00 | 000,016,976 | ---- | M] (PC-Doctor, Inc.) -- C:\Users\me\AppData\Roaming\PCDr\Update\Rules\efdac406-cee2-441d-a2f3-ee1d458cacc2\DellSignedAppUpdaterRules\AddCertificate.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %SYSTEMDRIVE%\*.exe >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: AGP440.SYS >> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: ATAPI.SYS >> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.30 12:21:29 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=5EB9EF6EEC5D873E94992095A1719BF6 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.22134_none_39c3f1ccf31998cb\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.30 12:21:29 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\SysNative\drivers\atapi.sys> in the current context!
Error: Unable to interpret <[2009.04.30 12:21:29 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=F988BB0690CD660318037908E9B8DBF7 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18034_none_393a5501d9fbf901\atapi.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: CNGAUDIT.DLL >> in the current context!
Error: Unable to interpret <[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll> in the current context!
Error: Unable to interpret <[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll> in the current context!
Error: Unable to interpret <[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: IASTOR.SYS >> in the current context!
Error: Unable to interpret <[2008.08.31 20:15:58 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Drivers\storage\R197861\IaStor.sys> in the current context!
Error: Unable to interpret <[2008.05.08 00:40:38 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys> in the current context!
Error: Unable to interpret <[2008.08.31 20:15:58 | 000,395,288 | ---- | M] (Intel Corporation) MD5=07FB761600EFF44AF02C35B8B57E5863 -- C:\Windows\SysNative\drivers\iaStor.sys> in the current context!
Error: Unable to interpret <[2008.05.08 00:40:02 | 000,317,976 | ---- | M] (Intel Corporation) MD5=80C633722DA72E97F3F5B3B11325696D -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: IASTORV.SYS >> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NETLOGON.DLL >> in the current context!
Error: Unable to interpret <[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll> in the current context!
Error: Unable to interpret <[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: NVSTOR.SYS >> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys> in the current context!
Error: Unable to interpret <[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: SCECLI.DLL >> in the current context!
Error: Unable to interpret <[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll> in the current context!
Error: Unable to interpret <[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: USER32.DLL >> in the current context!
Error: Unable to interpret <[2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll> in the current context!
Error: Unable to interpret <[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll> in the current context!
Error: Unable to interpret <[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: USERINIT.EXE >> in the current context!
Error: Unable to interpret <[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WININIT.EXE >> in the current context!
Error: Unable to interpret <[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WINLOGON.EXE >> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe> in the current context!
Error: Unable to interpret <[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe> in the current context!
Error: Unable to interpret <[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe> in the current context!
Error: Unable to interpret <[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << MD5 for: WS2IFSL.SYS >> in the current context!
Error: Unable to interpret <[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys> in the current context!
Error: Unable to interpret <[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\drivers\*.sys /lockedfiles >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\System32\config\*.sav >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\*. /mp /s >> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret << %systemroot%\system32\*.dll /lockedfiles >> in the current context!
Error: Unable to interpret <[2011.10.21 15:52:46 | 000,353,792 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll> in the current context!
Error: Unable to interpret <[2011.10.21 15:52:46 | 000,223,232 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll> in the current context!
Error: Unable to interpret <[2011.10.21 15:52:46 | 009,704,960 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <========== Alternate Data Streams ==========> in the current context!
Error: Unable to interpret < > in the current context!
Error: Unable to interpret <@Alternate Data Stream - 163 bytes -> C:\ProgramData\TEMP:DFC5A2B2> in the current context!
Error: Unable to interpret <@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:A8ADE5D8> in the current context!
Error: Unable to interpret << End of report >> in the current context!

OTL by OldTimer - Version 3.2.31.0 log created on 10262011_193053

cosinus 26.10.2011 19:43
Du hast den Fix völlig falsch ausgeführt.
Du musst schon meinen Text in das Textfenster von OTL reinkopieren und nicht dein OTL-Log selbst!

Franziska99 28.10.2011 17:43
hallo, danke für den hinweis, jetzt sollte es passen. die beiden probleme am pc sind leider immer noch nicht behoben. was schlägst du als nächste schritt vor?
danke

