Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.02.2012, 18:21   #1
Domey
 
Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr! - Standard

Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr!



Guten Abend!

Das ist mein erster Post in diesem Forum, hoffe ich mache nichts falsch und mir kann geholfen werden

Also zu meinem Problem:
Habe vor ca. 2 Stunden meine externe Festplatte angschlossen und wollte mir einige von meinem Laptop kompieren. Was mir gleich aufgefallen ist, es wurde 2 mal ein Autostart-Fenster geöffnet, ein normales und ein kleiners. Danach bin ich ganz normal in den Explorer, doch plötzlich wurden alle Ordner als (2KB-große) Verknüpfungen angezeigt. Wenn ich darauf klickte, ladete es lange, der Ordner ging jedoch ganz normal auf.
Kam mir sehr spanisch vor, hab also mal ne gute Stunde gegoogelt und wurde schnell fündig. Ein WURM! Habe mal Avira drüber laufen lasse, wurde aber nichts gefunden, bzw es kam nur eine Warnmeldung wenn ich die Ordner doppelklickte.

Habe mich dann weiter erkundigt, auch hier im Forum einige Beiträge gefunden und verschiedene Programme installiert und probiert.
"Spyware Terminator 2012" drüberlaufen lassen, auch am Laptop, nicht bewirkt. Auch "Stinger" von McAfee, der fand dann auch etwas in einem Ordner (der vorher NIE da war), der Ordner hat den Namen "$RECYCLE.BIN"
Stinger löschte dann diesen Virus, jetzt ist aber das Problem: Die Ordner gehen garnicht mehr auf. Es kommt immer die Fehlermeldung:
"I:\RECYCLER\e621ca05.exe konnte nicht gefunden werden......."
Außerdem geht ein Consolen-Feld auf, das jedoch leer ist!

Jetzt meine Frage, was soll ich machen, bzw kann man überhaupt noch was machen. Die Daten sind noch da, bzw werden noch angezeigt.
Würde mich über eure Hilfe sehr freuen, da auf meiner Festplatte sehr viele wichtige Daten sind. (Wie immer eben )

Freundliche Grüße
Domey

PS: Habe gerade einen USB-Stick angeschlossen, gleiches Problem mit den Ordnern.

Alt 13.02.2012, 19:45   #2
Domey
 
Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr! - Standard

Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr!



Hab OTL drüber laufen lassen, hier die 2 Einträge:

Code:
ATTFilter
OTL Extras logfile created on: 13.02.2012 19:28:13 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Domey\Downloads
64bit- Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 56,03% Memory free
5,99 Gb Paging File | 4,33 Gb Available in Paging File | 72,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 163,99 Gb Free Space | 55,01% Space Free | Partition Type: NTFS
Drive E: | 23,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 931,51 Gb Total Space | 475,17 Gb Free Space | 51,01% Space Free | Partition Type: NTFS
 
