Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.12.2011, 19:36   #1
joebacka
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hallo Leute,

Ich glaube ich habe mir einen Virus eingefangen, der nicht so leicht zu entfernen ist. Es hat vor ein paar Tagen angefangen und zwar meldete sich avira dauernd zu wort:

In der Datei 'C:\Users\Johannes\AppData\Local\2bde10f3\U\800000cb.@'
wurde ein Virus oder unerwünschtes Programm 'TR/ATRAPS.Gen2' [trojan] gefunden.
Ausgeführte Aktion: Zugriff verweigern

Löschen oder in Quarantäne verschieben hat nicht geholfen. Daraufhin habe ich mir mbam runtergeladen und einen scan laufen lassen und alle Funde gelöscht.
Jetzt kommt zwar nicht mehr die avira meldung, aber den Virus bin ich immer noch nicht los.

Zum Einen öffnet sich in regelmäßigen Abständen automatisch ein Tab (irgendwas mit mediashifting.com/...). Zum Anderen findet mbam immer wieder den selben Regestryeintrag der nicht verschwindet (HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Daten: C:\Users\Johannes\AppData\Local\2bde10f3\X). Komischerweise gibts den Ordner 2bde10f3 gar nicht unter ..\Local\.

Ich hoffe ihr könnt mir weiterhelfen, denn ich würde nur sehr ungern mein System neu aufsetzen.

PS: Mein Betriebssystem ist Win 7 Professional SP1 64-bit

Alt 28.12.2011, 20:37   #2
Chris4You
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,
Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Update" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop
  • Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)
  • Poste die Logfiles hier in den Thread

chris
__________________

__________________

Alt 29.12.2011, 00:46   #3
joebacka
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



mbam log:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.28.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Johannes :: JOE [Administrator]

28.12.2011 23:16:24
mbam-log-2011-12-28 (23-16-24).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 421071
Laufzeit: 1 Stunde(n), 24 Minute(n), 50 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Daten: C:\Users\Johannes\AppData\Local\2bde10f3\X -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
OLT-log
Code:
ATTFilter
OTL logfile created on: 28.12.2011 23:18:09 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 38,45% Memory free
8,00 Gb Paging File | 5,21 Gb Available in Paging File | 65,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500,00 Gb Total Space | 373,68 Gb Free Space | 74,74% Space Free | Partition Type: NTFS
Drive D: | 1363,01 Gb Total Space | 556,32 Gb Free Space | 40,82% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 465,38 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: JOE | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Johannes\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\0k9685op.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko8\WINNT_x86-msvc\SSSLauncher.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\Java\jre6\bin\jp2native.dll ()
MOD - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AODService) -- C:\Program Files (x86)\Tuning\AMD Overdrive\AODAssist.exe ()
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd)
DRV - (AODDriver4.01) -- C:\Program Files (x86)\Tuning\AMD Overdrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 55 0B 82 1E F8 BF CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.startup.homepage: "hxxp://www.hsv.de/index.php?id=16043"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.02.09 19:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.02.09 19:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.29 08:39:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.28 21:49:53 | 000,000,000 | ---D | M]
 
[2011.03.30 19:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Extensions
[2011.03.30 19:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.12.27 11:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions
[2011.12.16 22:44:15 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.12.21 20:53:13 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2011.05.15 09:25:16 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010.12.21 20:53:12 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\firefox@tvunetworks.com
[2010.12.21 20:53:13 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\moveplayer@movenetworks.com
[2011.04.02 17:42:58 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\vshare@toolbar
[2010.03.24 15:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\0k9685op.default\searchplugins\conduit.xml
[2011.11.29 08:39:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
[2011.11.29 08:39:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.12.22 15:57:39 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.23 02:52:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.23 02:46:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.23 02:52:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.23 02:52:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.23 02:52:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.23 02:52:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E578DDC-AFD0-42A7-B617-DDBB64557420}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (C:\Users\Johannes\AppData\Local\2bde10f3\X) -C:\Users\Johannes\AppData\Local\2bde10f3\X ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{cd6a2aeb-0d4e-11e0-867e-6c626d85fadc}\Shell - "" = AutoRun
O33 - MountPoints2\{cd6a2aeb-0d4e-11e0-867e-6c626d85fadc}\Shell\AutoRun\command - "" = L:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.28 23:16:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2011.12.22 09:23:41 | 000,000,000 | -HSD | C] -- C:\Users\Johannes\AppData\Local\2bde10f3
[2011.12.14 09:24:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.14 09:24:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.14 09:24:24 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.14 09:24:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.14 09:24:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.14 09:24:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.14 09:24:23 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.14 09:24:23 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.14 09:24:23 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.14 09:24:22 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.14 09:24:22 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.14 09:22:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.14 09:21:53 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.14 09:21:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.12 22:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.12.12 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011.12.12 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.12.09 16:11:52 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\Sky
[2011.12.08 20:08:50 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\2011_12_08
[2011.12.08 00:39:26 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Tor
[2011.12.08 00:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2011.12.08 00:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle
[2011.12.08 00:39:25 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Vidalia
[2011.12.08 00:37:03 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor
[2011.12.08 00:12:47 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\utmp
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.28 23:16:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2011.12.28 20:18:40 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 20:18:40 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 17:45:11 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.28 14:12:02 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.12.28 13:47:24 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.28 13:47:24 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.28 13:47:24 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.28 13:47:24 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.28 13:47:24 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.28 13:43:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.28 13:42:59 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.27 22:42:01 | 000,538,052 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_3.JPG
[2011.12.27 22:41:57 | 000,569,812 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_2.JPG
[2011.12.27 22:41:54 | 000,565,191 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_1.JPG
[2011.12.27 22:41:50 | 000,572,077 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_3.jpg
[2011.12.27 22:41:47 | 000,511,469 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_2.jpg
[2011.12.27 22:41:45 | 000,568,741 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_1.JPG
[2011.12.21 16:49:03 | 000,000,600 | ---- | M] () -- C:\Users\Johannes\PUTTY.RND
[2011.12.20 19:36:53 | 000,139,966 | ---- | M] () -- C:\Users\Johannes\Desktop\Targobank.pdf
[2011.12.20 15:16:00 | 000,000,213 | ---- | M] () -- C:\Users\Johannes\Desktop\u.ini
[2011.12.14 15:59:31 | 000,339,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.08 19:44:19 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.08 00:12:13 | 001,249,280 | ---- | M] () -- C:\Users\Johannes\Desktop\U1103.exe
[2011.12.06 23:40:50 | 001,671,629 | ---- | M] () -- C:\Users\Johannes\Desktop\Marktuebersicht_CI+_geeigneter_Empfangsgeraete.pdf
[2011.12.03 10:39:59 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[6 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.28 17:45:11 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.27 22:42:01 | 000,538,052 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_3.JPG
[2011.12.27 22:41:57 | 000,569,812 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_2.JPG
[2011.12.27 22:41:54 | 000,565,191 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_1.JPG
[2011.12.27 22:41:50 | 000,572,077 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_3.jpg
[2011.12.27 22:41:47 | 000,511,469 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_2.jpg
[2011.12.27 22:41:45 | 000,568,741 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_1.JPG
[2011.12.20 19:36:53 | 000,139,966 | ---- | C] () -- C:\Users\Johannes\Desktop\Targobank.pdf
[2011.12.08 00:20:40 | 000,000,213 | ---- | C] () -- C:\Users\Johannes\Desktop\u.ini
[2011.12.08 00:12:13 | 001,249,280 | ---- | C] () -- C:\Users\Johannes\Desktop\U1103.exe
[2011.12.08 00:08:07 | 000,000,600 | ---- | C] () -- C:\Users\Johannes\PUTTY.RND
[2011.12.06 23:40:50 | 001,671,629 | ---- | C] () -- C:\Users\Johannes\Desktop\Marktuebersicht_CI+_geeigneter_Empfangsgeraete.pdf
[2011.12.03 10:39:59 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.18 18:04:04 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2011.09.20 18:28:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011.09.20 18:28:58 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011.09.02 12:42:42 | 000,000,843 | ---- | C] () -- C:\Windows\wiso.ini
[2011.07.17 22:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.05.16 07:30:28 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.26 12:19:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.01.26 20:21:26 | 000,000,000 | ---- | C] () -- C:\Users\Johannes\AppData\Local\STAR.trace
[2011.01.26 13:56:35 | 000,003,278 | ---- | C] () -- C:\Users\Johannes\AppData\Roaming\SerialClonerPrefs
[2010.12.27 15:31:39 | 000,000,017 | ---- | C] () -- C:\Users\Johannes\AppData\Local\resmon.resmoncfg
[2010.12.22 17:45:19 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.12.21 21:29:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.05 00:59:32 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\StarOpen.sys
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys

< End of report >
         
OLT-Extras log:
Code:
ATTFilter
OTL Extras logfile created on: 28.12.2011 23:18:09 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,54 Gb Available Physical Memory | 38,45% Memory free
8,00 Gb Paging File | 5,21 Gb Available in Paging File | 65,21% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500,00 Gb Total Space | 373,68 Gb Free Space | 74,74% Space Free | Partition Type: NTFS
Drive D: | 1363,01 Gb Total Space | 556,32 Gb Free Space | 40,82% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 465,38 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: JOE | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{10ADF519-706B-6EC7-A1A7-A2580D920457}" = AMD Catalyst Install Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{2AF2EABE-CF18-CACB-E57C-A4902A3C36C8}" = AMD Media Foundation Decoders
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C95F41B-70D9-7EF8-BC80-B1C896B5B747}" = AMD Fuel
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D79C2CD4-7BCC-60AC-76C9-834CEEF1CDBE}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.00 Beta 3 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer 2011
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo
"{1DA27F36-93EB-E82F-2DA3-48F13C0153CD}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.0
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{330D5210-3C4F-E632-2714-BE23C7C10B9F}" = Catalyst Control Center Graphics Previews Common
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{434D0FA0-AB8C-497F-B30A-7A1000018201}" = DiRT 3
"{43544FB5-BC1D-939A-7FDA-F7F3E5AEC35B}" = AMD VISION Engine Control Center
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F6F7929-56E8-4FAE-92A8-6B86108D07C1}" = LG United Mobile Drivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{78D2854E-5DBF-11E7-B41F-47D203C8ED66}" = CCC Help English
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.0.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AC76BA86-7AD7-5676-5A64-A00000000003}" = Adobe Reader Extended Language Support Font Pack
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D7AF16E7-5938-4369-BA54-B1ABD541BC32}" = Utility
"{DAD5AC93-8518-4F46-A5FE-E63FEE791B6F}" = AMD OverDrive
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Afterburner" = MSI Afterburner 2.0.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"Core Damage 0.8h" = Core Damage 0.8h
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DivX Setup.divx.com" = DivX-Setup
"Fifa 12 (c) Electronic Arts_is1" = Fifa 12 (c) Electronic Arts version 1
"Fraps" = Fraps
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Mafia II_is1" = Mafia II DLC Joe's Adventures
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"OpenAL" = OpenAL
"Polipo" = Polipo 1.0.4.1
"Postal 2_is1" = Portal 2
"PyMOL" = PyMOL
"SopCast" = SopCast 3.3.2
"SpeedFan" = SpeedFan (remove only)
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 33230" = Assassin's Creed II
"Tor" = Tor 0.2.2.34
"Veetle TV" = Veetle TV 0.9.18
"Vidalia" = Vidalia 0.2.15
"VLC media player" = VLC media player 1.1.11
"xvid" = XviD MPEG-4 Video Codec
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 07.12.2011 19:16:56 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm U1103.exe, Version 0.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1154    Startzeit:
 01ccb535bb52298e    Endzeit: 5    Anwendungspfad: C:\Users\Johannes\Desktop\U1103.exe    Berichts-ID:
 8bfa7f7e-2129-11e1-ae48-6c626d85fadc  
 
Error - 07.12.2011 19:18:33 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm U1103.exe, Version 0.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 4cc    Startzeit: 
01ccb5365bb08003    Endzeit: 16    Anwendungspfad: C:\Users\Johannes\Desktop\U1103.exe    Berichts-ID:
 c5efef55-2129-11e1-ae48-6c626d85fadc  
 
Error - 11.12.2011 17:54:37 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 8.0.1.4341 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 624    Startzeit: 
01ccb796e716a229    Endzeit: 41    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
   
 
Error - 19.12.2011 17:51:40 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 8.0.1.4341 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: e0c    Startzeit: 
01ccbe186f0fda78    Endzeit: 18    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 9e928b07-2a8b-11e1-8dcb-6c626d85fadc  
 
Error - 28.12.2011 09:20:56 | Computer Name = Joe | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000070a02ad000
ID
 des fehlerhaften Prozesses: 0x738  Startzeit der fehlerhaften Anwendung: 0x01ccc563159d8383
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: c5c780a5-3156-11e1-817f-6c626d85fadc
 
Error - 28.12.2011 12:19:56 | Computer Name = Joe | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.51.0.1118, Zeitstempel:
 0x4e5e8e67  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x61746144  ID des fehlerhaften Prozesses:
 0xb50  Startzeit der fehlerhaften Anwendung: 0x01ccc57c842cf7ad  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: c72e6532-316f-11e1-817f-6c626d85fadc
 
[ System Events ]
Error - 27.12.2011 06:18:09 | Computer Name = Joe | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 27.12.2011 06:18:09 | Computer Name = Joe | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 27.12.2011 06:18:09 | Computer Name = Joe | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 27.12.2011 06:18:09 | Computer Name = Joe | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 27.12.2011 06:18:09 | Computer Name = Joe | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 27.12.2011 06:18:09 | Computer Name = Joe | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
 Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 27.12.2011 06:20:13 | Computer Name = Joe | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 27.12.2011 17:58:40 | Computer Name = Joe | Source = DCOM | ID = 10010
Description = 
 
Error - 28.12.2011 08:43:59 | Computer Name = Joe | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 28.12.2011 08:55:49 | Computer Name = Joe | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows-Fehlerberichterstattungsdienst erreicht.
 