All processes killed
========== OTL ==========
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Local Page| /E : value set successfully!
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{0974848a-b5bc-49f2-9778-307742b4a55d} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974848a-b5bc-49f2-9778-307742b4a55d}\ deleted successfully.
C:\Program Files (x86)\softonic.com4\tbsof1.dll moved successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Default_Page_URL| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Search Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\StartPageCache| /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "iLivid Web Search" removed from browser.search.defaultenginename
Prefs.js: "softonic.com4 Customized Web Search" removed from browser.search.defaultthis.engineName
Prefs.js: "" removed from browser.search.defaulturl
Prefs.js: "iLivid Web Search" removed from browser.search.order.1
Prefs.js: "iLivid Web Search" removed from browser.search.selectedEngine
Prefs.js: false removed from browser.search.suggest.enabled
Prefs.js: "hxxp://www.searchqu.com/406" removed from browser.startup.homepage
Prefs.js: engine@conduit.com:3.2.5.2 removed from extensions.enabledItems
Prefs.js: "hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q=" removed from keyword.URL
Prefs.js: "" removed from sweetim.toolbar.previous.browser.search.defaultenginename
Prefs.js: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431232&SearchSource=3&q={searchTerms}" removed from sweetim.toolbar.previous.browser.search.defaulturl
Prefs.js: "softonic.com4 Customized Web Search" removed from sweetim.toolbar.previous.browser.search.selectedEngine
Prefs.js: "hxxp://search.conduit.com/?ctid=CT2431232&SearchSource=13" removed from browser.startup.homepage
Prefs.js: "hxxp://www.searchqu.com/web?src=ffb&appid=102&systemid=406&sr=0&q=" removed from sweetim.toolbar.previous.keyword.URL
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}\searchplugin folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}\META-INF folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}\lib folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}\defaults folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}\components folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d}\chrome folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{0974848a-b5bc-49f2-9778-307742b4a55d} folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}\searchplugin folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}\META-INF folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}\lib folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}\defaults folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}\components folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95}\chrome folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{9545d41d-bb9b-4859-a157-3a4c7e8a2a95} folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\META-INF folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\components folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\skin folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\nl-NL folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\it-IT folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\fr-FR folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\es-ES folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\en-US folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale\de-DE folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\locale folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar\content folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome\sweetim-toolbar folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}\chrome folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com\searchplugin folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com\META-INF folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com\lib folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com\DualPackage folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com\defaults folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com\components folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com\chrome folder moved successfully.
C:\Users\me\AppData\Roaming\mozilla\Firefox\Profiles\vtp0wc2c.default\extensions\engine@conduit.com folder moved successfully.
C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\conduit.xml moved successfully.
C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\SearchResults.xml moved successfully.
C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\searchplugins\sweetim.xml moved successfully.
C:\PROGRAM FILES (X86)\SEARCHCORE FOR BROWSERS\SEARCHCORE FOR BROWSERS\FIREFOXEXTENSION\content folder moved successfully.
C:\PROGRAM FILES (X86)\SEARCHCORE FOR BROWSERS\SEARCHCORE FOR BROWSERS\FIREFOXEXTENSION\components folder moved successfully.
C:\PROGRAM FILES (X86)\SEARCHCORE FOR BROWSERS\SEARCHCORE FOR BROWSERS\FIREFOXEXTENSION folder moved successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0974848a-b5bc-49f2-9778-307742b4a55d}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974848a-b5bc-49f2-9778-307742b4a55d}\ not found.
File C:\Program Files (x86)\softonic.com4\tbsof1.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}\ deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\BrowserConnection.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}\ deleted successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{0974848a-b5bc-49f2-9778-307742b4a55d} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0974848a-b5bc-49f2-9778-307742b4a55d}\ not found.
File C:\Program Files (x86)\softonic.com4\tbsof1.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.
File C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\searchqudtx.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ deleted successfully.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472734EA-242A-422B-ADF8-83D1E48CC825}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}\ not found.
File C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll not found.
64bit-Registry delete failed. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\me\LOCALS~1\Temp\c299fe4c.com scheduled to be deleted on reboot.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\me\LOCALS~1\Temp\c299fe4c.com deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ deleted successfully.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche\ deleted successfully.
File Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Google Sidewiki...\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Web-Suche\ not found.
File Suche - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\MenuExt.html not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\datamngr.dll deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\datamngr.dll moved successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\SEARCH~1\x64\IEBHO.dll deleted successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64\IEBHO.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\datamngr.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\datamngr.dll not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll deleted successfully.
File pInit_DLLs: (C:\PROGRA~2\SEARCH~1\SEARCH~1\IEBHO.dll) -C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\IEBHO.dll not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52c8b586-2029-11e0-aa97-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c8b586-2029-11e0-aa97-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52c8b586-2029-11e0-aa97-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52c8b593-2029-11e0-aa97-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{52c8b593-2029-11e0-aa97-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52c8b593-2029-11e0-aa97-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73165341-f5eb-11de-b603-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{73165341-f5eb-11de-b603-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73165341-f5eb-11de-b603-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{731653a2-f5eb-11de-b603-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{731653a2-f5eb-11de-b603-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{731653a2-f5eb-11de-b603-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc2eeab7-ebaf-11de-abfa-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc2eeab7-ebaf-11de-abfa-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc2eeab7-ebaf-11de-abfa-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc2eeb1e-ebaf-11de-abfa-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc2eeb32-ebaf-11de-abfa-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cc2eeb32-ebaf-11de-abfa-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc2eeb32-ebaf-11de-abfa-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d86c9a1d-218d-11e0-bea9-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d86c9a1d-218d-11e0-bea9-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d86c9a1d-218d-11e0-bea9-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d86c9a39-218d-11e0-bea9-00256441e933}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d86c9a39-218d-11e0-bea9-00256441e933}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d86c9a39-218d-11e0-bea9-00256441e933}\ not found.
File D:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D\ not found.
File D:\AutoRun.exe not found.
C:\ProgramData\1kAlMiG2Kb7FzP moved successfully.
C:\ProgramData\~1kAlMiG2Kb7FzP moved successfully.
C:\ProgramData\~1kAlMiG2Kb7FzPr moved successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:A8ADE5D8 deleted successfully.
========== FILES ==========
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\components folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\searchbar folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\options folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin\lib folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\skin folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\widgets folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\modules folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\lib folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\data\search folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content\data folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome\content folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\chrome folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar\Datamngr folder moved successfully.
C:\Program Files (x86)\Windows iLivid Toolbar folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers\x64 folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers\SearchCore for Browsers folder moved successfully.
C:\Program Files (x86)\SearchCore for Browsers folder moved successfully.
C:\Program Files (x86)\softonic.com4 folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\orange folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\green folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources\blue folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\resources folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\Microsoft.VC90.CRT folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\conf folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer folder moved successfully.
C:\Program Files (x86)\SweetIM\Toolbars folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: me
->Temp folder emptied: 414454463 bytes
->Temporary Internet Files folder emptied: 467518548 bytes
->Java cache emptied: 67593963 bytes
->FireFox cache emptied: 74532743 bytes
->Flash cache emptied: 3278976 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 122804509 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 157415347 bytes

Total Files Cleaned = 1.247,00 mb

File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
Error: Unable to interpret < Klick dann oben links auf den Button Fix> in the current context!

OTL by OldTimer - Version 3.2.31.0 log created on 10282011_183300

Files\Folders moved on Reboot...
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...
64bit-Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\Load:C:\Users\me\LOCALS~1\Temp\c299fe4c.com deleted successfully.