Computer Name: DOMEY-PC | User Name: Domey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{3D42871F-4A1E-82E5-9494-3012BA3084F2}" = AMD Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6FCA487B-89F0-4378-E1BC-91B81BCD8C98}" = ccc-utility64
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{8BB347A7-68B5-4E46-9FCC-17F6172BA9E1}" = Share64
"{8FCE3895-45F7-4C42-9AB2-4A6D6ED6324F}" = DisplayLink Core Software
"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010
"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010
"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9C98CA38-4C1A-4AC8-B55C-169497C8826B}" = Apple Mobile Device Support
"{9CD0F7D3-B67F-4BF8-8784-D73AD229FF1E}" = iTunes
"{AD73C813-335F-45E7-9772-A4583FDFD177}" = HP USB Docking Video
"{C71D49C0-11F5-11E0-B8FB-0013D3D69929}" = Vegas Pro 10.0 (64-bit)
"{C9608300-11F5-11E0-A64B-0013D3D69929}" = MSVCRT Redists
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{ED96A4F2-C990-0C70-33FA-AE213E8697C0}" = AMD Media Foundation Decoders
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CCleaner" = CCleaner
"LSI Soft Modem" = LSI HDA Modem
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"WinRAR archiver" = WinRAR 4.00 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{AA902C31-B49D-4608-BCCF-2519EB77722D}" = Corel VideoStudio Pro X4
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B247BF7-D393-1855-C8B3-66DED90DCCB6}" = Catalyst Control Center
"{0D994CC5-819F-4657-84DD-397B8FE1EA80}" = Star Wars Jedi Knight Jedi Academy
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{1061DF04-CF33-40B0-8360-D07C9BBEB122}" = HP Wireless Assistant
"{15219EE8-4DCC-C6C5-CB04-351D4DD72ACF}" = Catalyst Control Center InstallProxy
"{154E4F71-DFC0-4B31-8D99-F97615031B02}" = HP Webcam Application
"{16D2C649-CBA8-44EE-B730-12584667D487}" = Stronghold 2
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216025FF}" = Java(TM) 6 Update 29
"{2A9D6191-23DB-463E-BB1B-1642C9756B7C}" = Serif MoviePlus Starter Edition
"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition
"{3990E632-42C3-4A25-ADFF-1101E3D6DD47}" = VSClassic
"{442CB906-7844-E2F5-A2EB-90D44C0BF2DF}" = Catalyst Control Center Localization All
"{494420A9-5F25-457B-9BBF-228E6A73B94B}" = MAGIX Speed burnR (MSI)
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{67D30650-3501-66ED-265A-20870A20A689}" = CCC Help English
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EF276E0-1D97-4B9D-BB29-013165F567CA}" = MAGIX Video deluxe 17 Premium Download-Version
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A567895C-1D23-48ED-BE83-FB3ED7D30442}" = IPM_VS_Pro
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AA902C31-B49D-4608-BCCF-2519EB77722D}" = ICA
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{B0125BEB-6731-43FA-88DA-B64D7BD3AD2D}" = VSPro
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B84ECBE1-6ED5-4E86-B4AB-DF46D342411F}" = Share
"{B87FAC24-973D-4A4F-AFC4-555FB95B32DB}" = PureHD
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{C4778408-3268-45CE-AE15-772D1739A1F1}" = VIO
"{C6017EEA-9E51-4129-84BA-EFA9520E69D8}" = Common
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CC4C7E9B-4B26-4D8D-8076-40CF708A9FA4}" = Contents
"{D07F85DE-22F1-4FB4-B3D1-402FD22C4870}" = DeviceIO
"{D68897FC-7E8D-4849-819A-726B2489713C}" = ISCOM
"{D8D9BCF5-0F5F-4D3F-8427-64B7632F93BE}" = Setup
"{DAD6325D-55CF-4D30-9DB9-2ADFE02D0777}" = MAGIX Screenshare
"{DFFCDB41-C2DA-47D6-96FF-03C05C0BEA22}" = resident evil 4
"{E045FAC9-0B70-4796-AD3A-7035E89CE536}" = SCR3xxx Smart Card Reader
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0A37341-D692-11D4-A984-009027EC0A9C}" = SoundMAX
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F972403C-BFE4-49EB-82B8-10D0FDBD1BB1}" = VirtualDJ Home FREE
"{FB8BEF4C-E2B8-725E-F84A-AF6D1E4C8960}" = Catalyst Control Center Graphics Previews Common
"1489-3350-5074-6281" = JDownloader 0.9
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface
"Any Video Converter_is1" = Any Video Converter 3.2.2
"Burn4Free DVD Burning_is1" = Burn4Free DVD Burning 5.8.0.0
"CrypTool" = CrypTool 1.4.30
"Dll-Files.com Fixer_is1" = Dll-Files.com Fixer
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"MAGIX_MSI_Videodeluxe17_premium" = MAGIX Video deluxe 17 Premium Download-Version
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.60.1.1000
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 9.0.1 (x86 de)" = Mozilla Firefox 9.0.1 (x86 de)
"Pen Tablet Driver" = Bamboo
"Santa Claus in Trouble" = Santa Claus in Trouble
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.7
"Wacom WebTabletPlugin for IE" = WebTablet IE Plugin
"Wacom WebTabletPlugin for Netscape" = WebTablet Netscape Plugin
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 06.02.2012 13:00:34 | Computer Name = Domey-PC | Source = RasClient | ID = 20227
Description = 
 