 
< End of report >
         
__________________

Alt 29.12.2011, 07:30   #4
Chris4You
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,

Dateien Online überprüfen lassen
  • Suche die Seite Virustotal auf, klicke auf den Button „Durchsuchen“ und suche folgende Datei/Dateien:
Code:
ATTFilter
C:\Users\Johannes\Desktop\U1103.exe
         
  • Lade nun nacheinander jede/alle Datei/Dateien hoch, und warte bis der Scan vorbei ist. (kann bis zu 2 Minuten dauern.)
  • Poste im Anschluss das Ergebnis der Auswertung, alles abkopieren und in einen Beitrag einfügen.
  • Wichtig: Auch die Größenangabe sowie den HASH mit kopieren!

Fix für OTL
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O20 - HKCU Winlogon: Shell - (C:\Users\Johannes\AppData\Local\2bde10f3\X) -C:\Users\Johannes\AppData\Local\2bde10f3\X ()
[2011.12.22 09:23:41 | 000,000,000 | -HSD | C] -- C:\Users\Johannes\AppData\Local\2bde10f3
:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Nach dem Start erscheint ein Fenster, dort dann "Start Scan".
Wenn der Scan fertig ist bitte "Report" anwählen. Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

Superantispyware (SASW):
http://www.trojaner-board.de/51871-a...tispyware.html

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 29.12.2011, 11:20   #5
joebacka
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



VirusTotal:

Code:
ATTFilter
Antivirus 	Version 	Last Update 	Result
AhnLab-V3	2011.12.28.03	2011.12.28	-
AntiVir	7.11.20.64	2011.12.29	-
Antiy-AVL	2.0.3.7	2011.12.29	NetTool/Win32.UltraSurf.gen
Avast	6.0.1289.0	2011.12.28	-
AVG	10.0.0.1190	2011.12.29	-
BitDefender	7.2	2011.12.29	-
ByteHero	1.0.0.1	2011.12.07	-
CAT-QuickHeal	12.00	2011.12.29	NetTool.UltraSurf.ku (Not a Virus)
ClamAV	0.97.3.0	2011.12.29	-
Commtouch	5.3.2.6	2011.12.29	W32/MalCrypt.E.gen!Eldorado
Comodo	11126	2011.12.29	Application.Win32.NetTool.UltraSurf.KU
DrWeb	5.0.2.03300	2011.12.29	-
Emsisoft	5.1.0.11	2011.12.29	-
eSafe	7.0.17.0	2011.12.29	-
eTrust-Vet	37.0.9652	2011.12.29	-
F-Prot	4.6.5.141	2011.12.28	W32/MalCrypt.E.gen!Eldorado
F-Secure	9.0.16440.0	2011.12.29	-
Fortinet	4.3.388.0	2011.12.29	-
GData	22	2011.12.29	-
Ikarus	T3.1.1.109.0	2011.12.29	-
Jiangmin	13.0.900	2011.12.28	-
K7AntiVirus	9.120.5796	2011.12.28	-
Kaspersky	9.0.0.837	2011.12.29	not-a-virus:NetTool.Win32.UltraSurf.ku
McAfee	5.400.0.1158	2011.12.29	-
McAfee-GW-Edition	2010.1E	2011.12.29	-
Microsoft	1.7903	2011.12.29	-
NOD32	6751	2011.12.29	Win32/UltraReach
Norman	6.07.13	2011.12.28	-
nProtect	2011-12-29.01	2011.12.29	-
Panda	10.0.3.5	2011.12.29	Generic Malware
PCTools	8.0.0.5	2011.12.29	-
Prevx	3.0	2011.12.29	-
Rising	23.90.03.02	2011.12.29	Trojan.Win32.Generic.12ACD4D8
Sophos	4.72.0	2011.12.29	-
SUPERAntiSpyware	4.40.0.1006	2011.12.28	-
Symantec	20111.2.0.82	2011.12.29	-
TheHacker	6.7.0.1.367	2011.12.29	-
TrendMicro	9.500.0.1008	2011.12.29	ADW_SCANNER
TrendMicro-HouseCall	9.500.0.1008	2011.12.29	ADW_SCANNER
VIPRE	11319	2011.12.29	Trojan.Win32.Generic!BT
ViRobot	2011.12.29.4853	2011.12.29	-
VirusBuster	14.1.138.0	2011.12.28	HackTool.UltraSurf!icgEMaAh37E
Additional information
MD5   : 0fa5a44db46d695514eb288203ed3f15
SHA1  : 08a234aa86036fcd1a208994b88668ee5ac0b851
SHA256: 0c6b0c57b33d031a0e4937022c1ee1f180692740251e8c8339a5b449219e5bb9
ssdeep: 24576:2htOJF7fjodcrAh2LbBa4QhdvdL6sgMUQhG+oomy0r0DO/:2LO3LjouAh2LbOLdLAqooE
File size : 1249280 bytes
First seen: 2011-11-23 04:31:17
Last seen : 2011-12-29 09:44:49
TrID:
Win32 Dynamic Link Library (generic) (65.4%)
Generic Win/DOS Executable (17.2%)
DOS Executable Generic (17.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
sigcheck:
publisher....: n/a
copyright....: n/a
product......: n/a
description..: n/a
original name: n/a
internal name: n/a
file version.: n/a
comments.....: n/a
signers......: -
signing date.: -
verified.....: Unsigned
PEInfo: PE structure information

[[ basic data ]]
entrypointaddress: 0x691000
timedatestamp....: 0x4ECC7489 (Wed Nov 23 04:20:25 2011)
machinetype......: 0x14c (I386)

[[ 6 section(s) ]]
name, viradd, virsiz, rawdsiz, ntropy, md5
, 0x1000, 0x4CB000, 0x61000, 7.96, dda8d09658e5fbb538a590eb86fc6eca
.rsrc, 0x4CC000, 0xD020, 0x5000, 6.43, 08220ce3b1c2cef59c519706ac685aaf
.idata , 0x4DA000, 0x1000, 0x1000, 0.22, 4383b2c57892fbcd1ce69670ce301e9c
, 0x4DB000, 0xEF000, 0x1000, 0.04, 343714dcf6ce58d153a8389ff7942a39
pemhjtco, 0x5CA000, 0xC7000, 0xC7000, 7.84, 82660e9f89c41e9908dfd5c819eef669
goqgwarp, 0x691000, 0x1000, 0x1000, 0.84, 7bbb0aaf7fd4216935ca76cb1a512d88

[[ 2 import(s) ]]
kernel32.dll: lstrcpy
comctl32.dll: InitCommonControls

[[ 2 export(s) ]]
_EXECryptor_GetHardwareID@0, _EXECryptor_IsAppProtected@0
ExifTool:
file metadata
CodeSize: 348160
EntryPoint: 0x691000
FileSize: 1220 kB
FileType: Win32 EXE
ImageVersion: 0.0
InitializedDataSize: 4734976
LinkerVersion: 6.0
MIMEType: application/octet-stream
MachineType: Intel 386 or later, and compatibles
OSVersion: 4.0
PEType: PE32
Subsystem: Windows GUI
SubsystemVersion: 4.0
TimeStamp: 2011:11:23 05:20:25+01:00
UninitializedDataSize: 0

VT Community

    User:
    Anonymous
    Reputation:
    1 credits
    Comment date:
    2011-11-25 05:13:12 (UTC)
    Tags: Goodware, eldorado, themida, malcrypt

Was this comment helpful? Yes (2) | No (0) | Report abuse

    User:
    Anonymous
    Reputation:
    1 credits
    Comment date:
    2011-11-26 15:16:43 (UTC)
    xylitol reported the previous edition as a malware

    so be carful
    Tags: ultrasurf, nettool, eldorado

Was this comment helpful? Yes (0) | No (4) | Report abuse

    User:
    Anonymous
    Reputation:
    1 credits
    Comment date:
    2011-12-20 21:27:26 (UTC)
    Tags: Malware, ultrasurf, nettool, eldorado

Was this comment helpful? Yes (0) | No (2) | Report abuse

    User:
    Anonymous
    Reputation:
    1 credits
    Comment date:
    2011-12-21 14:39:48 (UTC)
    UltraSurf. Tool to browse the web with a proxy. Goodware.
    Tags: Goodware, ultrasurf, nettool, eldorado

Was this comment helpful? Yes (1) | No (0) | Report abuse

    User:
    Drexter
    Reputation:
    27129 credits
    Comment date:
    2011-12-27 14:38:35 (UTC)
    Goodware

    Ultrasurf is a product of Ultrareach Internet Corporation. Originally created to help
    internet users in China find security and freedom online, Ultrasurf has now become the
    world's most popular pro-privacy, anti-censorship software, with millions of people using
    it to bypass firewalls and protect their identity online.
         
OLT-Fix-Log (Result-Fenster gabs nicht, nach dem automatischen Neustart kam nur die Fix-Log):

Code:
ATTFilter
All processes killed
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell:C:\Users\Johannes\AppData\Local\2bde10f3\X deleted successfully.
File \Users\Johannes\AppData\Local\2bde10f3\X) -C:\Users\Johannes\AppData\Local\2bde10f3\X not found.
C:\Users\Johannes\AppData\Local\2bde10f3\U folder moved successfully.
Folder move failed. C:\Users\Johannes\AppData\Local\2bde10f3 scheduled to be moved on reboot.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Johannes
->Temp folder emptied: 5877111 bytes
->Temporary Internet Files folder emptied: 184336299 bytes
->Java cache emptied: 6407004 bytes
->FireFox cache emptied: 58980912 bytes
->Flash cache emptied: 746 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 4857232 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 895895 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50434 bytes
RecycleBin emptied: 8936800501 bytes
 