cosinus 28.10.2011 20:06
Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

Franziska99 29.10.2011 18:12
19:08:09.0888 0788 TDSS rootkit removing tool 2.6.14.0 Oct 28 2011 11:11:01
19:08:10.0260 0788 ============================================================
19:08:10.0260 0788 Current date / time: 2011/10/29 19:08:10.0260
19:08:10.0260 0788 SystemInfo:
19:08:10.0260 0788
19:08:10.0261 0788 OS Version: 6.0.6002 ServicePack: 2.0
19:08:10.0261 0788 Product type: Workstation
19:08:10.0261 0788 ComputerName: ME-PC
19:08:10.0261 0788 UserName: me
19:08:10.0261 0788 Windows directory: C:\Windows
19:08:10.0261 0788 System windows directory: C:\Windows
19:08:10.0261 0788 Running under WOW64
19:08:10.0261 0788 Processor architecture: Intel x64
19:08:10.0261 0788 Number of processors: 2
19:08:10.0261 0788 Page size: 0x1000
19:08:10.0261 0788 Boot type: Normal boot
19:08:10.0261 0788 ============================================================
19:08:10.0728 0788 Initialize success
19:08:43.0196 2200 ============================================================
19:08:43.0196 2200 Scan started
19:08:43.0196 2200 Mode: Manual; SigCheck; TDLFS;
19:08:43.0196 2200 ============================================================
19:08:44.0026 2200 ACPI (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
19:08:44.0157 2200 ACPI - ok
19:08:44.0324 2200 adp94xx (f14215e37cf124104575073f782111d2) C:\Windows\system32\drivers\adp94xx.sys
19:08:44.0378 2200 adp94xx - ok
19:08:44.0432 2200 adpahci (7d05a75e3066861a6610f7ee04ff085c) C:\Windows\system32\drivers\adpahci.sys
19:08:44.0456 2200 adpahci - ok
19:08:44.0483 2200 adpu160m (820a201fe08a0c345b3bedbc30e1a77c) C:\Windows\system32\drivers\adpu160m.sys
19:08:44.0499 2200 adpu160m - ok
19:08:44.0532 2200 adpu320 (9b4ab6854559dc168fbb4c24fc52e794) C:\Windows\system32\drivers\adpu320.sys
19:08:44.0551 2200 adpu320 - ok
19:08:44.0719 2200 AFD (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
19:08:44.0803 2200 AFD - ok
19:08:44.0925 2200 agp440 (f6f6793b7f17b550ecfdbd3b229173f7) C:\Windows\system32\drivers\agp440.sys
19:08:44.0946 2200 agp440 - ok
19:08:44.0997 2200 aic78xx (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
19:08:45.0021 2200 aic78xx - ok
19:08:45.0054 2200 aliide (9544c2c55541c0c6bfd7b489d0e7d430) C:\Windows\system32\drivers\aliide.sys
19:08:45.0075 2200 aliide - ok
19:08:45.0101 2200 amdide (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
19:08:45.0120 2200 amdide - ok
19:08:45.0168 2200 AmdK8 (cdc3632a3a5ea4dbb83e46076a3165a1) C:\Windows\system32\drivers\amdk8.sys
19:08:45.0371 2200 AmdK8 - ok
19:08:45.0523 2200 ApfiltrService (1412e9a88fe1f7e35ce6058a2ef03664) C:\Windows\system32\DRIVERS\Apfiltr.sys
19:08:45.0584 2200 ApfiltrService - ok
19:08:45.0695 2200 arc (ba8417d4765f3988ff921f30f630e303) C:\Windows\system32\drivers\arc.sys
19:08:45.0719 2200 arc - ok
19:08:45.0773 2200 arcsas (9d41c435619733b34cc16a511e644b11) C:\Windows\system32\drivers\arcsas.sys
19:08:45.0795 2200 arcsas - ok
19:08:45.0842 2200 AsyncMac (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
19:08:45.0932 2200 AsyncMac - ok
19:08:45.0992 2200 atapi (f988bb0690cd660318037908e9b8dbf7) C:\Windows\system32\drivers\atapi.sys
19:08:46.0012 2200 atapi - ok
19:08:46.0104 2200 avgntflt (b1224e6b086cd6548315b04ab575a23e) C:\Windows\system32\DRIVERS\avgntflt.sys
19:08:46.0123 2200 avgntflt - ok
19:08:46.0228 2200 avipbb (ed45f12cfa62b83765c9c1496758cc87) C:\Windows\system32\DRIVERS\avipbb.sys
19:08:46.0239 2200 avipbb - ok
19:08:46.0348 2200 blbdrive (79feeb40056683f8f61398d81dda65d2) C:\Windows\system32\drivers\blbdrive.sys
19:08:46.0402 2200 blbdrive - ok
19:08:46.0483 2200 bowser (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
19:08:46.0542 2200 bowser - ok
19:08:46.0602 2200 BrFiltLo (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
19:08:46.0739 2200 BrFiltLo - ok
19:08:46.0773 2200 BrFiltUp (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
19:08:46.0824 2200 BrFiltUp - ok
19:08:46.0880 2200 Brserid (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
19:08:47.0119 2200 Brserid - ok
19:08:47.0145 2200 BrSerWdm (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
19:08:47.0233 2200 BrSerWdm - ok
19:08:47.0254 2200 BrUsbMdm (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
19:08:47.0346 2200 BrUsbMdm - ok
19:08:47.0380 2200 BrUsbSer (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
19:08:47.0460 2200 BrUsbSer - ok
19:08:47.0509 2200 BTHMODEM (e0777b34e05f8a82a21856efc900c29f) C:\Windows\system32\drivers\bthmodem.sys
19:08:47.0605 2200 BTHMODEM - ok
19:08:47.0659 2200 cdfs (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
19:08:47.0738 2200 cdfs - ok
19:08:47.0799 2200 cdrom (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
19:08:47.0853 2200 cdrom - ok
19:08:47.0893 2200 circlass (02ea568d498bbdd4ba55bf3fce34d456) C:\Windows\system32\drivers\circlass.sys
19:08:47.0958 2200 circlass - ok
19:08:48.0011 2200 CLFS (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
19:08:48.0036 2200 CLFS - ok
19:08:48.0128 2200 CmBatt (b52d9a14ce4101577900a364ba86f3df) C:\Windows\system32\DRIVERS\CmBatt.sys
19:08:48.0193 2200 CmBatt - ok
19:08:48.0233 2200 cmdide (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
19:08:48.0246 2200 cmdide - ok
19:08:48.0292 2200 Compbatt (7fb8ad01db0eabe60c8a861531a8f431) C:\Windows\system32\DRIVERS\compbatt.sys
19:08:48.0305 2200 Compbatt - ok
19:08:48.0318 2200 crcdisk (a8585b6412253803ce8efcbd6d6dc15c) C:\Windows\system32\drivers\crcdisk.sys
19:08:48.0332 2200 crcdisk - ok
19:08:48.0378 2200 CtClsFlt (fc1f55ba03832fbb0daf965f746c47bb) C:\Windows\system32\DRIVERS\CtClsFlt.sys
19:08:48.0420 2200 CtClsFlt - ok
19:08:48.0487 2200 DfsC (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
19:08:48.0542 2200 DfsC - ok
19:08:48.0621 2200 disk (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
19:08:48.0638 2200 disk - ok
19:08:48.0718 2200 drmkaud (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
19:08:48.0789 2200 drmkaud - ok
19:08:48.0852 2200 DXGKrnl (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
19:08:48.0949 2200 DXGKrnl - ok
19:08:49.0041 2200 e1express (17d40652ef3e55eeae187a89df40965a) C:\Windows\system32\DRIVERS\e1e6032e.sys
19:08:49.0095 2200 e1express - ok
19:08:49.0140 2200 E1G60 (264cee7b031a9d6c827f3d0cb031f2fe) C:\Windows\system32\DRIVERS\E1G6032E.sys
19:08:49.0199 2200 E1G60 - ok
19:08:49.0238 2200 Ecache (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
19:08:49.0258 2200 Ecache - ok
19:08:49.0302 2200 elxstor (c4636d6e10469404ab5308d9fd45ed07) C:\Windows\system32\drivers\elxstor.sys
19:08:49.0330 2200 elxstor - ok
19:08:49.0355 2200 ErrDev (991fab6aa066e1214efb5b496fb7959a) C:\Windows\system32\drivers\errdev.sys
19:08:49.0390 2200 ErrDev - ok
19:08:49.0442 2200 exfat (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
19:08:49.0489 2200 exfat - ok
19:08:49.0516 2200 fastfat (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
19:08:49.0589 2200 fastfat - ok
19:08:49.0637 2200 fdc (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
19:08:49.0677 2200 fdc - ok
19:08:49.0717 2200 FileInfo (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
19:08:49.0731 2200 FileInfo - ok
19:08:49.0761 2200 Filetrace (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