Error - 06.02.2012 13:00:53 | Computer Name = Domey-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Reader_sl.exe, Version: 10.1.2.45,
 Zeitstempel: 0x4f02e38e  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0x80000003  Fehleroffset: 0x01f59a3b  ID des fehlerhaften
 Prozesses: 0xc78  Startzeit der fehlerhaften Anwendung: 0x01cce4f0bd6f7a46  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 2077ca07-50e4-11e1-8b4a-81526abcac19
 
Error - 06.02.2012 13:05:10 | Computer Name = Domey-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: jusched.exe, Version: 2.0.6.1, Zeitstempel:
 0x4df127ab  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0x80000003  Fehleroffset: 0x01bf9a3b  ID des fehlerhaften Prozesses:
 0xaec  Startzeit der fehlerhaften Anwendung: 0x01cce4f0bd424021  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: b9c109dd-50e4-11e1-8b4a-81526abcac19
 
Error - 06.02.2012 13:08:38 | Computer Name = Domey-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GoogleUpdate.exe, Version: 1.2.183.21,
 Zeitstempel: 0x4b95e661  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0x80000003  Fehleroffset: 0x01ee8b9b  ID des fehlerhaften
 Prozesses: 0xa88  Startzeit der fehlerhaften Anwendung: 0x01cce4f0bc69a2e8  Pfad der
 fehlerhaften Anwendung: C:\Users\Domey\AppData\Local\Google\Update\GoogleUpdate.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 35ba0f19-50e5-11e1-8b4a-81526abcac19
 
Error - 06.02.2012 14:09:57 | Computer Name = Domey-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iTunesHelper.exe, Version: 10.5.0.142,
 Zeitstempel: 0x4e9238aa  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0x80000003  Fehleroffset: 0x02119a3b  ID des fehlerhaften
 Prozesses: 0xa50  Startzeit der fehlerhaften Anwendung: 0x01cce4f0bd31967f  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\iTunes\iTunesHelper.exe  Pfad des 
fehlerhaften Moduls: unknown  Berichtskennung: c64d9ea5-50ed-11e1-8b4a-81526abcac19
 
Error - 06.02.2012 15:02:05 | Computer Name = Domey-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: hpqToaster.exe, Version: 3.0.24.1,
 Zeitstempel: 0x4a4bba7b  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0x80000003  Fehleroffset: 0x02da9a3b  ID des fehlerhaften
 Prozesses: 0xe10  Startzeit der fehlerhaften Anwendung: 0x01cce4f0c15ee372  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 0ebb88a2-50f5-11e1-8b4a-81526abcac19
 
Error - 07.02.2012 10:13:06 | Computer Name = Domey-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 08.02.2012 11:41:15 | Computer Name = Domey-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 08.02.2012 14:04:51 | Computer Name = Domey-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
Error - 09.02.2012 07:47:26 | Computer Name = Domey-PC | Source = SideBySide | ID = 16842827
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
 (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe". Fehler in Manifest-
 oder Richtliniendatei "C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe"
 in Zeile 2.  Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.
 