Total Files Cleaned = 8.772,00 mb
 
 
OTL by OldTimer - Version 3.2.31.0 log created on 12292011_110152

Files\Folders moved on Reboot...
C:\Users\Johannes\AppData\Local\2bde10f3 folder moved successfully.
C:\Users\Johannes\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         
TDSS-Report:
Code:
ATTFilter
11:13:16.0531 1708	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
11:13:16.0718 1708	============================================================
11:13:16.0718 1708	Current date / time: 2011/12/29 11:13:16.0718
11:13:16.0718 1708	SystemInfo:
11:13:16.0718 1708	
11:13:16.0719 1708	OS Version: 6.1.7601 ServicePack: 1.0
11:13:16.0719 1708	Product type: Workstation
11:13:16.0719 1708	ComputerName: JOE
11:13:16.0719 1708	UserName: Johannes
11:13:16.0719 1708	Windows directory: C:\Windows
11:13:16.0719 1708	System windows directory: C:\Windows
11:13:16.0719 1708	Running under WOW64
11:13:16.0719 1708	Processor architecture: Intel x64
11:13:16.0719 1708	Number of processors: 4
11:13:16.0719 1708	Page size: 0x1000
11:13:16.0719 1708	Boot type: Normal boot
11:13:16.0719 1708	============================================================
11:13:18.0601 1708	Initialize success
11:13:48.0726 3628	============================================================
11:13:48.0726 3628	Scan started
11:13:48.0726 3628	Mode: Manual; 
11:13:48.0726 3628	============================================================
11:13:50.0151 3628	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
11:13:50.0164 3628	1394ohci - ok
11:13:50.0217 3628	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
11:13:50.0220 3628	ACPI - ok
11:13:50.0233 3628	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
11:13:50.0236 3628	AcpiPmi - ok
11:13:50.0399 3628	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
11:13:50.0422 3628	adp94xx - ok
11:13:50.0448 3628	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
11:13:50.0462 3628	adpahci - ok
11:13:50.0485 3628	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
11:13:50.0491 3628	adpu320 - ok
11:13:50.0536 3628	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
11:13:50.0550 3628	AFD - ok
11:13:50.0573 3628	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
11:13:50.0578 3628	agp440 - ok
11:13:50.0611 3628	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
11:13:50.0614 3628	aliide - ok
11:13:50.0699 3628	ALSysIO - ok
11:13:50.0748 3628	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
11:13:50.0752 3628	amdide - ok
11:13:50.0777 3628	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
11:13:50.0781 3628	amdiox64 - ok
11:13:50.0797 3628	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
11:13:50.0802 3628	AmdK8 - ok
11:13:51.0245 3628	amdkmdag        (5b03217859b014b090cb5060c1d96875) C:\Windows\system32\DRIVERS\atikmdag.sys
11:13:51.0369 3628	amdkmdag - ok
11:13:51.0413 3628	amdkmdap        (35d2184a99ad4cd5d17284d6c9f382c9) C:\Windows\system32\DRIVERS\atikmpag.sys
11:13:51.0417 3628	amdkmdap - ok
11:13:51.0452 3628	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
11:13:51.0454 3628	AmdPPM - ok
11:13:51.0512 3628	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
11:13:51.0518 3628	amdsata - ok
11:13:51.0543 3628	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
11:13:51.0557 3628	amdsbs - ok
11:13:51.0571 3628	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
11:13:51.0575 3628	amdxata - ok
11:13:51.0606 3628	Andbus          (48cd7e6520d47d62eab0e6ce3ec30c65) C:\Windows\system32\DRIVERS\lgandbus64.sys
11:13:51.0612 3628	Andbus - ok
11:13:51.0655 3628	AndDiag         (08cbacc00d15dcdbbaae1a7c8f231c61) C:\Windows\system32\DRIVERS\lganddiag64.sys
11:13:51.0679 3628	AndDiag - ok
11:13:51.0697 3628	AndGps          (cea9a4cd6b3a83428ce8501240833668) C:\Windows\system32\DRIVERS\lgandgps64.sys
11:13:51.0704 3628	AndGps - ok
11:13:51.0774 3628	ANDModem        (e2b5663e547fa5e756b253efa8ec8286) C:\Windows\system32\DRIVERS\lgandmodem64.sys
11:13:51.0778 3628	ANDModem - ok
11:13:51.0950 3628	AODDriver4.01   (b6b9f2c57193409c8b692ffaf509d21b) C:\Program Files (x86)\Tuning\AMD Overdrive\amd64\AODDriver2.sys
11:13:51.0989 3628	AODDriver4.01 - ok
11:13:52.0076 3628	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
11:13:52.0103 3628	AppID - ok
11:13:52.0147 3628	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
11:13:52.0153 3628	arc - ok
11:13:52.0167 3628	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
11:13:52.0172 3628	arcsas - ok
11:13:52.0214 3628	asusgsb         (a4398a8914c32f18ec2ab562cba3caaf) C:\Windows\system32\drivers\asusgsb.sys
11:13:52.0217 3628	asusgsb - ok
11:13:52.0246 3628	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
11:13:52.0249 3628	AsyncMac - ok
11:13:52.0279 3628	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
11:13:52.0280 3628	atapi - ok
11:13:52.0362 3628	AtiHDAudioService (dbb487d09f56c674430ac454fd8bcab9) C:\Windows\system32\drivers\AtihdW76.sys
11:13:52.0378 3628	AtiHDAudioService - ok
11:13:52.0381 3628	atillk64 - ok
11:13:52.0416 3628	avgntflt        (aa8f79a1bdfc03b3bc70c44ab00589b4) C:\Windows\system32\DRIVERS\avgntflt.sys
11:13:52.0422 3628	avgntflt - ok
11:13:52.0455 3628	avipbb          (f1c9db5f7b2a56a0b29667d22ba540fc) C:\Windows\system32\DRIVERS\avipbb.sys
11:13:52.0461 3628	avipbb - ok
11:13:52.0500 3628	avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
11:13:52.0504 3628	avkmgr - ok
11:13:52.0530 3628	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
11:13:52.0540 3628	b06bdrv - ok
11:13:52.0574 3628	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
11:13:52.0582 3628	b57nd60a - ok
11:13:52.0593 3628	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
11:13:52.0595 3628	Beep - ok
11:13:52.0631 3628	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
11:13:52.0636 3628	blbdrive - ok
11:13:52.0664 3628	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
11:13:52.0676 3628	bowser - ok
11:13:52.0692 3628	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:13:52.0698 3628	BrFiltLo - ok
11:13:52.0720 3628	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:13:52.0730 3628	BrFiltUp - ok
11:13:52.0756 3628	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
11:13:52.0765 3628	Brserid - ok
11:13:52.0784 3628	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
11:13:52.0789 3628	BrSerWdm - ok
11:13:52.0803 3628	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
11:13:52.0805 3628	BrUsbMdm - ok
11:13:52.0812 3628	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
11:13:52.0815 3628	BrUsbSer - ok
11:13:52.0836 3628	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
11:13:52.0841 3628	BTHMODEM - ok
11:13:52.0866 3628	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
11:13:52.0871 3628	cdfs - ok
11:13:52.0897 3628	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
11:13:52.0904 3628	cdrom - ok
11:13:52.0930 3628	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
11:13:52.0935 3628	circlass - ok
11:13:52.0962 3628	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
11:13:52.0966 3628	CLFS - ok
11:13:53.0006 3628	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
11:13:53.0009 3628	CmBatt - ok
11:13:53.0037 3628	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
11:13:53.0043 3628	cmdide - ok
11:13:53.0079 3628	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
11:13:53.0104 3628	CNG - ok
11:13:53.0123 3628	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
11:13:53.0130 3628	Compbatt - ok
11:13:53.0145 3628	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
11:13:53.0149 3628	CompositeBus - ok
11:13:53.0233 3628	cpuz134         (17719a7f571d4cd08223f0b30f71b8b8) C:\Windows\system32\drivers\cpuz134_x64.sys
11:13:53.0257 3628	cpuz134 - ok
11:13:53.0285 3628	cpuz135 - ok
11:13:53.0306 3628	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
11:13:53.0315 3628	crcdisk - ok
11:13:53.0357 3628	CSC             (54da3dfd29ed9f1619b6f53f3ce55e49) C:\Windows\system32\drivers\csc.sys
11:13:53.0368 3628	CSC - ok
11:13:53.0410 3628	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
11:13:53.0416 3628	DfsC - ok
11:13:53.0437 3628	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
11:13:53.0441 3628	discache - ok
11:13:53.0464 3628	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
11:13:53.0476 3628	Disk - ok
11:13:53.0528 3628	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
11:13:53.0539 3628	drmkaud - ok
11:13:53.0576 3628	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
11:13:53.0589 3628	DXGKrnl - ok
11:13:53.0692 3628	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
11:13:53.0726 3628	ebdrv - ok
11:13:53.0735 3628	EIO64 - ok
11:13:53.0773 3628	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
11:13:53.0781 3628	elxstor - ok
11:13:53.0805 3628	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
11:13:53.0808 3628	ErrDev - ok
11:13:53.0835 3628	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
11:13:53.0840 3628	exfat - ok
11:13:53.0858 3628	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
11:13:53.0871 3628	fastfat - ok
11:13:53.0912 3628	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
11:13:53.0919 3628	fdc - ok
11:13:53.0946 3628	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
11:13:53.0963 3628	FileInfo - ok
11:13:53.0977 3628	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
11:13:53.0985 3628	Filetrace - ok
11:13:54.0005 3628	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
11:13:54.0008 3628	flpydisk - ok
11:13:54.0050 3628	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
11:13:54.0060 3628	FltMgr - ok
11:13:54.0082 3628	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
11:13:54.0087 3628	FsDepends - ok
11:13:54.0101 3628	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
11:13:54.0105 3628	Fs_Rec - ok
11:13:54.0153 3628	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
11:13:54.0202 3628	fvevol - ok
11:13:54.0222 3628	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
11:13:54.0228 3628	gagp30kx - ok
11:13:54.0244 3628	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
11:13:54.0249 3628	hcw85cir - ok
11:13:54.0292 3628	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
11:13:54.0315 3628	HdAudAddService - ok
11:13:54.0355 3628	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
11:13:54.0356 3628	HDAudBus - ok
11:13:54.0371 3628	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
11:13:54.0379 3628	HidBatt - ok
11:13:54.0400 3628	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
11:13:54.0405 3628	HidBth - ok
11:13:54.0427 3628	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
11:13:54.0431 3628	HidIr - ok
11:13:54.0452 3628	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys
11:13:54.0455 3628	HidUsb - ok
11:13:54.0480 3628	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
11:13:54.0485 3628	HpSAMD - ok
11:13:54.0544 3628	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
11:13:54.0559 3628	HTTP - ok
11:13:54.0586 3628	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
11:13:54.0597 3628	hwpolicy - ok
11:13:54.0625 3628	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
11:13:54.0633 3628	i8042prt - ok
11:13:54.0670 3628	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
11:13:54.0677 3628	iaStorV - ok
11:13:54.0711 3628	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
11:13:54.0720 3628	iirsp - ok
11:13:54.0896 3628	IntcAzAudAddService (a0c2c3d4c03c4fb896cfc53873784178) C:\Windows\system32\drivers\RTKVHD64.sys
11:13:54.0914 3628	IntcAzAudAddService - ok
11:13:54.0966 3628	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
11:13:54.0993 3628	intelide - ok
11:13:55.0020 3628	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
11:13:55.0025 3628	intelppm - ok
11:13:55.0056 3628	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:13:55.0072 3628	IpFilterDriver - ok
11:13:55.0110 3628	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
11:13:55.0115 3628	IPMIDRV - ok
11:13:55.0128 3628	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
11:13:55.0133 3628	IPNAT - ok
11:13:55.0159 3628	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
11:13:55.0162 3628	IRENUM - ok
11:13:55.0186 3628	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
11:13:55.0190 3628	isapnp - ok
11:13:55.0203 3628	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
11:13:55.0210 3628	iScsiPrt - ok
11:13:55.0239 3628	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
11:13:55.0243 3628	kbdclass - ok
11:13:55.0266 3628	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys
11:13:55.0269 3628	kbdhid - ok
11:13:55.0314 3628	KoneFltr        (b6d6f12c214de823fa22709f7bd0eb0b) C:\Windows\system32\drivers\Kone.sys
11:13:55.0320 3628	KoneFltr - ok
11:13:55.0343 3628	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
11:13:55.0349 3628	KSecDD - ok
11:13:55.0372 3628	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
11:13:55.0379 3628	KSecPkg - ok
11:13:55.0392 3628	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
11:13:55.0396 3628	ksthunk - ok
11:13:55.0422 3628	LgBttPort - ok
11:13:55.0430 3628	lgbusenum - ok
11:13:55.0438 3628	LGVMODEM - ok
11:13:55.0477 3628	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
11:13:55.0482 3628	lltdio - ok
11:13:55.0513 3628	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
11:13:55.0519 3628	LSI_FC - ok
11:13:55.0532 3628	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
11:13:55.0538 3628	LSI_SAS - ok
11:13:55.0563 3628	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:13:55.0568 3628	LSI_SAS2 - ok
11:13:55.0582 3628	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:13:55.0588 3628	LSI_SCSI - ok
11:13:55.0611 3628	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
11:13:55.0617 3628	luafv - ok
11:13:55.0629 3628	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
11:13:55.0634 3628	megasas - ok
11:13:55.0654 3628	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
11:13:55.0662 3628	MegaSR - ok
11:13:55.0757 3628	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
11:13:55.0770 3628	Modem - ok
11:13:55.0805 3628	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
11:13:55.0806 3628	monitor - ok
11:13:55.0841 3628	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
11:13:55.0846 3628	mouclass - ok
11:13:55.0874 3628	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
11:13:55.0877 3628	mouhid - ok
11:13:55.0910 3628	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
11:13:55.0914 3628	mountmgr - ok
11:13:55.0929 3628	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
11:13:55.0947 3628	mpio - ok
11:13:55.0963 3628	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
11:13:55.0973 3628	mpsdrv - ok
11:13:56.0002 3628	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
11:13:56.0030 3628	MRxDAV - ok
11:13:56.0061 3628	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
11:13:56.0067 3628	mrxsmb - ok
11:13:56.0109 3628	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:13:56.0133 3628	mrxsmb10 - ok
11:13:56.0150 3628	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:13:56.0155 3628	mrxsmb20 - ok
11:13:56.0192 3628	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
11:13:56.0196 3628	msahci - ok
11:13:56.0240 3628	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
11:13:56.0261 3628	msdsm - ok
11:13:56.0298 3628	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
11:13:56.0301 3628	Msfs - ok
11:13:56.0317 3628	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
11:13:56.0320 3628	mshidkmdf - ok
11:13:56.0350 3628	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
11:13:56.0354 3628	msisadrv - ok