19:08:49.0809 2200 Filetrace - ok
19:08:49.0842 2200 flpydisk (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
19:08:49.0883 2200 flpydisk - ok
19:08:49.0925 2200 FltMgr (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
19:08:49.0942 2200 FltMgr - ok
19:08:50.0024 2200 Fs_Rec (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
19:08:50.0101 2200 Fs_Rec - ok
19:08:50.0123 2200 gagp30kx (c8e416668d3dc2be3d4fe4c79224997f) C:\Windows\system32\drivers\gagp30kx.sys
19:08:50.0138 2200 gagp30kx - ok
19:08:50.0166 2200 GEARAspiWDM (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:08:50.0177 2200 GEARAspiWDM - ok
19:08:50.0287 2200 HDAudBus (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
19:08:50.0400 2200 HDAudBus - ok
19:08:50.0442 2200 HidBth (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
19:08:50.0541 2200 HidBth - ok
19:08:50.0562 2200 HidIr (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
19:08:50.0639 2200 HidIr - ok
19:08:50.0700 2200 HidUsb (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
19:08:50.0745 2200 HidUsb - ok
19:08:50.0789 2200 HpCISSs (d7109a1e6bd2dfdbcba72a6bc626a13b) C:\Windows\system32\drivers\hpcisss.sys
19:08:50.0803 2200 HpCISSs - ok
19:08:50.0852 2200 HTTP (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
19:08:50.0931 2200 HTTP - ok
19:08:50.0988 2200 hwdatacard - ok
19:08:51.0011 2200 hwusbdev - ok
19:08:51.0065 2200 i2omp (da94c854cea5fac549d4e1f6e88349e8) C:\Windows\system32\drivers\i2omp.sys
19:08:51.0082 2200 i2omp - ok
19:08:51.0118 2200 i8042prt (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
19:08:51.0179 2200 i8042prt - ok
19:08:51.0238 2200 iaStor (07fb761600eff44af02c35b8b57e5863) C:\Windows\system32\drivers\iastor.sys
19:08:51.0265 2200 iaStor - ok
19:08:51.0299 2200 iaStorV (3e3bf3627d886736d0b4e90054f929f6) C:\Windows\system32\drivers\iastorv.sys
19:08:51.0328 2200 iaStorV - ok
19:08:51.0637 2200 igfx (f7ab8285bbecfaa5ed4050ccb89e073d) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:08:52.0293 2200 igfx - ok
19:08:52.0318 2200 iirsp (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
19:08:52.0332 2200 iirsp - ok
19:08:52.0372 2200 intelide (df797a12176f11b2d301c5b234bb200e) C:\Windows\system32\drivers\intelide.sys
19:08:52.0385 2200 intelide - ok
19:08:52.0402 2200 intelppm (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
19:08:52.0457 2200 intelppm - ok
19:08:52.0514 2200 IpFilterDriver (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:08:52.0571 2200 IpFilterDriver - ok
19:08:52.0598 2200 IpInIp - ok
19:08:52.0634 2200 IPMIDRV (9c2ee2e6e5a7203bfae15c299475ec67) C:\Windows\system32\drivers\ipmidrv.sys
19:08:52.0675 2200 IPMIDRV - ok
19:08:52.0701 2200 IPNAT (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
19:08:52.0755 2200 IPNAT - ok
19:08:52.0796 2200 IRENUM (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
19:08:52.0852 2200 IRENUM - ok
19:08:52.0877 2200 isapnp (0672bfcedc6fc468a2b0500d81437f4f) C:\Windows\system32\drivers\isapnp.sys
19:08:52.0889 2200 isapnp - ok
19:08:52.0931 2200 iScsiPrt (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
19:08:52.0950 2200 iScsiPrt - ok
19:08:52.0971 2200 iteatapi (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
19:08:52.0984 2200 iteatapi - ok
19:08:53.0011 2200 iteraid (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
19:08:53.0023 2200 iteraid - ok
19:08:53.0052 2200 kbdclass (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
19:08:53.0066 2200 kbdclass - ok
19:08:53.0088 2200 kbdhid (bf8783a5066cfecf45095459e8010fa7) C:\Windows\system32\DRIVERS\kbdhid.sys
19:08:53.0126 2200 kbdhid - ok
19:08:53.0183 2200 KSecDD (476e2c1dcea45895994bef11c2a98715) C:\Windows\system32\Drivers\ksecdd.sys
19:08:53.0247 2200 KSecDD - ok
19:08:53.0298 2200 ksthunk (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
19:08:53.0370 2200 ksthunk - ok
19:08:53.0434 2200 lltdio (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
19:08:53.0494 2200 lltdio - ok
19:08:53.0527 2200 LSI_FC (acbe1af32d3123e330a07bfbc5ec4a9b) C:\Windows\system32\drivers\lsi_fc.sys
19:08:53.0545 2200 LSI_FC - ok
19:08:53.0568 2200 LSI_SAS (799ffb2fc4729fa46d2157c0065b3525) C:\Windows\system32\drivers\lsi_sas.sys
19:08:53.0585 2200 LSI_SAS - ok
19:08:53.0604 2200 LSI_SCSI (f445ff1daad8a226366bfaf42551226b) C:\Windows\system32\drivers\lsi_scsi.sys
19:08:53.0622 2200 LSI_SCSI - ok
19:08:53.0650 2200 luafv (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
19:08:53.0717 2200 luafv - ok
19:08:53.0774 2200 MBAMProtector (23a854450dab5c9b7a42ab9be6f2e4bd) C:\Windows\system32\drivers\mbam.sys
19:08:53.0791 2200 MBAMProtector - ok
19:08:53.0834 2200 megasas (5c5cd6aaced32fb26c3fb34b3dcf972f) C:\Windows\system32\drivers\megasas.sys
19:08:53.0854 2200 megasas - ok
19:08:53.0894 2200 MegaSR (859bc2436b076c77c159ed694acfe8f8) C:\Windows\system32\drivers\megasr.sys
19:08:53.0930 2200 MegaSR - ok
19:08:53.0987 2200 Modem (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
19:08:54.0066 2200 Modem - ok
19:08:54.0106 2200 monitor (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
19:08:54.0170 2200 monitor - ok
19:08:54.0205 2200 mouclass (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
19:08:54.0218 2200 mouclass - ok
19:08:54.0240 2200 mouhid (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
19:08:54.0289 2200 mouhid - ok
19:08:54.0316 2200 MountMgr (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
19:08:54.0330 2200 MountMgr - ok
19:08:54.0398 2200 MP4ConverterAudio (5935425b5f7e275eab6578e7cff6e59a) C:\Windows\system32\drivers\MP4ConverterAudio.sys
19:08:54.0410 2200 MP4ConverterAudio - ok
19:08:54.0439 2200 mpio (f8276eb8698142884498a528dfea8478) C:\Windows\system32\drivers\mpio.sys
19:08:54.0454 2200 mpio - ok
19:08:54.0474 2200 mpsdrv (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
19:08:54.0517 2200 mpsdrv - ok
19:08:54.0545 2200 Mraid35x (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
19:08:54.0560 2200 Mraid35x - ok
19:08:54.0593 2200 MRxDAV (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
19:08:54.0654 2200 MRxDAV - ok
19:08:54.0693 2200 mrxsmb (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:08:54.0739 2200 mrxsmb - ok
19:08:54.0796 2200 mrxsmb10 (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:08:54.0849 2200 mrxsmb10 - ok
19:08:54.0877 2200 mrxsmb20 (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:08:54.0926 2200 mrxsmb20 - ok
19:08:54.0972 2200 msahci (730b784962d22d2c6481eae2370e7c8c) C:\Windows\system32\drivers\msahci.sys
19:08:54.0994 2200 msahci - ok
19:08:55.0023 2200 msdsm (264bbb4aaf312a485f0e44b65a6b7202) C:\Windows\system32\drivers\msdsm.sys
19:08:55.0046 2200 msdsm - ok
19:08:55.0086 2200 Msfs (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
19:08:55.0166 2200 Msfs - ok
19:08:55.0221 2200 msisadrv (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
19:08:55.0242 2200 msisadrv - ok
19:08:55.0311 2200 MSKSSRV (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
19:08:55.0386 2200 MSKSSRV - ok
19:08:55.0406 2200 MSPCLOCK (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
19:08:55.0484 2200 MSPCLOCK - ok
19:08:55.0511 2200 MSPQM (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
19:08:55.0589 2200 MSPQM - ok