[ System Events ]
Error - 18.08.2011 15:55:46 | Computer Name = Domey-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 18.08.2011 15:56:03 | Computer Name = Domey-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Akamai NetSession Interface" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 18.08.2011 15:58:05 | Computer Name = Domey-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 19.08.2011 04:48:18 | Computer Name = Domey-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 21.08.2011 08:20:21 | Computer Name = Domey-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
 
Error - 21.08.2011 08:20:21 | Computer Name = Domey-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 21.08.2011 08:20:42 | Computer Name = Domey-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Akamai NetSession Interface" wurde mit folgendem Fehler
 beendet:   %%126
 
Error - 21.08.2011 08:22:51 | Computer Name = Domey-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "sppsvc" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 21.08.2011 09:14:40 | Computer Name = Domey-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
Error - 21.08.2011 14:10:24 | Computer Name = Domey-PC | Source = atikmdag | ID = 43029
Description = Display is not active
 
 
< End of report >
         
Code:
ATTFilter
OTL logfile created on: 13.02.2012 19:28:13 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Domey\Downloads
64bit- Enterprise Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000c07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,68 Gb Available Physical Memory | 56,03% Memory free
5,99 Gb Paging File | 4,33 Gb Available in Paging File | 72,39% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 298,09 Gb Total Space | 163,99 Gb Free Space | 55,01% Space Free | Partition Type: NTFS
Drive E: | 23,78 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive I: | 931,51 Gb Total Space | 475,17 Gb Free Space | 51,01% Space Free | Partition Type: NTFS
 
Computer Name: DOMEY-PC | User Name: Domey | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.02.13 19:26:41 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Domey\Downloads\OTL.exe
PRC - [2012.01.17 16:35:15 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
PRC - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.01.10 05:14:34 | 003,609,776 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
PRC - [2012.01.10 05:14:24 | 002,775,728 | ---- | M] (Crawler.com) -- C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.24 18:30:37 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
PRC - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009.08.27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.01.20 06:35:35 | 000,411,120 | ---- | M] () -- C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
MOD - [2012.01.20 06:35:34 | 003,767,792 | ---- | M] () -- C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
MOD - [2012.01.20 06:34:10 | 000,122,880 | ---- | M] () -- C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll
MOD - [2012.01.20 06:34:09 | 000,222,208 | ---- | M] () -- C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll
MOD - [2012.01.20 06:34:07 | 001,746,432 | ---- | M] () -- C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll
MOD - [2012.01.20 03:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
MOD - [2012.01.20 03:14:40 | 008,593,056 | ---- | M] () -- C:\Users\Domey\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll
MOD - [2012.01.17 16:35:15 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\Mobile Partner.exe
MOD - [2011.09.27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.09.27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010.01.30 01:41:12 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2009.10.15 15:15:20 | 000,524,288 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\atcomm.dll
MOD - [2009.10.15 15:15:20 | 000,155,648 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\SMSPlugin.dll
MOD - [2009.10.15 15:15:20 | 000,147,456 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DetectDev.dll
MOD - [2009.10.15 15:15:20 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\LocaleMgrPlugin.dll
MOD - [2009.10.15 15:15:20 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\FileManager.dll
MOD - [2009.10.15 15:15:20 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DialUpPlugin.dll