11:13:56.0395 3628	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
11:13:56.0398 3628	MSKSSRV - ok
11:13:56.0416 3628	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
11:13:56.0418 3628	MSPCLOCK - ok
11:13:56.0434 3628	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
11:13:56.0437 3628	MSPQM - ok
11:13:56.0484 3628	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
11:13:56.0513 3628	MsRPC - ok
11:13:56.0536 3628	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
11:13:56.0536 3628	mssmbios - ok
11:13:56.0543 3628	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
11:13:56.0546 3628	MSTEE - ok
11:13:56.0560 3628	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
11:13:56.0564 3628	MTConfig - ok
11:13:56.0598 3628	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
11:13:56.0604 3628	Mup - ok
11:13:56.0667 3628	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
11:13:56.0686 3628	NativeWifiP - ok
11:13:56.0784 3628	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
11:13:56.0802 3628	NDIS - ok
11:13:56.0819 3628	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
11:13:56.0823 3628	NdisCap - ok
11:13:56.0839 3628	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
11:13:56.0842 3628	NdisTapi - ok
11:13:56.0871 3628	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
11:13:56.0890 3628	Ndisuio - ok
11:13:56.0918 3628	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
11:13:56.0926 3628	NdisWan - ok
11:13:56.0956 3628	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
11:13:56.0961 3628	NDProxy - ok
11:13:56.0980 3628	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
11:13:56.0984 3628	NetBIOS - ok
11:13:57.0016 3628	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
11:13:57.0025 3628	NetBT - ok
11:13:57.0065 3628	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
11:13:57.0070 3628	nfrd960 - ok
11:13:57.0091 3628	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
11:13:57.0095 3628	Npfs - ok
11:13:57.0111 3628	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
11:13:57.0115 3628	nsiproxy - ok
11:13:57.0236 3628	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
11:13:57.0264 3628	Ntfs - ok
11:13:57.0277 3628	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
11:13:57.0280 3628	Null - ok
11:13:57.0308 3628	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
11:13:57.0315 3628	nvraid - ok
11:13:57.0334 3628	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
11:13:57.0341 3628	nvstor - ok
11:13:57.0387 3628	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
11:13:57.0401 3628	nv_agp - ok
11:13:57.0439 3628	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
11:13:57.0465 3628	ohci1394 - ok
11:13:57.0513 3628	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
11:13:57.0518 3628	Parport - ok
11:13:57.0542 3628	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
11:13:57.0569 3628	partmgr - ok
11:13:57.0616 3628	pccsmcfd - ok
11:13:57.0656 3628	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
11:13:57.0673 3628	pci - ok
11:13:57.0711 3628	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
11:13:57.0715 3628	pciide - ok
11:13:57.0731 3628	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
11:13:57.0749 3628	pcmcia - ok
11:13:57.0762 3628	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
11:13:57.0767 3628	pcw - ok
11:13:57.0786 3628	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
11:13:57.0802 3628	PEAUTH - ok
11:13:57.0854 3628	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
11:13:57.0859 3628	PptpMiniport - ok
11:13:57.0886 3628	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
11:13:57.0891 3628	Processor - ok
11:13:57.0933 3628	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
11:13:57.0936 3628	Psched - ok
11:13:57.0998 3628	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
11:13:58.0029 3628	ql2300 - ok
11:13:58.0056 3628	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
11:13:58.0081 3628	ql40xx - ok
11:13:58.0123 3628	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
11:13:58.0133 3628	QWAVEdrv - ok
11:13:58.0156 3628	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
11:13:58.0158 3628	RasAcd - ok
11:13:58.0193 3628	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
11:13:58.0198 3628	RasAgileVpn - ok
11:13:58.0238 3628	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
11:13:58.0258 3628	Rasl2tp - ok
11:13:58.0282 3628	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
11:13:58.0288 3628	RasPppoe - ok
11:13:58.0297 3628	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
11:13:58.0302 3628	RasSstp - ok
11:13:58.0335 3628	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
11:13:58.0345 3628	rdbss - ok
11:13:58.0365 3628	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
11:13:58.0369 3628	rdpbus - ok
11:13:58.0382 3628	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
11:13:58.0384 3628	RDPCDD - ok
11:13:58.0440 3628	RDPDR           (1b6163c503398b23ff8b939c67747683) C:\Windows\system32\drivers\rdpdr.sys
11:13:58.0457 3628	RDPDR - ok
11:13:58.0494 3628	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
11:13:58.0497 3628	RDPENCDD - ok
11:13:58.0512 3628	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
11:13:58.0515 3628	RDPREFMP - ok
11:13:58.0551 3628	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
11:13:58.0558 3628	RDPWD - ok
11:13:58.0583 3628	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
11:13:58.0592 3628	rdyboost - ok
11:13:58.0630 3628	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
11:13:58.0635 3628	rspndr - ok
11:13:58.0716 3628	RTL8167         (ee082e06a82ff630351d1e0ebbd3d8d0) C:\Windows\system32\DRIVERS\Rt64win7.sys
11:13:58.0735 3628	RTL8167 - ok
11:13:58.0783 3628	s3cap           (e60c0a09f997826c7627b244195ab581) C:\Windows\system32\drivers\vms3cap.sys
11:13:58.0801 3628	s3cap - ok
11:13:58.0829 3628	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
11:13:58.0834 3628	sbp2port - ok
11:13:58.0881 3628	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
11:13:58.0884 3628	scfilter - ok
11:13:58.0904 3628	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
11:13:58.0912 3628	secdrv - ok
11:13:58.0938 3628	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
11:13:58.0941 3628	Serenum - ok
11:13:58.0954 3628	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
11:13:58.0960 3628	Serial - ok
11:13:58.0986 3628	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
11:13:58.0989 3628	sermouse - ok
11:13:59.0019 3628	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
11:13:59.0022 3628	sffdisk - ok
11:13:59.0042 3628	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
11:13:59.0045 3628	sffp_mmc - ok
11:13:59.0062 3628	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
11:13:59.0065 3628	sffp_sd - ok
11:13:59.0071 3628	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
11:13:59.0074 3628	sfloppy - ok
11:13:59.0110 3628	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:13:59.0115 3628	SiSRaid2 - ok
11:13:59.0134 3628	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
11:13:59.0139 3628	SiSRaid4 - ok
11:13:59.0184 3628	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
11:13:59.0189 3628	Smb - ok
11:13:59.0208 3628	speedfan - ok
11:13:59.0234 3628	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
11:13:59.0238 3628	spldr - ok
11:13:59.0287 3628	sptd            (602884696850c86434530790b110e8eb) C:\Windows\system32\Drivers\sptd.sys
11:13:59.0287 3628	Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850c86434530790b110e8eb
11:13:59.0289 3628	sptd ( LockedFile.Multi.Generic ) - warning
11:13:59.0289 3628	sptd - detected LockedFile.Multi.Generic (1)
11:13:59.0322 3628	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
11:13:59.0330 3628	srv - ok
11:13:59.0343 3628	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
11:13:59.0353 3628	srv2 - ok
11:13:59.0360 3628	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
11:13:59.0366 3628	srvnet - ok
11:13:59.0403 3628	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
11:13:59.0407 3628	stexstor - ok
11:13:59.0436 3628	storflt         (7785dc213270d2fc066538daf94087e7) C:\Windows\system32\drivers\vmstorfl.sys
11:13:59.0440 3628	storflt - ok
11:13:59.0464 3628	storvsc         (d34e4943d5ac096c8edeebfd80d76e23) C:\Windows\system32\drivers\storvsc.sys
11:13:59.0474 3628	storvsc - ok
11:13:59.0499 3628	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
11:13:59.0507 3628	swenum - ok
11:13:59.0698 3628	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
11:13:59.0732 3628	Tcpip - ok
11:13:59.0760 3628	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
11:13:59.0767 3628	TCPIP6 - ok
11:13:59.0789 3628	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
11:13:59.0793 3628	tcpipreg - ok
11:13:59.0811 3628	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
11:13:59.0814 3628	TDPIPE - ok
11:13:59.0832 3628	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
11:13:59.0835 3628	TDTCP - ok
11:13:59.0863 3628	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
11:13:59.0868 3628	tdx - ok
11:13:59.0893 3628	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
11:13:59.0896 3628	TermDD - ok
11:13:59.0975 3628	TFsExDisk       (48d9d00c2e0e72c3d4f52772c80355f6) C:\Windows\System32\Drivers\TFsExDisk.sys
11:13:59.0978 3628	TFsExDisk - ok
11:14:00.0004 3628	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
11:14:00.0007 3628	tssecsrv - ok
11:14:00.0058 3628	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
11:14:00.0062 3628	TsUsbFlt - ok
11:14:00.0107 3628	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
11:14:00.0112 3628	tunnel - ok
11:14:00.0195 3628	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
11:14:00.0244 3628	uagp35 - ok
11:14:00.0287 3628	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
11:14:00.0306 3628	udfs - ok
11:14:00.0371 3628	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
11:14:00.0376 3628	uliagpkx - ok
11:14:00.0417 3628	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
11:14:00.0422 3628	umbus - ok
11:14:00.0444 3628	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
11:14:00.0448 3628	UmPass - ok
11:14:00.0501 3628	usbbus          (c85b8247fadd432fa54fe11667c8d97d) C:\Windows\system32\DRIVERS\lgx64bus.sys
11:14:00.0554 3628	usbbus - ok
11:14:00.0591 3628	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
11:14:00.0596 3628	usbccgp - ok
11:14:00.0638 3628	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
11:14:00.0644 3628	usbcir - ok
11:14:00.0678 3628	UsbDiag         (d8cdc12f5429878f23ddb3785a0fdf95) C:\Windows\system32\DRIVERS\lgx64diag.sys
11:14:00.0681 3628	UsbDiag - ok
11:14:00.0709 3628	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
11:14:00.0713 3628	usbehci - ok
11:14:00.0731 3628	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
11:14:00.0739 3628	usbhub - ok
11:14:00.0754 3628	USBModem        (79fa7a22b0f6f0082f640cbc82a00fce) C:\Windows\system32\DRIVERS\lgx64modem.sys
11:14:00.0757 3628	USBModem - ok
11:14:00.0776 3628	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
11:14:00.0779 3628	usbohci - ok
11:14:00.0796 3628	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
11:14:00.0803 3628	usbprint - ok
11:14:00.0846 3628	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
11:14:00.0855 3628	usbscan - ok
11:14:00.0884 3628	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:14:00.0897 3628	USBSTOR - ok
11:14:00.0921 3628	usbuhci         (81fb2216d3a60d1284455d511797db3d) C:\Windows\system32\DRIVERS\usbuhci.sys
11:14:00.0924 3628	usbuhci - ok
11:14:00.0944 3628	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
11:14:00.0949 3628	vdrvroot - ok
11:14:00.0981 3628	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
11:14:00.0984 3628	vga - ok
11:14:01.0002 3628	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
11:14:01.0005 3628	VgaSave - ok
11:14:01.0038 3628	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
11:14:01.0059 3628	vhdmp - ok
11:14:01.0076 3628	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
11:14:01.0085 3628	viaide - ok
11:14:01.0117 3628	vmbus           (86ea3e79ae350fea5331a1303054005f) C:\Windows\system32\drivers\vmbus.sys
11:14:01.0136 3628	vmbus - ok
11:14:01.0161 3628	VMBusHID        (7de90b48f210d29649380545db45a187) C:\Windows\system32\drivers\VMBusHID.sys
11:14:01.0168 3628	VMBusHID - ok
11:14:01.0205 3628	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
11:14:01.0232 3628	volmgr - ok
11:14:01.0279 3628	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
11:14:01.0316 3628	volmgrx - ok
11:14:01.0340 3628	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
11:14:01.0351 3628	volsnap - ok
11:14:01.0371 3628	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
11:14:01.0377 3628	vsmraid - ok
11:14:01.0399 3628	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys
11:14:01.0403 3628	vwifibus - ok
11:14:01.0435 3628	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
11:14:01.0479 3628	WacomPen - ok
11:14:01.0520 3628	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:14:01.0525 3628	WANARP - ok
11:14:01.0529 3628	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
11:14:01.0530 3628	Wanarpv6 - ok
11:14:01.0548 3628	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
11:14:01.0552 3628	Wd - ok
11:14:01.0576 3628	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
11:14:01.0637 3628	Wdf01000 - ok
11:14:01.0692 3628	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
11:14:01.0694 3628	WfpLwf - ok
11:14:01.0719 3628	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
11:14:01.0723 3628	WIMMount - ok
11:14:01.0805 3628	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
11:14:01.0837 3628	WinUsb - ok
11:14:01.0878 3628	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
11:14:01.0881 3628	WmiAcpi - ok
11:14:01.0906 3628	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
11:14:01.0910 3628	ws2ifsl - ok
11:14:01.0969 3628	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
11:14:01.0981 3628	WudfPf - ok
11:14:02.0037 3628	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
11:14:02.0052 3628	WUDFRd - ok
11:14:02.0121 3628	xnacc           (4a5ce13408945e525503b5f73d29b9c5) C:\Windows\system32\DRIVERS\xnacc.sys
11:14:02.0141 3628	xnacc - ok
11:14:02.0170 3628	xusb21          (2ee48cfce7ca8e0db4c44c7476c0943b) C:\Windows\system32\DRIVERS\xusb21.sys
11:14:02.0175 3628	xusb21 - ok
11:14:02.0194 3628	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
11:14:02.0256 3628	\Device\Harddisk1\DR1 - ok
11:14:02.0273 3628	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
11:14:02.0278 3628	\Device\Harddisk0\DR0 - ok
11:14:02.0288 3628	Boot (0x1200)   (23f67fea6f7a949bb1701eb5ac0cc823) \Device\Harddisk1\DR1\Partition0
11:14:02.0289 3628	\Device\Harddisk1\DR1\Partition0 - ok
11:14:02.0316 3628	Boot (0x1200)   (1483c8c0ee12b6b6ea2ab41eeedf5d4c) \Device\Harddisk1\DR1\Partition1
11:14:02.0356 3628	\Device\Harddisk1\DR1\Partition1 - ok
11:14:02.0364 3628	Boot (0x1200)   (b8914d1491fa4696f9755e5ef4dfdc7c) \Device\Harddisk0\DR0\Partition0
11:14:02.0367 3628	\Device\Harddisk0\DR0\Partition0 - ok
11:14:02.0368 3628	============================================================
11:14:02.0368 3628	Scan finished
11:14:02.0368 3628	============================================================
11:14:02.0379 1840	Detected object count: 1
11:14:02.0380 1840	Actual detected object count: 1
11:15:07.0726 1840	sptd ( LockedFile.Multi.Generic ) - skipped by user
11:15:07.0726 1840	sptd ( LockedFile.Multi.Generic ) - User select action: Skip
         