19:08:55.0635 2200 MsRPC (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
19:08:55.0667 2200 MsRPC - ok
19:08:55.0689 2200 mssmbios (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
19:08:55.0710 2200 mssmbios - ok
19:08:55.0720 2200 MSTEE (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
19:08:55.0805 2200 MSTEE - ok
19:08:55.0833 2200 Mup (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
19:08:55.0849 2200 Mup - ok
19:08:55.0909 2200 NativeWifiP (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
19:08:55.0949 2200 NativeWifiP - ok
19:08:56.0026 2200 NDIS (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
19:08:56.0071 2200 NDIS - ok
19:08:56.0109 2200 NdisTapi (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
19:08:56.0160 2200 NdisTapi - ok
19:08:56.0200 2200 Ndisuio (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
19:08:56.0250 2200 Ndisuio - ok
19:08:56.0284 2200 NdisWan (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
19:08:56.0330 2200 NdisWan - ok
19:08:56.0352 2200 NDProxy (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
19:08:56.0421 2200 NDProxy - ok
19:08:56.0447 2200 NetBIOS (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
19:08:56.0515 2200 NetBIOS - ok
19:08:56.0550 2200 netbt (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
19:08:56.0591 2200 netbt - ok
19:08:56.0775 2200 NETw5v64 (f17eda58c8c5b1a4f873b322729168ff) C:\Windows\system32\DRIVERS\NETw5v64.sys
19:08:57.0440 2200 NETw5v64 - ok
19:08:57.0551 2200 nfrd960 (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
19:08:57.0572 2200 nfrd960 - ok
19:08:57.0671 2200 Npfs (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
19:08:57.0729 2200 Npfs - ok
19:08:57.0772 2200 nsiproxy (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
19:08:57.0856 2200 nsiproxy - ok
19:08:57.0929 2200 Ntfs (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
19:08:58.0137 2200 Ntfs - ok
19:08:58.0176 2200 Null (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
19:08:58.0248 2200 Null - ok
19:08:58.0277 2200 nvraid (2c040b7ada5b06f6facadac8514aa034) C:\Windows\system32\drivers\nvraid.sys
19:08:58.0292 2200 nvraid - ok
19:08:58.0305 2200 nvstor (f7ea0fe82842d05eda3efdd376dbfdba) C:\Windows\system32\drivers\nvstor.sys
19:08:58.0320 2200 nvstor - ok
19:08:58.0341 2200 nv_agp (19067ca93075ef4823e3938a686f532f) C:\Windows\system32\drivers\nv_agp.sys
19:08:58.0356 2200 nv_agp - ok
19:08:58.0364 2200 NwlnkFlt - ok
19:08:58.0377 2200 NwlnkFwd - ok
19:08:58.0442 2200 OA009Ufd (404b0121ae1a75d9a63b6934eb07c258) C:\Windows\system32\DRIVERS\OA009Ufd.sys
19:08:58.0490 2200 OA009Ufd - ok
19:08:58.0528 2200 OA009Vid (d460884eb05b90d06b35a1dbc31928df) C:\Windows\system32\DRIVERS\OA009Vid.sys
19:08:58.0558 2200 OA009Vid - ok
19:08:58.0605 2200 ohci1394 (7b58953e2f263421fdbb09a192712a85) C:\Windows\system32\drivers\ohci1394.sys
19:08:58.0683 2200 ohci1394 - ok
19:08:58.0746 2200 Parport (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
19:08:58.0821 2200 Parport - ok
19:08:58.0851 2200 partmgr (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
19:08:58.0867 2200 partmgr - ok
19:08:58.0901 2200 PCD5SRVC{048DBD20-445E8C82-05040104} - ok
19:08:58.0930 2200 pci (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
19:08:58.0946 2200 pci - ok
19:08:58.0971 2200 pciide (8d618c829034479985a9ed56106cc732) C:\Windows\system32\drivers\pciide.sys
19:08:58.0984 2200 pciide - ok
19:08:59.0012 2200 pcmcia (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
19:08:59.0029 2200 pcmcia - ok
19:08:59.0082 2200 PCTCore (3a68080572b81577791a7b19bb880da9) C:\Windows\system32\drivers\PCTCore64.sys
19:08:59.0098 2200 PCTCore - ok
19:08:59.0126 2200 PEAUTH (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
19:08:59.0217 2200 PEAUTH - ok
19:08:59.0298 2200 PptpMiniport (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
19:08:59.0348 2200 PptpMiniport - ok
19:08:59.0365 2200 Processor (5080e59ecee0bc923f14018803aa7a01) C:\Windows\system32\drivers\processr.sys
19:08:59.0425 2200 Processor - ok
19:08:59.0483 2200 PSched (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
19:08:59.0516 2200 PSched - ok
19:08:59.0560 2200 ql2300 (0b83f4e681062f3839be2ec1d98fd94a) C:\Windows\system32\drivers\ql2300.sys
19:08:59.0644 2200 ql2300 - ok
19:08:59.0665 2200 ql40xx (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
19:08:59.0685 2200 ql40xx - ok
19:08:59.0712 2200 QWAVEdrv (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
19:08:59.0751 2200 QWAVEdrv - ok
19:08:59.0871 2200 R300 (2a09a6b271d1f50adf5e33b37d460de6) C:\Windows\system32\DRIVERS\atikmdag.sys
19:09:00.0074 2200 R300 - ok
19:09:00.0103 2200 RasAcd (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
19:09:00.0161 2200 RasAcd - ok
19:09:00.0204 2200 Rasl2tp (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:09:00.0252 2200 Rasl2tp - ok
19:09:00.0277 2200 RasPppoe (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
19:09:00.0318 2200 RasPppoe - ok
19:09:00.0345 2200 RasSstp (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
19:09:00.0368 2200 RasSstp - ok
19:09:00.0406 2200 rdbss (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
19:09:00.0466 2200 rdbss - ok
19:09:00.0495 2200 RDPCDD (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:09:00.0547 2200 RDPCDD - ok
19:09:00.0578 2200 rdpdr (c045d1fb111c28df0d1be8d4bda22c06) C:\Windows\system32\drivers\rdpdr.sys
19:09:00.0646 2200 rdpdr - ok
19:09:00.0656 2200 RDPENCDD (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
19:09:00.0717 2200 RDPENCDD - ok
19:09:00.0776 2200 RDPWD (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
19:09:00.0819 2200 RDPWD - ok
19:09:00.0875 2200 rspndr (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
19:09:00.0915 2200 rspndr - ok
19:09:00.0943 2200 RTSTOR (39e74e264338934dbf11f8db79a3e116) C:\Windows\system32\drivers\RTSTOR64.SYS
19:09:00.0994 2200 RTSTOR - ok
19:09:01.0020 2200 sbp2port (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
19:09:01.0035 2200 sbp2port - ok
19:09:01.0128 2200 secdrv (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:09:01.0210 2200 secdrv - ok
19:09:01.0243 2200 Serenum (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\drivers\serenum.sys
19:09:01.0319 2200 Serenum - ok
19:09:01.0346 2200 Serial (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
19:09:01.0413 2200 Serial - ok
19:09:01.0435 2200 sermouse (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
19:09:01.0482 2200 sermouse - ok
19:09:01.0513 2200 sffdisk (14d4b4465193a87c127933978e8c4106) C:\Windows\system32\drivers\sffdisk.sys
19:09:01.0565 2200 sffdisk - ok
19:09:01.0592 2200 sffp_mmc (7073aee3f82f3d598e3825962aa98ab2) C:\Windows\system32\drivers\sffp_mmc.sys
19:09:01.0640 2200 sffp_mmc - ok
19:09:01.0662 2200 sffp_sd (35e59ebe4a01a0532ed67975161c7b82) C:\Windows\system32\drivers\sffp_sd.sys
19:09:01.0712 2200 sffp_sd - ok
19:09:01.0737 2200 sfloppy (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
19:09:01.0818 2200 sfloppy - ok
19:09:01.0845 2200 SiSRaid2 (7a5de502aeb719d4594c6471060a78b3) C:\Windows\system32\drivers\sisraid2.sys
19:09:01.0859 2200 SiSRaid2 - ok
19:09:01.0885 2200 SiSRaid4 (3a2f769fab9582bc720e11ea1dfb184d) C:\Windows\system32\drivers\sisraid4.sys