MOD - [2009.10.15 15:15:20 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\XCodec.dll
MOD - [2009.10.15 15:15:20 | 000,057,344 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\ConfigFilePlugin.dll
MOD - [2009.10.15 15:15:20 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceOperate.dll
MOD - [2009.10.15 15:15:20 | 000,032,768 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NotifyServicePlugin.dll
MOD - [2009.10.15 15:15:20 | 000,014,848 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\isaputrace.dll
MOD - [2009.09.19 10:59:20 | 000,114,688 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NetInfoPlugin.dll
MOD - [2009.08.29 16:18:34 | 000,888,832 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\NDISAPI.dll
MOD - [2009.07.31 11:12:46 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrUIPlugin.dll
MOD - [2009.07.30 22:01:08 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Mobile Partner\DeviceMgrPlugin.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.09.08 18:29:56 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.11.24 01:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009.11.20 02:47:50 | 008,547,176 | ---- | M] (DisplayLink Corp.) [Auto | Running] -- C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe -- (DisplayLinkService)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2008.07.15 13:09:48 | 000,111,616 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\SysNative\AEADISRV.EXE -- (AEADIFilters)
SRV - [2012.01.13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.10 05:14:42 | 001,148,632 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.02.24 18:30:37 | 000,058,288 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet) Remote Procedure Call (RPC)
SRV - [2010.03.10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009.11.24 01:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programme\WTouch\WTouchService.exe -- (WTouchService)
SRV - [2009.08.27 16:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Unknown | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (Httpuvca__p)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 10:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.02.13 17:13:39 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2011.12.10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011.09.08 19:27:22 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2011.09.08 19:27:22 | 010,203,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.09.08 17:52:40 | 000,310,784 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.06.15 19:14:06 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2009.11.20 02:48:19 | 000,185,968 | ---- | M] (DisplayLink Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dlkmd.sys -- (dlkmd)
DRV:64bit: - [2009.11.20 02:48:19 | 000,013,936 | ---- | M] (DisplayLink Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\dlkmdldr.sys -- (dlkmdldr)
DRV:64bit: - [2009.09.10 15:31:56 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.07.24 15:52:14 | 000,114,560 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.07.14 02:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.07.14 02:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)
DRV:64bit: - [2009.06.10 21:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.20 20:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2009.05.18 13:31:56 | 000,497,152 | ---- | M] (Analog Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ADIHdAud.sys -- (ADIHdAudAddService)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.04.06 17:31:08 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)
DRV:64bit: - [2007.02.16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B DF 24 0C 66 10 CC 01  [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Facemoods Search"
FF - prefs.js..browser.search.selectedEngine: "Facemoods Search"
FF - prefs.js..browser.startup.homepage: "hxxp://de.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:de:official"
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.6.0.8153
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Domey\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Domey\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\crossriderapp498@crossrider.com: C:\Users\Domey\AppData\Local\RewardsArcade\498\Firefox
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.01.09 07:35:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.17 13:14:45 | 000,000,000 | ---D | M]
 