Könntest du deinen letzten Punkt (Superantispyware (SASW)) noch etwas erläutern? Soll ich die Anweisungen des Links befolgen?


Alt 29.12.2011, 11:36   #6
Chris4You
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,

ja... die bei Virustotal.com gescannte Datgei löschen...

chris
__________________
--> tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen

Alt 29.12.2011, 13:40   #7
joebacka
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Habe UltraSurf gelöscht. Ist das im Allgemeinen potentiell gefährlich oder lag es nur an der Herkunft der .exe?

SASW-Log:
Code:
ATTFilter
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 12/29/2011 at 01:27 PM

Application Version : 5.0.1142

Core Rules Database Version : 8089
Trace Rules Database Version: 5901

Scan type       : Complete Scan
Total Scan Time : 02:00:02

Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 675
Memory threats detected   : 0
Registry items scanned    : 71044
Registry threats detected : 0
File items scanned        : 188985
File threats detected     : 224

Adware.Tracking Cookie
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\CUGQ7QBI.txt [ /ad.adnet.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\G6PZZ6JB.txt [ /bizzclick.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\SBO0T9FO.txt [ /findesop.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\6UYW2FT2.txt [ /ads.gamersmedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\B0VWSXZU.txt [ /tracking.mindshare.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\RHX08C7C.txt [ /adultfriendfinder.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\DF2W5XV9.txt [ /ru4.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\PEJUPBWV.txt [ /advertise.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\9GU9P101.txt [ /tacoda.at.atwola.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\4E6JH71P.txt [ /ad1.adfarm1.adition.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\65TROBVA.txt [ /content.yieldmanager.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\NEUJKXBS.txt [ /ad.adc-serv.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\LWCB81X1.txt [ /ads.pixfuture.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\JYBLZE0I.txt [ /media6degrees.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\AXN91MCF.txt [ /tracking.mlsat02.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\I2M2LGKK.txt [ /ad3.adfarm1.adition.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\WVAV14ES.txt [ /at.atwola.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\OLBHPF99.txt [ /adserver.eclickz.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\4Y0GQXM4.txt [ /adxpose.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\3JHKWKUZ.txt [ /guj.122.2o7.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\HCPH6ABC.txt [ /ads.ad4game.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\S2BG0818.txt [ /interclick.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\ZSEBF10I.txt [ /myroitracking.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\P28D4K2Q.txt [ /ads.pubmatic.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\KML2CY69.txt [ /www.etracker.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\8JZ2OZNM.txt [ /findedclik.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\ZWMC3DQK.txt [ /casalemedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\ZZOQG6QU.txt [ /tracking.quisma.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\THEETCXT.txt [ /ads.creative-serving.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\4DBF7GK8.txt [ /ad.360yield.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\9170WV6I.txt [ /ad.ad-srv.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\RXCYS5OF.txt [ /overture.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\0PU1DE9G.txt [ /adtech.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\EGKX03NH.txt [ /adbrite.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\ANTBMDHQ.txt [ /ads.adk2.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\U8LGI4TL.txt [ /mediaplex.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\20VI7K28.txt [ /webmasterplan.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\2HQJ65W8.txt [ /es.pornhub.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\1ROFF9UH.txt [ /www.usenext.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\I7MYCDRY.txt [ /trafficno.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\R1XB474P.txt [ /ox-d.enveromedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\HMLEGB4L.txt [ /zanox.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\QIKIOBAG.txt [ /fastclick.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\RC1J6MAW.txt [ /ads.247activemedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\VVCJM3AG.txt [ /cpcadnet.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\IBE617V4.txt [ /traffictrack.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\DPYY6OS0.txt [ /tmtraffic.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\25USSAOX.txt [ /findsimle.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\A6QR9A0Z.txt [ /ad.adition.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\BRA7FPK0.txt [ /questionmarket.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\YR08GZKJ.txt [ /ad4.adfarm1.adition.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\4G3L16TB.txt [ /my.enveromedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\IUC0OM8Z.txt [ /tradedoubler.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\2HS7E05I.txt [ /ad2.adfarm1.adition.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\3TDQGW05.txt [ /sysufind.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\DHO4M4E3.txt [ /unitymedia.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\X3Z1SVPE.txt [ /adsrv1.admediate.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\BJI2B09G.txt [ /mediatraffic.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\5UX363EN.txt [ /adfarm1.adition.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\WMM0N3QH.txt [ /www.traffective-tracking.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\8RHDO4I7.txt [ /ad.zanox.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\QU0K4328.txt [ /pro-market.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\N5GO8TI2.txt [ /dephfind.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\SZAW9SCV.txt [ /adform.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\SB61XBFD.txt [ /trafficengine.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\2TS9REXX.txt [ /linksynergy.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\O49U62IO.txt [ /eas.apm.emediate.eu ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\5Q01B890.txt [ /fidelity.rotator.hadj7.adjuggler.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\W0O7JGF9.txt [ /track.effiliation.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\OUSZBFUA.txt [ /server.cpmstar.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\FW77U9UI.txt [ /www.cpcadnet.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\F0WL2BOE.txt [ /ads.weboost.it ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\12N9VINH.txt [ /atdmt.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\G3KAPO18.txt [ /revsci.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\Q98QDGAR.txt [ /serving-sys.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\JKA1BROV.txt [ /aim4media.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\ESFU1GB4.txt [ /track.adform.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\DJHS1PGM.txt [ /ww251.smartadserver.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\H6YD78VE.txt [ /yieldmanager.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\KKYWJ5AV.txt [ /collective-media.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\XANY65VK.txt [ /doubleclick.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\3QTFFVTW.txt [ /specificclick.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\3ULSX9QT.txt [ /ad.yieldmanager.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\G1Y82H1R.txt [ /mellfind.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\L4FE4C1I.txt [ /lokyfind.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\XVZU7NJA.txt [ /filescanner.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\QQYSNANX.txt [ /vidasco.rotator.hadj7.adjuggler.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\1DX9NOG6.txt [ /accounts.google.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\CCXSUN5N.txt [ /xm.xtendmedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\PRK139BS.txt [ /accounts.google.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\MTT5HTS6.txt [ /harrenmedianetwork.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\UUUCYPV5.txt [ /track.effiliation.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\LT60WBAZ.txt [ /ads.cnn.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\4PTMKGH4.txt [ /mifind.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\F6N0UX24.txt [ /smartadserver.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\00VVE8TI.txt [ /advertising.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\FBYOKLLQ.txt [ /invitemedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\A424283N.txt [ /zieltrack.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\Y54VD4PA.txt [ /apmebf.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\2GD8DZCP.txt [ /xml.trafficengine.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\9W1SZ1JJ.txt [ /realmedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\6I28UOQF.txt [ /imrworldwide.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\GGMMY4G8.txt [ /ad.jokeroo.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\G28L4EH4.txt [ /clicksor.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\5YF26MS1.txt [ /intfind.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\CQG4T5UT.txt [ /r1-ads.ace.advertising.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\8WGKGYXJ.txt [ /clickfuse.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\KO6U0KKT.txt [ /ads.lzjl.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\FTAGFFSQ.txt [ /bizrate.co.uk ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\826JX6T9.txt [ /openx1.overadmedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\W764HUIM.txt [ /statcounter.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\9UIW105V.txt [ /pornhub.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\4NZL9VR0.txt [ /clicks.thespecialsearch.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\O43XOSV8.txt [ /friendfinder.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\89D8EEKC.txt [ /klpfind.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\VEV7ARLX.txt [ /realyfinded.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\BLDQPEMV.txt [ /ads2.zeusclicks.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\49X4EPP2.txt [ /www.pornhub.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\DJ6E3831.txt [ /content.yieldmanager.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\1POAS9Z5.txt [ /gostats.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\PQ3L7OFO.txt [ /ads.crakmedia.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\D4ZL59JY.txt [ /bs.serving-sys.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\DQFBEI03.txt [ /adjuggler.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\WEQK1Y6Y.txt [ /zanox-affiliate.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\294HPVUY.txt [ /mm.chitika.net ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\54U4BTTI.txt [ /ads.cpxcenter.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\8NIGNZS1.txt [ /im.banner.t-online.de ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\D2484VS5.txt [ /tribalfusion.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\P1UXY3V6.txt [ /it.pornhub.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\YCOHKLDI.txt [ /beta-ads.ace.advertising.com ]