19:09:01.0900 2200 SiSRaid4 - ok
19:09:01.0939 2200 Smb (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
19:09:01.0996 2200 Smb - ok
19:09:02.0049 2200 spldr (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
19:09:02.0065 2200 spldr - ok
19:09:02.0131 2200 srv (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
19:09:02.0210 2200 srv - ok
19:09:02.0268 2200 srv2 (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
19:09:02.0306 2200 srv2 - ok
19:09:02.0361 2200 srvnet (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
19:09:02.0396 2200 srvnet - ok
19:09:02.0476 2200 STHDA (ba16447226abfd342e130d2f24f73d32) C:\Windows\system32\DRIVERS\stwrt64.sys
19:09:02.0572 2200 STHDA - ok
19:09:02.0615 2200 swenum (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
19:09:02.0630 2200 swenum - ok
19:09:02.0654 2200 Symc8xx (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
19:09:02.0674 2200 Symc8xx - ok
19:09:02.0703 2200 Sym_hi (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
19:09:02.0723 2200 Sym_hi - ok
19:09:02.0752 2200 Sym_u3 (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
19:09:02.0776 2200 Sym_u3 - ok
19:09:02.0888 2200 Tcpip (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\drivers\tcpip.sys
19:09:03.0063 2200 Tcpip - ok
19:09:03.0146 2200 Tcpip6 (4dad14118fbcf7c609f2a4ce21fbcc5f) C:\Windows\system32\DRIVERS\tcpip.sys
19:09:03.0279 2200 Tcpip6 - ok
19:09:03.0343 2200 tcpipreg (c7e72a4071ee0200e3c075dacfb2b334) C:\Windows\system32\drivers\tcpipreg.sys
19:09:03.0399 2200 tcpipreg - ok
19:09:03.0460 2200 TDPIPE (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
19:09:03.0542 2200 TDPIPE - ok
19:09:03.0563 2200 TDTCP (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
19:09:03.0659 2200 TDTCP - ok
19:09:03.0695 2200 tdx (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
19:09:03.0757 2200 tdx - ok
19:09:03.0796 2200 TermDD (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
19:09:03.0820 2200 TermDD - ok
19:09:03.0874 2200 tssecsrv (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:09:03.0956 2200 tssecsrv - ok
19:09:03.0985 2200 tunmp (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
19:09:04.0041 2200 tunmp - ok
19:09:04.0110 2200 tunnel (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
19:09:04.0150 2200 tunnel - ok
19:09:04.0177 2200 uagp35 (fec266ef401966311744bd0f359f7f56) C:\Windows\system32\drivers\uagp35.sys
19:09:04.0199 2200 uagp35 - ok
19:09:04.0261 2200 udfs (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
19:09:04.0333 2200 udfs - ok
19:09:04.0380 2200 uliagpkx (4ec9447ac3ab462647f60e547208ca00) C:\Windows\system32\drivers\uliagpkx.sys
19:09:04.0401 2200 uliagpkx - ok
19:09:04.0426 2200 uliahci (697f0446134cdc8f99e69306184fbbb4) C:\Windows\system32\drivers\uliahci.sys
19:09:04.0455 2200 uliahci - ok
19:09:04.0468 2200 UlSata (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
19:09:04.0493 2200 UlSata - ok
19:09:04.0518 2200 ulsata2 (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
19:09:04.0543 2200 ulsata2 - ok
19:09:04.0573 2200 umbus (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
19:09:04.0637 2200 umbus - ok
19:09:04.0712 2200 USBAAPL64 (cd03479f2da26500b203ed075c146a7a) C:\Windows\system32\Drivers\usbaapl64.sys
19:09:04.0770 2200 USBAAPL64 - ok
19:09:04.0859 2200 usbaudio (c6ba890de6e41857fbe84175519cae7d) C:\Windows\system32\drivers\usbaudio.sys
19:09:04.0934 2200 usbaudio - ok
19:09:04.0996 2200 usbccgp (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
19:09:05.0055 2200 usbccgp - ok
19:09:05.0101 2200 usbcir (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
19:09:05.0209 2200 usbcir - ok
19:09:05.0244 2200 usbehci (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
19:09:05.0311 2200 usbehci - ok
19:09:05.0346 2200 usbhub (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
19:09:05.0407 2200 usbhub - ok
19:09:05.0438 2200 usbohci (eba14ef0c07cec233f1529c698d0d154) C:\Windows\system32\drivers\usbohci.sys
19:09:05.0541 2200 usbohci - ok
19:09:05.0561 2200 usbprint (acfee697af477021bb3ec78c5431fed2) C:\Windows\system32\drivers\usbprint.sys
19:09:05.0677 2200 usbprint - ok
19:09:05.0716 2200 USBSTOR (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:09:05.0764 2200 USBSTOR - ok
19:09:05.0784 2200 usbuhci (b2872cbf9f47316abd0e0c74a1aba507) C:\Windows\system32\DRIVERS\usbuhci.sys
19:09:05.0841 2200 usbuhci - ok
19:09:05.0924 2200 usbvideo (fc33099877790d51b0927b7039059855) C:\Windows\system32\Drivers\usbvideo.sys
19:09:06.0010 2200 usbvideo - ok
19:09:06.0032 2200 vga (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
19:09:06.0089 2200 vga - ok
19:09:06.0118 2200 VgaSave (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
19:09:06.0159 2200 VgaSave - ok
19:09:06.0168 2200 viaide (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
19:09:06.0182 2200 viaide - ok
19:09:06.0214 2200 volmgr (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
19:09:06.0229 2200 volmgr - ok
19:09:06.0280 2200 volmgrx (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
19:09:06.0306 2200 volmgrx - ok
19:09:06.0331 2200 volsnap (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
19:09:06.0349 2200 volsnap - ok
19:09:06.0371 2200 vsmraid (a68f455ed2673835209318dd61bfbb0e) C:\Windows\system32\drivers\vsmraid.sys
19:09:06.0387 2200 vsmraid - ok
19:09:06.0409 2200 WacomPen (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
19:09:06.0467 2200 WacomPen - ok
19:09:06.0523 2200 Wanarp (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:09:06.0601 2200 Wanarp - ok
19:09:06.0608 2200 Wanarpv6 (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
19:09:06.0638 2200 Wanarpv6 - ok
19:09:06.0654 2200 Wd (0c17a0816f65b89e362e682ad5e7266e) C:\Windows\system32\drivers\wd.sys
19:09:06.0669 2200 Wd - ok
19:09:06.0719 2200 Wdf01000 (d02e7e4567da1e7582fbf6a91144b0df) C:\Windows\system32\drivers\Wdf01000.sys
19:09:06.0774 2200 Wdf01000 - ok
19:09:06.0847 2200 WmiAcpi (e18aebaaa5a773fe11aa2c70f65320f5) C:\Windows\system32\DRIVERS\wmiacpi.sys
19:09:06.0877 2200 WmiAcpi - ok
19:09:06.0955 2200 WpdUsb (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
19:09:07.0015 2200 WpdUsb - ok
19:09:07.0058 2200 ws2ifsl (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
19:09:07.0115 2200 ws2ifsl - ok
19:09:07.0184 2200 WUDFRd (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:09:07.0234 2200 WUDFRd - ok
19:09:07.0320 2200 yukonx64 (b681cadb266b151061e7baa82b0d77b7) C:\Windows\system32\DRIVERS\yk60x64.sys
19:09:07.0380 2200 yukonx64 - ok
19:09:07.0405 2200 MBR (0x1B8) (cdb4de4bbd714f152979da2dcbef57eb) \Device\Harddisk0\DR0
19:09:07.0517 2200 \Device\Harddisk0\DR0 - ok
19:09:07.0548 2200 Boot (0x1200) (480c4ddc23abfbaa4d37eb978c1eb3b3) \Device\Harddisk0\DR0\Partition0
19:09:07.0549 2200 \Device\Harddisk0\DR0\Partition0 - ok
19:09:07.0554 2200 Boot (0x1200) (20ab9bd76a12aaf869560c158363d214) \Device\Harddisk0\DR0\Partition1
19:09:07.0555 2200 \Device\Harddisk0\DR0\Partition1 - ok
19:09:07.0558 2200 ============================================================
19:09:07.0558 2200 Scan finished
19:09:07.0558 2200 ============================================================
19:09:07.0572 0732 Detected object count: 0
19:09:07.0572 0732 Actual detected object count: 0