[2011.02.24 17:02:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domey\AppData\Roaming\mozilla\Extensions
[2012.02.08 18:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\bookmarkbackups\extensions
[2012.02.08 18:36:20 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\bookmarkbackups\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.24 19:32:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\c0ymkpao.default\extensions
[2011.03.31 12:12:22 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\c0ymkpao.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.24 19:32:40 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\c0ymkpao.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.02.08 18:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\minidumps\extensions
[2012.02.08 18:36:20 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\minidumps\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.02.08 18:36:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\startupCache\extensions
[2012.02.08 18:36:20 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Domey\AppData\Roaming\mozilla\Firefox\Profiles\startupCache\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.01.09 07:35:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.11.08 20:33:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
File not found (No name found) -- C:\USERS\DOMEY\APPDATA\LOCAL\REWARDSARCADE\498\FIREFOX
[2012.01.09 07:35:18 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.01.09 07:35:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.09 07:35:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.09 07:35:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.15 17:55:30 | 000,002,048 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.01.09 07:35:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.09 07:35:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.09 07:35:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Domey\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Domey\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: hxxp://www.facebook.com/ = C:\Users\Domey\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2011.12.12.27284_0\
CHR - Extension: hxxp://www.youtube.com/ = C:\Users\Domey\AppData\Local\Google\Chrome\User Data\Default\Extensions\gljmkepedihfojjfmjambblgjemocehi\2011.12.12.27282_0\
CHR - Extension: Bitdefender QuickScan = C:\Users\Domey\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.108_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O4:64bit: - HKLM..\Run: [SoundMAX] C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe (Analog Devices, Inc.)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TrayServer] C:\Program Files (x86)\MAGIX\Video_deluxe_17_Premium_Download-Version\Trayserver.exe (MAGIX AG)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background File not found
O4 - HKCU..\Run: [RDReminder]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Domey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Domey\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0D000754-6A6A-42CD-8A49-F19189F1772E}: DhcpNameServer = 213.94.78.16 213.94.78.17
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9D7DDD36-967E-4EE6-99B3-2711EDFF17B0}: NameServer = 194.24.128.100 81.3.216.100
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.) - E:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008.03.05 17:34:52 | 000,000,047 | R--- | M] () - E:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{0040d207-2009-11e1-8d6e-948459771ac1}\Shell - "" = AutoRun
O33 - MountPoints2\{0040d207-2009-11e1-8d6e-948459771ac1}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{28bbdd54-1eaf-11e1-9776-ec5b67572cd8}\Shell - "" = AutoRun
O33 - MountPoints2\{28bbdd54-1eaf-11e1-9776-ec5b67572cd8}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{28bbdd62-1eaf-11e1-9776-ec5b67572cd8}\Shell - "" = AutoRun
O33 - MountPoints2\{28bbdd62-1eaf-11e1-9776-ec5b67572cd8}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2ae32045-9291-11e0-a26f-00247e417d73}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae32045-9291-11e0-a26f-00247e417d73}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{2ae32049-9291-11e0-a26f-00247e417d73}\Shell - "" = AutoRun
O33 - MountPoints2\{2ae32049-9291-11e0-a26f-00247e417d73}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7907c5c6-43cd-11e0-9aad-00247e417d73}\Shell - "" = AutoRun
O33 - MountPoints2\{7907c5c6-43cd-11e0-9aad-00247e417d73}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7d1bdfc3-2256-11e1-9aac-dbe78d1518c0}\Shell - "" = AutoRun
O33 - MountPoints2\{7d1bdfc3-2256-11e1-9aac-dbe78d1518c0}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{7d1bdfd0-2256-11e1-9aac-dbe78d1518c0}\Shell - "" = AutoRun
O33 - MountPoints2\{7d1bdfd0-2256-11e1-9aac-dbe78d1518c0}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ab01ddca-411e-11e1-a4ad-934504c54cdc}\Shell - "" = AutoRun
O33 - MountPoints2\{ab01ddca-411e-11e1-a4ad-934504c54cdc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ab01ddd7-411e-11e1-a4ad-934504c54cdc}\Shell - "" = AutoRun
O33 - MountPoints2\{ab01ddd7-411e-11e1-a4ad-934504c54cdc}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{d9f0b3de-fa13-11e0-8ae5-8b099405f15b}\Shell - "" = AutoRun
O33 - MountPoints2\{d9f0b3de-fa13-11e0-8ae5-8b099405f15b}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{e6d57de7-2583-11e1-a67f-89c5793043cf}\Shell - "" = AutoRun
O33 - MountPoints2\{e6d57de7-2583-11e1-a67f-89c5793043cf}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{ecee6c4e-9768-11e0-a9c4-00247e417d73}\Shell - "" = AutoRun
O33 - MountPoints2\{ecee6c4e-9768-11e0-a9c4-00247e417d73}\Shell\AutoRun\command - "" = H:\SETUP.EXE
O33 - MountPoints2\{f2e3cc1c-402c-11e0-82d1-00247e417d73}\Shell - "" = AutoRun