	C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Cookies\K297DI4I.txt [ /adserver2.eclickz.com ]
	C:\USERS\JOHANNES\AppData\Roaming\Microsoft\Windows\Cookies\03816VDE.txt [ Cookie:johannes@www.videobash.com/toplist/ ]
	C:\USERS\JOHANNES\AppData\Roaming\Microsoft\Windows\Cookies\NIR32IEL.txt [ Cookie:johannes@google.com/accounts/ ]
	C:\USERS\JOHANNES\AppData\Roaming\Microsoft\Windows\Cookies\725X5UPN.txt [ Cookie:johannes@google.com/accounts/recovery/ ]
	C:\USERS\JOHANNES\Cookies\CUGQ7QBI.txt [ Cookie:johannes@ad.adnet.de/ ]
	C:\USERS\JOHANNES\Cookies\G6PZZ6JB.txt [ Cookie:johannes@bizzclick.com/ ]
	C:\USERS\JOHANNES\Cookies\6UYW2FT2.txt [ Cookie:johannes@ads.gamersmedia.com/ ]
	C:\USERS\JOHANNES\Cookies\B0VWSXZU.txt [ Cookie:johannes@tracking.mindshare.de/ ]
	C:\USERS\JOHANNES\Cookies\RHX08C7C.txt [ Cookie:johannes@adultfriendfinder.com/ ]
	C:\USERS\JOHANNES\Cookies\DF2W5XV9.txt [ Cookie:johannes@ru4.com/ ]
	C:\USERS\JOHANNES\Cookies\PEJUPBWV.txt [ Cookie:johannes@advertise.com/ ]
	C:\USERS\JOHANNES\Cookies\03816VDE.txt [ Cookie:johannes@www.videobash.com/toplist/ ]
	C:\USERS\JOHANNES\Cookies\65TROBVA.txt [ Cookie:johannes@content.yieldmanager.com/ak/ ]
	C:\USERS\JOHANNES\Cookies\JYBLZE0I.txt [ Cookie:johannes@media6degrees.com/ ]
	C:\USERS\JOHANNES\Cookies\WVAV14ES.txt [ Cookie:johannes@at.atwola.com/ ]
	C:\USERS\JOHANNES\Cookies\OLBHPF99.txt [ Cookie:johannes@adserver.eclickz.com/ ]
	C:\USERS\JOHANNES\Cookies\3JHKWKUZ.txt [ Cookie:johannes@guj.122.2o7.net/ ]
	C:\USERS\JOHANNES\Cookies\S2BG0818.txt [ Cookie:johannes@interclick.com/ ]
	C:\USERS\JOHANNES\Cookies\ZSEBF10I.txt [ Cookie:johannes@myroitracking.com/ ]
	C:\USERS\JOHANNES\Cookies\8JZ2OZNM.txt [ Cookie:johannes@findedclik.com/ ]
	C:\USERS\JOHANNES\Cookies\ZWMC3DQK.txt [ Cookie:johannes@casalemedia.com/ ]
	C:\USERS\JOHANNES\Cookies\RXCYS5OF.txt [ Cookie:johannes@overture.com/ ]
	C:\USERS\JOHANNES\Cookies\0PU1DE9G.txt [ Cookie:johannes@adtech.de/ ]
	C:\USERS\JOHANNES\Cookies\EGKX03NH.txt [ Cookie:johannes@adbrite.com/ ]
	C:\USERS\JOHANNES\Cookies\NIR32IEL.txt [ Cookie:johannes@google.com/accounts/ ]
	C:\USERS\JOHANNES\Cookies\U8LGI4TL.txt [ Cookie:johannes@mediaplex.com/ ]
	C:\USERS\JOHANNES\Cookies\20VI7K28.txt [ Cookie:johannes@webmasterplan.com/ ]
	C:\USERS\JOHANNES\Cookies\1ROFF9UH.txt [ Cookie:johannes@www.usenext.de/ ]
	C:\USERS\JOHANNES\Cookies\HMLEGB4L.txt [ Cookie:johannes@zanox.com/ ]
	C:\USERS\JOHANNES\Cookies\VVCJM3AG.txt [ Cookie:johannes@cpcadnet.com/ ]
	C:\USERS\JOHANNES\Cookies\IBE617V4.txt [ Cookie:johannes@traffictrack.de/ ]
	C:\USERS\JOHANNES\Cookies\DPYY6OS0.txt [ Cookie:johannes@tmtraffic.com/ ]
	C:\USERS\JOHANNES\Cookies\25USSAOX.txt [ Cookie:johannes@findsimle.com/ ]
	C:\USERS\JOHANNES\Cookies\4G3L16TB.txt [ Cookie:johannes@my.enveromedia.com/ ]
	C:\USERS\JOHANNES\Cookies\IUC0OM8Z.txt [ Cookie:johannes@tradedoubler.com/ ]
	C:\USERS\JOHANNES\Cookies\2HS7E05I.txt [ Cookie:johannes@ad2.adfarm1.adition.com/ ]
	C:\USERS\JOHANNES\Cookies\DHO4M4E3.txt [ Cookie:johannes@unitymedia.de/ ]
	C:\USERS\JOHANNES\Cookies\X3Z1SVPE.txt [ Cookie:johannes@adsrv1.admediate.com/ ]
	C:\USERS\JOHANNES\Cookies\5UX363EN.txt [ Cookie:johannes@adfarm1.adition.com/ ]
	C:\USERS\JOHANNES\Cookies\8RHDO4I7.txt [ Cookie:johannes@ad.zanox.com/ ]
	C:\USERS\JOHANNES\Cookies\QU0K4328.txt [ Cookie:johannes@pro-market.net/ ]
	C:\USERS\JOHANNES\Cookies\N5GO8TI2.txt [ Cookie:johannes@dephfind.com/ ]
	C:\USERS\JOHANNES\Cookies\SB61XBFD.txt [ Cookie:johannes@trafficengine.net/ ]
	C:\USERS\JOHANNES\Cookies\2TS9REXX.txt [ Cookie:johannes@linksynergy.com/ ]
	C:\USERS\JOHANNES\Cookies\O49U62IO.txt [ Cookie:johannes@eas.apm.emediate.eu/ ]
	C:\USERS\JOHANNES\Cookies\W0O7JGF9.txt [ Cookie:johannes@track.effiliation.com/ ]
	C:\USERS\JOHANNES\Cookies\OUSZBFUA.txt [ Cookie:johannes@server.cpmstar.com/ ]
	C:\USERS\JOHANNES\Cookies\FW77U9UI.txt [ Cookie:johannes@www.cpcadnet.com/track/ ]
	C:\USERS\JOHANNES\Cookies\G3KAPO18.txt [ Cookie:johannes@revsci.net/ ]
	C:\USERS\JOHANNES\Cookies\Q98QDGAR.txt [ Cookie:johannes@serving-sys.com/ ]
	C:\USERS\JOHANNES\Cookies\JKA1BROV.txt [ Cookie:johannes@aim4media.com/ ]
	C:\USERS\JOHANNES\Cookies\ESFU1GB4.txt [ Cookie:johannes@track.adform.net/ ]
	C:\USERS\JOHANNES\Cookies\DJHS1PGM.txt [ Cookie:johannes@ww251.smartadserver.com/ ]
	C:\USERS\JOHANNES\Cookies\H6YD78VE.txt [ Cookie:johannes@yieldmanager.net/ ]
	C:\USERS\JOHANNES\Cookies\KKYWJ5AV.txt [ Cookie:johannes@collective-media.net/ ]
	C:\USERS\JOHANNES\Cookies\XANY65VK.txt [ Cookie:johannes@doubleclick.net/ ]
	C:\USERS\JOHANNES\Cookies\3QTFFVTW.txt [ Cookie:johannes@specificclick.net/ ]
	C:\USERS\JOHANNES\Cookies\3ULSX9QT.txt [ Cookie:johannes@ad.yieldmanager.com/ ]
	C:\USERS\JOHANNES\Cookies\L4FE4C1I.txt [ Cookie:johannes@lokyfind.com/ ]
	C:\USERS\JOHANNES\Cookies\XVZU7NJA.txt [ Cookie:johannes@filescanner.net/ ]
	C:\USERS\JOHANNES\Cookies\QQYSNANX.txt [ Cookie:johannes@vidasco.rotator.hadj7.adjuggler.net/ ]
	C:\USERS\JOHANNES\Cookies\1DX9NOG6.txt [ Cookie:johannes@accounts.google.com/intl/en/ ]
	C:\USERS\JOHANNES\Cookies\MTT5HTS6.txt [ Cookie:johannes@harrenmedianetwork.com/ ]
	C:\USERS\JOHANNES\Cookies\UUUCYPV5.txt [ Cookie:johannes@track.effiliation.com/servlet/ ]
	C:\USERS\JOHANNES\Cookies\4PTMKGH4.txt [ Cookie:johannes@mifind.net/ ]
	C:\USERS\JOHANNES\Cookies\F6N0UX24.txt [ Cookie:johannes@smartadserver.com/ ]
	C:\USERS\JOHANNES\Cookies\00VVE8TI.txt [ Cookie:johannes@advertising.com/ ]
	C:\USERS\JOHANNES\Cookies\FBYOKLLQ.txt [ Cookie:johannes@invitemedia.com/ ]
	C:\USERS\JOHANNES\Cookies\Y54VD4PA.txt [ Cookie:johannes@apmebf.com/ ]
	C:\USERS\JOHANNES\Cookies\2GD8DZCP.txt [ Cookie:johannes@xml.trafficengine.net/ ]
	C:\USERS\JOHANNES\Cookies\G28L4EH4.txt [ Cookie:johannes@clicksor.com/ ]
	C:\USERS\JOHANNES\Cookies\5YF26MS1.txt [ Cookie:johannes@intfind.net/ ]
	C:\USERS\JOHANNES\Cookies\8WGKGYXJ.txt [ Cookie:johannes@clickfuse.com/ ]
	C:\USERS\JOHANNES\Cookies\826JX6T9.txt [ Cookie:johannes@openx1.overadmedia.com/ ]
	C:\USERS\JOHANNES\Cookies\W764HUIM.txt [ Cookie:johannes@statcounter.com/ ]
	C:\USERS\JOHANNES\Cookies\9UIW105V.txt [ Cookie:johannes@pornhub.com/ ]
	C:\USERS\JOHANNES\Cookies\O43XOSV8.txt [ Cookie:johannes@friendfinder.com/ ]
	C:\USERS\JOHANNES\Cookies\89D8EEKC.txt [ Cookie:johannes@klpfind.com/ ]
	C:\USERS\JOHANNES\Cookies\VEV7ARLX.txt [ Cookie:johannes@realyfinded.com/ ]
	C:\USERS\JOHANNES\Cookies\49X4EPP2.txt [ Cookie:johannes@www.pornhub.com/ ]
	C:\USERS\JOHANNES\Cookies\DJ6E3831.txt [ Cookie:johannes@content.yieldmanager.com/ ]
	C:\USERS\JOHANNES\Cookies\1POAS9Z5.txt [ Cookie:johannes@gostats.com/ ]
	C:\USERS\JOHANNES\Cookies\PQ3L7OFO.txt [ Cookie:johannes@ads.crakmedia.com/ ]
	C:\USERS\JOHANNES\Cookies\D4ZL59JY.txt [ Cookie:johannes@bs.serving-sys.com/ ]
	C:\USERS\JOHANNES\Cookies\DQFBEI03.txt [ Cookie:johannes@adjuggler.net/ ]
	C:\USERS\JOHANNES\Cookies\725X5UPN.txt [ Cookie:johannes@google.com/accounts/recovery/ ]
	C:\USERS\JOHANNES\Cookies\WEQK1Y6Y.txt [ Cookie:johannes@zanox-affiliate.de/ ]
	C:\USERS\JOHANNES\Cookies\8NIGNZS1.txt [ Cookie:johannes@im.banner.t-online.de/ ]
	C:\USERS\JOHANNES\Cookies\D2484VS5.txt [ Cookie:johannes@tribalfusion.com/ ]
	C:\USERS\JOHANNES\Cookies\P1UXY3V6.txt [ Cookie:johannes@it.pornhub.com/ ]
	C:\USERS\JOHANNES\Cookies\K297DI4I.txt [ Cookie:johannes@adserver2.eclickz.com/ ]

Heur.Agent/Gen-WhiteBox
	ZIP ARCHIVE( D:\DOWNLOADS\MEMTEST86+-4.10.USB.INSTALLER.ZIP )/MEMTEST86+ 4.10 USB INSTALLER.EXE
	D:\DOWNLOADS\MEMTEST86+-4.10.USB.INSTALLER.ZIP

Trojan.Agent/Gen-SoftonicDownloader
	D:\DOWNLOADS\SOFTONICDOWNLOADER_FUER_SCAN2PDF.EXE
         

Alt 29.12.2011, 14:14   #8
Chris4You
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,

beides...

Wie verhält sich der Rechner? Noch Auffälligkeiten?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 29.12.2011, 14:28   #9
joebacka
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi

Sieht soweit ganz gut aus (Tabs öffnen sich nicht mehr). Was genau war das für ein Virus? Muss ich jetzt irgendetwas befürchten?

mbam findet aber immer noch diesen Eintrag:
Code:
ATTFilter
Malwarebytes Anti-Malware 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.29.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Johannes :: JOE [Administrator]

29.12.2011 14:18:25
mbam-log-2011-12-29 (14-18-25).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 175817
Laufzeit: 2 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|Shell (Backdoor.Agent) -> Daten: C:\Users\Johannes\AppData\Local\2bde10f3\X -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Alt 29.12.2011, 15:12   #10
Chris4You
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,

diesen Eintrag habe ich auch schon mit OTL gefixt, es ist also immer noch was da, was ihn immer wieder erstellt...

Bitte MAM updaten und Fullscan, Log posten...

Bitte neues OTL-Log...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 29.12.2011, 17:45   #11
joebacka
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,

Beim 2. Druchlauf hat mbam nicht mehr gefunden.