Das ist das File unhide.exe hab ich duurhclafen lassen, als administrator gestartet und antivir ausgeschaltet, aber trotzdem seh ich noch nicht alle dateien.

cosinus 29.10.2011 22:26
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Franziska99 30.10.2011 12:41
Danke, dies hat mir geholfen

soll ich noch weitere Schritte setzen?

Combofix Logfile:
Code:
ComboFix 11-10-30.01 - me 30.10.2011  12:03:05.1.2 - x64
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.43.1031.18.4057.1936 [GMT 1:00]
ausgeführt von:: c:\users\me\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Spyware Doctor *Disabled/Updated* {94076BB2-F3DA-227F-9A1E-F060FF73600F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\me\lame_enc.dll
c:\users\me\lametritonus.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2011-09-28 bis 2011-10-30  ))))))))))))))))))))))))))))))
.
.
2011-10-30 11:19 . 2011-10-30 11:19        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{B415999D-D886-4DD8-8F3D-516F5CBCF380}\offreg.dll
2011-10-30 11:18 . 2011-10-30 11:23        --------        d-----w-        c:\users\me\AppData\Local\temp
2011-10-30 11:18 . 2011-10-30 11:18        --------        d-----w-        c:\users\Default\AppData\Local\temp
2011-10-28 06:34 . 2011-10-07 04:16        8570192        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{B415999D-D886-4DD8-8F3D-516F5CBCF380}\mpengine.dll
2011-10-26 17:30 . 2011-10-26 17:30        --------        d-----w-        C:\_OTL
2011-10-22 17:10 . 2011-10-22 17:10        --------        d-----w-        c:\program files (x86)\ESET
2011-10-21 17:57 . 2011-10-21 17:57        --------        d-----w-        c:\users\me\AppData\Roaming\Malwarebytes
2011-10-21 17:56 . 2011-10-21 17:56        --------        d-----w-        c:\programdata\Malwarebytes
2011-10-21 17:56 . 2011-10-21 19:55        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2011-10-21 17:56 . 2011-08-31 15:00        25416        ----a-w-        c:\windows\system32\drivers\mbam.sys
2011-10-19 15:10 . 2011-10-19 15:10        --------        d-----w-        c:\program files\WiseFixer
2011-10-19 15:06 . 2011-10-19 15:06        --------        d-----w-        c:\users\me\AppData\Local\Ilivid Player
2011-10-19 15:06 . 2011-10-19 15:06        --------        dc----w-        c:\programdata\{1B0B54CA-AA7D-41D3-A84A-29E7C9CB13A2}
2011-10-19 15:06 . 2011-10-19 15:07        --------        d-----w-        c:\program files (x86)\iLivid
2011-10-19 15:05 . 2011-10-19 15:05        --------        d-----w-        c:\programdata\boost_interprocess
2011-10-19 15:05 . 2011-10-19 15:05        --------        d-----w-        c:\users\me\AppData\Local\PackageAware
2011-10-19 15:04 . 2011-10-28 16:33        --------        d-----w-        c:\program files (x86)\SweetIM
2011-10-19 15:04 . 2011-10-19 15:04        --------        d-----w-        c:\programdata\SweetIM
2011-10-13 18:45 . 2011-09-06 13:56        2764288        ----a-w-        c:\windows\system32\win32k.sys
2011-10-10 09:09 . 2011-10-10 09:09        4550304        ----a-w-        c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-10-29 19:10 . 2010-03-21 21:14        171792        ----a-w-        c:\users\me\AppData\Roaming\mdbu.bin
2011-09-15 17:11 . 2011-09-15 17:11        255352        ----a-w-        c:\windows\SysWow64\awrdscdc.ax
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"SightSpeed"="c:\program files (x86)\Dell Video Chat\DellVideoChat.exe" [2008-12-18 4823928]
"OnlineFestplatte"="c:\program files (x86)\aon\Onlinefestplatte\OnlineFestplatte.exe" [2008-01-25 253976]
"ISUSPM Startup"="c:\progra~2\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2005-02-16 221184]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2006-09-11 86960]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-11-13 1807600]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2010-11-30 281768]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-01-09 405639]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-09-08 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2010-09-24 421160]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-06-08 37296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2011-08-01 114992]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 449608]
.
c:\users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-2-6 1312096]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe"
"Clear"=C:\cls.exe
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-19 136176]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-08-31 366152]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-07-07 195336]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-19 136176]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [x]
R3 MP4ConverterAudio;MP4ConverterAudio;c:\windows\system32\drivers\MP4ConverterAudio.sys [x]
R3 PCD5SRVC{048DBD20-445E8C82-05040104};PCD5SRVC{048DBD20-445E8C82-05040104} - PCDR Kernel Mode Service Helper Driver;c:\progra~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms [x]
R3 sdAuxService;PC Tools Auxiliary Service;c:\program files (x86)\Spyware Doctor\pctsAuxs.exe [2009-09-23 358600]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 1020768]
S0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2011-04-29 136360]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-06-15 249648]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe [2008-12-18 155648]
S2 yksvc;Marvell Yukon Service;RUNDLL32.EXE ykx64coinst,serviceStartProc [x]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NETw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\NETw5v64.sys [x]
S3 OA009Ufd;Creative Camera OA009 Upper Filter Driver;c:\windows\system32\DRIVERS\OA009Ufd.sys [x]
S3 OA009Vid;Creative Camera OA009 Function Driver;c:\windows\system32\DRIVERS\OA009Vid.sys [x]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk60x64.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-19 07:03]
.
2011-10-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-19 07:03]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-03-31 305664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-31 154648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-31 227352]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-31 202264]
"QuickSet"="c:\program files\Dell\QuickSet\QuickSet.exe" [2009-01-09 2115664]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-05-07 178712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x1
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.at/
mStart Page =
mLocal Page =
IE: Google Sidewiki...
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138
TCP: Interfaces\{6F81080F-8BF9-4403-99DF-BC89BAA29DC1}: NameServer = 195.3.96.67,213.33.98.136
CLSID: {603d3801-bd81-11d0-a3a5-00c04fd706ec} - %SystemRoot%\SysWow64\browseui.dll
FF - ProfilePath - c:\users\me\AppData\Roaming\Mozilla\Firefox\Profiles\vtp0wc2c.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine -
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Skype Click to Call: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: United States English Spellchecker: en-US@dictionaries.addons.mozilla.org - %profile%\extensions\en-US@dictionaries.addons.mozilla.org
FF - Ext: German Dictionary, extended for Austria: de-AT@dictionaries.addons.mozilla.org - %profile%\extensions\de-AT@dictionaries.addons.mozilla.org
FF - Ext: Diccionario español Argentina: es-AR@dictionaries.addons.mozilla.org - %profile%\extensions\es-AR@dictionaries.addons.mozilla.org
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-DellSupportCenter - c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe
Wow6432Node-HKLM-Run-DATAMNGR - c:\progra~2\SEARCH~1\SEARCH~1\DATAMN~1.EXE
SafeBoot-Wdf01000.sys
HKLM-Run-Windows Defender - c:\program files (x86)\Windows Defender\MSASCui.exe
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
AddRemove-SearchCore for Browsers - c:\program files (x86)\SearchCore for Browsers\uninstall.exe
AddRemove-Searchqu 406 MediaBar - c:\program files (x86)\Windows iLivid Toolbar\Datamngr\ToolBar\uninstallTB.exe
AddRemove-softonic.com4 Toolbar - c:\progra~2\SOFTON~1.COM\UNWISE.EXE
AddRemove-_{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91} - c:\program files (x86)\Corel\CorelDRAW Graphics Suite 13\Programs\MSILauncher {7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\PCD5SRVC{048DBD20-445E8C82-05040104}]
"ImagePath"="\??\c:\progra~2\DELLSU~1\HWDiag\bin\PCD5SRVC_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10b.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10b.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
  00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\windows\SysWOW64\PSIService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-10-30  12:29:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-10-30 11:29
.
Vor Suchlauf: 19 Verzeichnis(se), 188.954.628.096 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 188.776.521.728 Bytes frei
.
Current=1 Default=1 Failed=0 LastKnownGood=90 Sets=1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90
- - End Of File - - AE75780FC044EE6D7242BCDBC3AE06A8
--- --- ---

Franziska99 30.10.2011 12:49
Hallo,
etwas zu fürh gefreut..
Also nun ist ein problem akut: Ich kann den Antivirenschutz nicht mehr starten (Free Version Avira) es kommt die Fehlermeldung onBLClick() failed
Und von Windows gestellte Desktophintergrundbilder (Blumen, Tiere...) sehe ich zwar wieder in Normalgröße.- Private Fotos, die ich vorher als Desktophintergrund hatte sind abe rnoch immer in xxxxl vergrößert. zB ein Foto von mir wo man meinen ganzen Körper drauf sieht ist so groß dass man nur meinen Oberarm am Bildschirm sieht.
Woran kann dies liegen?

cosinus 30.10.2011 18:16
hast du Windows neu gestartet?

Franziska99 30.10.2011 21:53
Hallo,

ja, das habe ich. Avira Antivir habe ich nun gelöscht und dafür ne Kaspersky-Version downgeloadte. Bleibt das Problem, dass ich keine selbst gemachten Fotos als Desktophintergrudn nehmen kann, weil sie zigmal vergrößert sind.

cosinus 30.10.2011 23:44
Das Problem kann ich so nicht recht nachvollziehen.

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Franziska99 31.10.2011 22:00
Danke

aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-10-31 21:50:46
-----------------------------
21:50:46.506 OS Version: Windows x64 6.0.6002 Service Pack 2
21:50:46.506 Number of processors: 2 586 0x170A
21:50:46.507 ComputerName: ME-PC UserName: me
21:50:53.039 Initialize success
21:52:44.766 AVAST engine defs: 11103100
21:54:37.889 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
21:54:37.893 Disk 0 Vendor: WDC_WD32 11.0 Size: 305245MB BusType: 3
21:54:37.931 Disk 0 MBR read successfully
21:54:37.935 Disk 0 MBR scan
21:54:37.942 Disk 0 Windows VISTA default MBR code
21:54:37.947 Service scanning
21:54:41.689 Service KL1 C:\Windows\system32\DRIVERS\kl1.sys **LOCKED** 5
21:54:41.696 Service kl2 C:\Windows\system32\DRIVERS\kl2.sys **LOCKED** 5
21:54:41.705 Service KLIM6 C:\Windows\system32\DRIVERS\klim6.sys **LOCKED** 5
21:54:41.711 Service klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys **LOCKED** 5
21:54:44.310 Modules scanning
21:54:44.316 Disk 0 trace - called modules:
21:54:44.376 ntoskrnl.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
21:54:44.385 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80049ad610]
21:54:44.392 3 CLASSPNP.SYS[fffffa6001ba4c33] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80045c0050]
21:54:46.051 AVAST engine scan C:\Windows
21:54:58.395 AVAST engine scan C:\Windows\system32
21:57:31.554 AVAST engine scan C:\Windows\system32\drivers
21:57:45.984 AVAST engine scan C:\Users\me
21:58:29.749 Disk 0 MBR has been saved successfully to "C:\Users\me\Documents\MBR.dat"
21:58:29.757 The log file has been saved successfully to "C:\Users\me\Documents\aswMBR.txt"

cosinus 31.10.2011 22:27
Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Alle Zeitangaben in WEZ +1. Es ist jetzt 03:59 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19