Hier die OLT Logs:
Code:
ATTFilter
OTL logfile created on: 29.12.2011 15:31:51 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 41,49% Memory free
8,00 Gb Paging File | 5,07 Gb Available in Paging File | 63,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500,00 Gb Total Space | 373,72 Gb Free Space | 74,74% Space Free | Partition Type: NTFS
Drive D: | 1363,01 Gb Total Space | 567,55 Gb Free Space | 41,64% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 465,38 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: JOE | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Johannes\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Tuning\AMD Overdrive\AODAssist.exe ()
PRC - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe (ROCCAT GmbH)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\0k9685op.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\gecko8\WINNT_x86-msvc\SSSLauncher.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvorbis_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libzvbi_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libxml_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtaglib_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libx264_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_rtp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_raop_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtheora_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libswscale_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvout_sdl_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtwolame_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libts_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libzip_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_transcode_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvisual_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvod_rtsp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libwingdi_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libty_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsubtitle_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvcd_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsubsdec_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libwaveout_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvobsub_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsubsusf_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_record_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_mosaic_bridge_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvideo_filter_wrapper_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtransform_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_standard_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i420_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvout_wrapper_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuy2_i422_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libwav_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsvcdsub_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libwall_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvoc_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_smem_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvmem_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libxtag_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuv_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtta_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libwave_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libvc1_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtrivial_channel_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_gather_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libxa_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libyuvp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libugly_resampler_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libtrivial_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libt140_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libqt4_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libskins2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libschroedinger_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libremoteosd_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librtp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsdl_image_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libspeex_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libspatializer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsap_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libreal_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librss_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libscreen_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_bridge_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libspudec_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_es_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsmf_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libscaletempo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librotate_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librawvid_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libscene_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libquicktime_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_duplicate_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_rar_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librealvideo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstats_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsimple_channel_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librawdv_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librawaud_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_display_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libsharpen_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libripple_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librawvideo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_autodel_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libscale_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_filter_record_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\librv32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_description_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libspdif_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libstream_out_dummy_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libprojectm_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmkv_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmod_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpng_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmp4_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_ts_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgatofixed32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libplaylist_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liboldhttp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpc_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_ps_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libportaudio_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libogg_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpostproc_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_h264_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liboldrc_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpanoramix_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4audio_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_ogg_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_mp4_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_asf_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libps_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmosaic_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_dirac_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libosd_parser_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_vc1_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liboldtelnet_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libnuv_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_avi_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpegvideo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmotiondetect_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mpeg4video_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_flac_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpuzzle_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_mlp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmono_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libosdmenu_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpodcast_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpeg_audio_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpva_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libntservice_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libnsv_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libparam_eq_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libnetsync_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpsychedelic_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libpacketizer_copy_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libnsc_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libnormvol_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_wav_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmsn_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmotionblur_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libnoise_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_mpjpeg_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmux_dummy_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmpgv_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibass_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgnutls_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblive555_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgme_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblua_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgoom_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblibmpeg2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_sse2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libkate_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_mmx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libglwin32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_rgb_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libhotkeys_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgradient_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblogo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmarq_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi420_yuy2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmagnify_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libheadphone_channel_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_yuy2_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgestures_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmirror_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmediadirs_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblpcm_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmjpeg_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liblogger_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmxext_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpy3dn_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libglobalhotkeys_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libmemcpymmx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libinvmem_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libi422_i420_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgrey_yuv_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgrain_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libh264_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libinvert_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirac_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfreetype_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfaad_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libflac_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfluidsynth_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdnav_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdshow_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstofloat32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvdread_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdvbsub_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdeinterlace_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirectx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdirect3d_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdmo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcrop_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libequalizer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libflacsys_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libes_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libextract_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdummy_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfilesystem_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdts_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libexport_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfake_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcvdsub_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcroppadd_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liberase_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libgaussianblur_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdtstospdif_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdolby_surround_decoder_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdemuxdump_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfloat32_mixer_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdemux_cdg_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libfolder_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libdrawable_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libavcodec_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcaca_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_sdl_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libatmo_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libbda_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdda_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libavi_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libasf_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libblend_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudiobargraph_v_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libadjust_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_directx_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaraw_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libball_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudioscrobbler_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudio_format_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcc_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libadpcm_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaudiobargraph_a_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libchorus_flanger_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libbluescreen_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcanvas_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libblendbench_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcolorthres_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaout_file_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libcdg_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaiff_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libclone_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libalphamask_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaes3_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libconverter_fixed_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libchain_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_udp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libau_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_output_shout_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_bd_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_http_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_mms_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_realrtsp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tofloat32_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_imem_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_ftp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_output_udp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_output_http_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_smb_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_fake_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_output_file_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_tcp_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_attachment_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\libaccess_output_dummy_plugin.dll ()
MOD - C:\Program Files (x86)\VideoLAN\VLC\plugins\liba52tospdif_plugin.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\hiddriver.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE (SUPERAntiSpyware.com)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AODService) -- C:\Program Files (x86)\Tuning\AMD Overdrive\AODAssist.exe ()
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (USBModem) -- C:\Windows\SysNative\drivers\lgx64modem.sys (LG Electronics Inc.)
DRV:64bit: - (UsbDiag) -- C:\Windows\SysNative\drivers\lgx64diag.sys (LG Electronics Inc.)
DRV:64bit: - (usbbus) -- C:\Windows\SysNative\drivers\lgx64bus.sys (LG Electronics Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (ANDModem) -- C:\Windows\SysNative\drivers\lgandmodem64.sys (LG Electronics Inc.)
DRV:64bit: - (AndGps) -- C:\Windows\SysNative\drivers\lgandgps64.sys (LG Electronics Inc.)
DRV:64bit: - (AndDiag) -- C:\Windows\SysNative\drivers\lganddiag64.sys (LG Electronics Inc.)
DRV:64bit: - (Andbus) -- C:\Windows\SysNative\drivers\lgandbus64.sys (LG Electronics Inc.)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (cpuz134) -- C:\Windows\SysNative\drivers\cpuz134_x64.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (xnacc) -- C:\Windows\SysNative\drivers\xnacc.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (KoneFltr) -- C:\Windows\SysNative\drivers\Kone.sys (ROCCAT Ltd)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (AODDriver4.01) -- C:\Program Files (x86)\Tuning\AMD Overdrive\amd64\AODDriver2.sys (Advanced Micro Devices)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (speedfan) -- C:\Windows\SysWOW64\speedfan.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 55 0B 82 1E F8 BF CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=302398"
FF - prefs.js..browser.startup.homepage: "hxxp://www.hsv.de/index.php?id=16043"
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.0.9.8
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.88
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.02.09 19:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.02.09 19:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.29 08:39:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.09.28 21:49:53 | 000,000,000 | ---D | M]
 
[2011.03.30 19:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Extensions
[2011.03.30 19:03:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.12.27 11:31:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions
[2011.12.16 22:44:15 | 000,000,000 | ---D | M] (FireShot) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2010.12.21 20:53:13 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2011.05.15 09:25:16 | 000,000,000 | ---D | M] (Live HTTP Headers) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\{8f8fe09b-0bd3-4470-bc1b-8cad42b8203a}
[2010.12.21 20:53:12 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\firefox@tvunetworks.com
[2010.12.21 20:53:13 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\moveplayer@movenetworks.com
[2011.04.02 17:42:58 | 000,000,000 | ---D | M] (vShare) -- C:\Users\Johannes\AppData\Roaming\mozilla\Firefox\Profiles\0k9685op.default\extensions\vshare@toolbar
[2010.03.24 15:13:02 | 000,000,917 | ---- | M] () -- C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\0k9685op.default\searchplugins\conduit.xml
[2011.11.29 08:39:03 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{73A6FE31-595D-460B-A920-FCC0F8843232}.XPI
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{DD05FD3D-18DF-4CE4-AE53-E795339C5F01}.XPI
() (No name found) -- C:\USERS\JOHANNES\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0K9685OP.DEFAULT\EXTENSIONS\{E0204BD5-9D31-402B-A99D-A6AA8FFEBDCA}.XPI
[2011.11.29 08:39:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010.12.22 15:57:39 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.09.23 02:52:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.09.23 02:46:24 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.09.23 02:52:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.09.23 02:52:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.23 02:52:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.09.23 02:52:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [RoccatKone+] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE (ROCCAT GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E578DDC-AFD0-42A7-B617-DDBB64557420}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{cd6a2aeb-0d4e-11e0-867e-6c626d85fadc}\Shell - "" = AutoRun
O33 - MountPoints2\{cd6a2aeb-0d4e-11e0-867e-6c626d85fadc}\Shell\AutoRun\command - "" = L:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.29 11:22:38 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\SUPERAntiSpyware.com
[2011.12.29 11:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2011.12.29 11:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2011.12.29 11:21:42 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2011.12.29 11:12:26 | 000,000,000 | ---D | C] -- C:\TDSS
[2011.12.29 11:01:52 | 000,000,000 | ---D | C] -- C:\_OTL
[2011.12.28 23:16:49 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2011.12.14 09:24:25 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.14 09:24:25 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.14 09:24:24 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.14 09:24:24 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.14 09:24:24 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.14 09:24:24 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.14 09:24:23 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.14 09:24:23 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.14 09:24:23 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.14 09:24:22 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.14 09:24:22 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.14 09:22:08 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2011.12.14 09:21:53 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll
[2011.12.14 09:21:53 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll
[2011.12.12 22:24:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2011.12.12 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2011.12.12 22:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2011.12.09 16:11:52 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\Sky
[2011.12.08 20:08:50 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\2011_12_08
[2011.12.08 00:39:26 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Tor
[2011.12.08 00:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vidalia Bundle
[2011.12.08 00:39:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vidalia Bundle
[2011.12.08 00:39:25 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Vidalia
[2011.12.08 00:37:03 | 000,000,000 | ---D | C] -- C:\Users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor
[2011.12.08 00:12:47 | 000,000,000 | ---D | C] -- C:\Users\Johannes\Desktop\utmp
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.29 13:40:26 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 13:40:26 | 000,013,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 13:37:31 | 001,613,340 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.29 13:37:31 | 000,696,832 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.29 13:37:31 | 000,652,150 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.29 13:37:31 | 000,148,128 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.29 13:37:31 | 000,121,082 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.29 13:33:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.29 13:33:03 | 3220,578,304 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.29 11:21:44 | 000,001,814 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.29 10:43:58 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011.12.28 23:16:35 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Johannes\Desktop\OTL.exe
[2011.12.28 17:45:11 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.27 22:42:01 | 000,538,052 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_3.JPG
[2011.12.27 22:41:57 | 000,569,812 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_2.JPG
[2011.12.27 22:41:54 | 000,565,191 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_1.JPG
[2011.12.27 22:41:50 | 000,572,077 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_3.jpg
[2011.12.27 22:41:47 | 000,511,469 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_2.jpg
[2011.12.27 22:41:45 | 000,568,741 | ---- | M] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_1.JPG
[2011.12.21 16:49:03 | 000,000,600 | ---- | M] () -- C:\Users\Johannes\PUTTY.RND
[2011.12.20 19:36:53 | 000,139,966 | ---- | M] () -- C:\Users\Johannes\Desktop\Targobank.pdf
[2011.12.20 15:16:00 | 000,000,213 | ---- | M] () -- C:\Users\Johannes\Desktop\u.ini
[2011.12.14 15:59:31 | 000,339,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.08 19:44:19 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.06 23:40:50 | 001,671,629 | ---- | M] () -- C:\Users\Johannes\Desktop\Marktuebersicht_CI+_geeigneter_Empfangsgeraete.pdf
[2011.12.03 10:39:59 | 000,000,828 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
 
========== Files Created - No Company Name ==========
 
[2011.12.29 11:21:44 | 000,001,814 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2011.12.28 17:45:11 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2011.12.27 22:42:01 | 000,538,052 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_3.JPG
[2011.12.27 22:41:57 | 000,569,812 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_2.JPG
[2011.12.27 22:41:54 | 000,565,191 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 19.12.11 SDO2_1.JPG
[2011.12.27 22:41:50 | 000,572,077 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_3.jpg
[2011.12.27 22:41:47 | 000,511,469 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_2.jpg
[2011.12.27 22:41:45 | 000,568,741 | ---- | C] () -- C:\Users\Johannes\Desktop\IEF_SDS Tower 13.12.11 Col-0_1.JPG
[2011.12.20 19:36:53 | 000,139,966 | ---- | C] () -- C:\Users\Johannes\Desktop\Targobank.pdf
[2011.12.08 00:20:40 | 000,000,213 | ---- | C] () -- C:\Users\Johannes\Desktop\u.ini
[2011.12.08 00:08:07 | 000,000,600 | ---- | C] () -- C:\Users\Johannes\PUTTY.RND
[2011.12.06 23:40:50 | 001,671,629 | ---- | C] () -- C:\Users\Johannes\Desktop\Marktuebersicht_CI+_geeigneter_Empfangsgeraete.pdf
[2011.12.03 10:39:59 | 000,000,828 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.11.18 18:04:04 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2011.09.20 18:28:58 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011.09.20 18:28:58 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2011.09.02 12:42:42 | 000,000,843 | ---- | C] () -- C:\Windows\wiso.ini
[2011.07.17 22:54:02 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.05.16 07:30:28 | 001,590,298 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.04.26 12:19:50 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.04.09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.01.26 20:21:26 | 000,000,000 | ---- | C] () -- C:\Users\Johannes\AppData\Local\STAR.trace
[2011.01.26 13:56:35 | 000,003,278 | ---- | C] () -- C:\Users\Johannes\AppData\Roaming\SerialClonerPrefs
[2010.12.27 15:31:39 | 000,000,017 | ---- | C] () -- C:\Users\Johannes\AppData\Local\resmon.resmoncfg
[2010.12.22 17:45:19 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2010.12.21 21:29:00 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.05 00:59:32 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\StarOpen.sys
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.10.25 17:26:10 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys

< End of report >
         
Code:
ATTFilter
OTL Extras logfile created on: 29.12.2011 15:31:51 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Johannes\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,66 Gb Available Physical Memory | 41,49% Memory free
8,00 Gb Paging File | 5,07 Gb Available in Paging File | 63,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 500,00 Gb Total Space | 373,72 Gb Free Space | 74,74% Space Free | Partition Type: NTFS
Drive D: | 1363,01 Gb Total Space | 567,55 Gb Free Space | 41,64% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 465,38 Gb Free Space | 99,92% Space Free | Partition Type: NTFS
 
Computer Name: JOE | User Name: Johannes | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp version 0.99.8
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{10ADF519-706B-6EC7-A1A7-A2580D920457}" = AMD Catalyst Install Manager
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{2AF2EABE-CF18-CACB-E57C-A4902A3C36C8}" = AMD Media Foundation Decoders
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5DF57DB1-D971-3DA3-B4BB-F6FC7D73A997}" = AMD Drag and Drop Transcoding
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C95F41B-70D9-7EF8-BC80-B1C896B5B747}" = AMD Fuel
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90AB246D-A0A0-29EA-199A-4B07841E0737}" = ATI AVIVO64 Codecs
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{D79C2CD4-7BCC-60AC-76C9-834CEEF1CDBE}" = ccc-utility64
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"CPUID CPU-Z_is1" = CPUID CPU-Z 1.56
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"WinRAR archiver" = WinRAR 4.00 Beta 3 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02F0B8AE-7501-4333-AFBE-6BAABFEC7637}" = WISO Steuer 2011
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1BF4CB15-6055-452A-8487-021AE2D91208}" = Crysis® 2 Demo
"{1DA27F36-93EB-E82F-2DA3-48F13C0153CD}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1" = Geeks3D.com FurMark 1.9.0
"{26A24AE4-039D-4CA4-87B4-2F83216023FF}" = Java(TM) 6 Update 23
"{330D5210-3C4F-E632-2714-BE23C7C10B9F}" = Catalyst Control Center Graphics Previews Common
"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{434D0820-3AA6-493A-80B9-301000028501}" = DiRT2
"{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"{434D0FA0-AB8C-497F-B30A-7A1000018201}" = DiRT 3
"{43544FB5-BC1D-939A-7FDA-F7F3E5AEC35B}" = AMD VISION Engine Control Center
"{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}" = 3DMark 11
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{52D1D62C-FEAB-4580-849E-1DB624BADBBD}" = DiRT2
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F6F7929-56E8-4FAE-92A8-6B86108D07C1}" = LG United Mobile Drivers
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7353BAE6-5E49-46C4-A9B5-8A269A313789}" = Crysis WARHEAD(R)
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{78D2854E-5DBF-11E7-B41F-47D203C8ED66}" = CCC Help English
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.0.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}" = Thrustmaster Force Feedback Driver
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AC76BA86-7AD7-5676-5A64-A00000000003}" = Adobe Reader Extended Language Support Font Pack
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B99CB207-4704-4C51-9309-0FA90AA26DD4}" = ROCCAT Kone[+] Mouse Driver
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D7AF16E7-5938-4369-BA54-B1ABD541BC32}" = Utility
"{DAD5AC93-8518-4F46-A5FE-E63FEE791B6F}" = AMD OverDrive
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F9835182-794B-4F24-902A-E2CA9D43380F}" = NVIDIA PhysX
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Afterburner" = MSI Afterburner 2.0.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Call of Duty Black Ops GERMAN Uncut 1.00" = Call of Duty Black Ops GERMAN Uncut 1.00
"Core Damage 0.8h" = Core Damage 0.8h
"Crysis WARHEAD(R)" = Crysis WARHEAD(R)
"DivX Setup.divx.com" = DivX-Setup
"Fifa 12 (c) Electronic Arts_is1" = Fifa 12 (c) Electronic Arts version 1
"Fraps" = Fraps
"GFWL_{434D0831-3E0C-4D03-A5D4-5E1000008400}" = F1 2010
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"Mafia II_is1" = Mafia II DLC Joe's Adventures
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.0.1800
"Mozilla Firefox 8.0.1 (x86 de)" = Mozilla Firefox 8.0.1 (x86 de)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"OpenAL" = OpenAL
"Polipo" = Polipo 1.0.4.1
"Postal 2_is1" = Portal 2
"PyMOL" = PyMOL
"SopCast" = SopCast 3.3.2
"SpeedFan" = SpeedFan (remove only)
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 33230" = Assassin's Creed II
"Tor" = Tor 0.2.2.34
"Veetle TV" = Veetle TV 0.9.18
"Vidalia" = Vidalia 0.2.15
"VLC media player" = VLC media player 1.1.11
"xvid" = XviD MPEG-4 Video Codec
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 3029
Description = 
 
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 3028
Description = 
 
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 3058
Description = 
 
Error - 04.12.2011 05:32:17 | Computer Name = Joe | Source = Windows Search Service | ID = 7010
Description = 
 
Error - 07.12.2011 19:16:56 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm U1103.exe, Version 0.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1154    Startzeit:
 01ccb535bb52298e    Endzeit: 5    Anwendungspfad: C:\Users\Johannes\Desktop\U1103.exe    Berichts-ID:
 8bfa7f7e-2129-11e1-ae48-6c626d85fadc  
 
Error - 07.12.2011 19:18:33 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm U1103.exe, Version 0.0.0.0 kann nicht mehr unter Windows 
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 4cc    Startzeit: 
01ccb5365bb08003    Endzeit: 16    Anwendungspfad: C:\Users\Johannes\Desktop\U1103.exe    Berichts-ID:
 c5efef55-2129-11e1-ae48-6c626d85fadc  
 
Error - 11.12.2011 17:54:37 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 8.0.1.4341 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 624    Startzeit: 
01ccb796e716a229    Endzeit: 41    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
   
 
Error - 19.12.2011 17:51:40 | Computer Name = Joe | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 8.0.1.4341 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: e0c    Startzeit: 
01ccbe186f0fda78    Endzeit: 18    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 9e928b07-2a8b-11e1-8dcb-6c626d85fadc  
 
Error - 28.12.2011 09:20:56 | Computer Name = Joe | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc3c1  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000070a02ad000
ID
 des fehlerhaften Prozesses: 0x738  Startzeit der fehlerhaften Anwendung: 0x01ccc563159d8383
Pfad
 der fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: c5c780a5-3156-11e1-817f-6c626d85fadc
 
Error - 28.12.2011 12:19:56 | Computer Name = Joe | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mbam.exe, Version: 1.51.0.1118, Zeitstempel:
 0x4e5e8e67  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x61746144  ID des fehlerhaften Prozesses:
 0xb50  Startzeit der fehlerhaften Anwendung: 0x01ccc57c842cf7ad  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: c72e6532-316f-11e1-817f-6c626d85fadc
 
[ System Events ]
Error - 27.12.2011 06:20:13 | Computer Name = Joe | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 27.12.2011 17:58:40 | Computer Name = Joe | Source = DCOM | ID = 10010
Description = 
 
Error - 28.12.2011 08:43:59 | Computer Name = Joe | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 28.12.2011 08:55:49 | Computer Name = Joe | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Windows-Fehlerberichterstattungsdienst erreicht.
 
Error - 28.12.2011 20:08:14 | Computer Name = Joe | Source = DCOM | ID = 10010
Description = 
 
Error - 29.12.2011 05:40:47 | Computer Name = Joe | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 29.12.2011 06:03:24 | Computer Name = Joe | Source = DCOM | ID = 10010
Description = 
 
Error - 29.12.2011 06:05:18 | Computer Name = Joe | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 29.12.2011 08:32:15 | Computer Name = Joe | Source = DCOM | ID = 10010
Description = 
 
Error - 29.12.2011 08:34:08 | Computer Name = Joe | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
 
< End of report >
         

Alt 29.12.2011, 17:55   #12
Chris4You
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,

das sieht jetzt ok aus...

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 29.12.2011, 17:57   #13
joebacka
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Vielen Dank für deine Hilfe!

Wäre es möglich den Thread zu löschen? Muss ja nicht meine Logs sehen...

Alt 29.12.2011, 18:27   #14
Chris4You
 
tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Standard

tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen



Hi,

ist nicht üblich, musst Du einen Admin (Da Guru) fragen...

Ich würde abschließen noch Dr. Web scannen lassen...
Cureit
Folge der Anleitung: http://www.trojaner-board.de/59299-a...eb-cureit.html
Nach Beendigung des Scans findes Du das Log unter %USERPROFILE%\DoctorWeb\CureIt.log.
Bevor du irgendwelche Aktionen unternimmst, kopiere bitte den Inhalt des Logs und poste ihn.
Die Log Datei ist sehr groß, ca. über 5MB Text. Benutzt einfach die Suche nach "infiziert" und kopiert betreffende Teile heraus, bevor Du sie postet.

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Antwort

Themen zu tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen
'tr/atraps.gen2', 64-bit, 800000cb.@, appdata, aufsetzen, automatisch, avira, avira meldung, backdoor.agent, datei, entfernen, gen, löschen, microsoft, neu, nicht mehr, ordner, programm, scan, sich automatisch, software, system, system neu, tab, tabs öffnen, tr/atraps.gen, trojan, unerwünschtes programm, virus, windows, zugriff, öffnen, öffnet




Ähnliche Themen: tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen


  1. Cleaner pro startet automatisch - Suchaschinen wurden geändert - Antivir lässt sich nicht öffnen ...
    Log-Analyse und Auswertung - 19.08.2015 (16)
  2. Tabs öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 02.02.2015 (7)
  3. Tabs öffnen sich automatisch
    Log-Analyse und Auswertung - 15.12.2014 (5)
  4. Tabs öffnen sich automatisch
    Log-Analyse und Auswertung - 02.12.2014 (7)
  5. Tabs öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 17.09.2014 (31)
  6. Chrome Tabs öffnen sich automatisch
    Log-Analyse und Auswertung - 29.06.2014 (19)
  7. Laptop ruckelt nur noch, Iminent lässt sich nicht löschen und Radio schaltet sich alleine an und aus und lässt sich ebenfalls nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (3)
  8. Immer wieder öffnen sich Tabs mit Werbungen automatisch!
    Alles rund um Windows - 23.05.2014 (3)
  9. Tabs öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 16.05.2014 (10)
  10. „mbam-setup-1.75.0.1300.exe“ lässt sich nicht öffnen mit OS X
    Plagegeister aller Art und deren Bekämpfung - 14.10.2013 (10)
  11. Mbam findet PUP.InstallBrain, PC hängt und Incredibar lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 09.01.2013 (10)
  12. Feststelltaste verselbständigt sich, Firefox Tabs öffnen automatisch
    Log-Analyse und Auswertung - 01.05.2011 (12)
  13. Win7 64Bit | Firefox-> TABS öffnen sich automatisch
    Log-Analyse und Auswertung - 05.11.2010 (6)
  14. Tabs öffnen sich automatisch
    Plagegeister aller Art und deren Bekämpfung - 10.12.2009 (7)
  15. Tabs öffnen sich automatisch im IE und im Firefox
    Log-Analyse und Auswertung - 11.11.2008 (1)
  16. Hijack Problem - Tabs im IE öffnen sich automatisch
    Log-Analyse und Auswertung - 19.07.2008 (12)
  17. Ordner 315987473e3ef7b53daa lässt sich nicht löschen, unbenennen, öffnen
    Plagegeister aller Art und deren Bekämpfung - 28.10.2007 (4)

Zum Thema tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen - Hallo Leute, Ich glaube ich habe mir einen Virus eingefangen, der nicht so leicht zu entfernen ist. Es hat vor ein paar Tagen angefangen und zwar meldete sich avira dauernd - tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen...
Archiv
Du betrachtest: tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.