O33 - MountPoints2\{f2e3cc1c-402c-11e0-82d1-00247e417d73}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\{f2e3cc2a-402c-11e0-82d1-00247e417d73}\Shell - "" = AutoRun
O33 - MountPoints2\{f2e3cc2a-402c-11e0-82d1-00247e417d73}\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\AutoRun.exe -- [2009.08.23 03:42:34 | 000,143,360 | R--- | M] (Huawei Technologies Co., Ltd.)
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.13 19:01:40 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Roaming\Malwarebytes
[2012.02.13 19:01:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.13 19:01:28 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.13 19:01:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.13 19:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.13 17:35:57 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Roaming\QuickScan
[2012.02.13 17:17:57 | 000,016,200 | ---- | C] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012.02.13 17:17:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\stinger
[2012.02.13 17:13:39 | 000,051,496 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012.02.13 17:13:39 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Roaming\Spyware Terminator
[2012.02.13 17:13:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Spyware Terminator
[2012.02.13 17:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
[2012.02.13 17:12:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spyware Terminator
[2012.02.13 11:47:07 | 000,000,000 | ---D | C] -- C:\Users\Domey\.swt
[2012.02.06 18:13:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CAPCOM
[2012.02.06 18:13:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CAPCOM
[2012.02.05 16:53:26 | 000,178,800 | ---- | C] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.02.05 16:43:37 | 000,000,000 | RH-D | C] -- C:\Users\Domey\AppData\Roaming\SecuROM
[2012.01.19 14:22:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LucasArts
[2012.01.19 14:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LucasArts
[2012.01.19 11:45:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.01.19 11:43:41 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\{627518DD-6598-4D16-A579-AE7B9268A1B8}
[2012.01.17 20:40:00 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\{50F2110F-AD17-45D3-82A4-555C264981C7}
[2012.01.17 18:08:03 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Roaming\pdfforge
[2012.01.17 18:08:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2012.01.17 18:08:01 | 001,071,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCTL.OCX
[2012.01.17 18:08:01 | 000,662,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCOMCT2.OCX
[2012.01.17 18:08:01 | 000,137,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMAPI32.OCX
[2012.01.17 18:08:00 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCMCDE.DLL
[2012.01.17 18:08:00 | 000,125,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\VB6DE.DLL
[2012.01.17 18:07:59 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSCC2DE.DLL
[2012.01.17 18:07:59 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MSMPIDE.DLL
[2012.01.17 18:07:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDFCreator
[2012.01.17 17:42:44 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.01.17 17:31:37 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\{718CC950-AE21-48E2-AA95-05BAE8472694}
[2012.01.17 16:41:11 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\{3833EFB4-89A0-4492-9D6D-65CFDDEE6853}
[2012.01.17 16:35:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
[2012.01.17 16:35:25 | 000,216,576 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2012.01.17 16:35:25 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012.01.17 16:35:25 | 000,114,560 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2012.01.17 16:35:25 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012.01.17 16:34:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mobile Partner
[2012.01.17 16:20:40 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\{4F1E0506-75C8-4081-9335-6E71EC7ED1F6}
[2012.01.17 15:38:37 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\{2E0F715C-2CF3-4DD8-AF9B-C6AE6BC6AE7E}
[2012.01.17 15:31:38 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\{14F62AAC-E0F5-4793-AA59-BED096ECC092}
[2012.01.17 14:10:03 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Local\Adobe
[2012.01.17 13:20:17 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Roaming\WordToPDF
[2012.01.17 13:20:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WordToPDF
[2012.01.17 13:18:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FreePDF_XP
[2012.01.17 13:18:14 | 000,000,000 | ---D | C] -- C:\Users\Domey\AppData\Roaming\FreePDF
[2012.01.17 13:17:46 | 000,000,000 | ---D | C] -- C:\Program Files\gs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.13 19:11:15 | 000,058,288 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
[2012.02.13 19:11:15 | 000,017,408 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
[2012.02.13 19:10:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.13 19:10:53 | 2411,409,408 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.13 19:10:51 | 000,017,408 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
[2012.02.13 19:10:51 | 000,017,408 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
[2012.02.13 19:05:07 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-322661914-1249441027-2608022225-1000Core.job
[2012.02.13 19:01:29 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.02.13 18:59:02 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-322661914-1249441027-2608022225-1000UA.job
[2012.02.13 18:11:39 | 001,480,602 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.02.13 18:11:39 | 000,647,376 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.02.13 18:11:39 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.02.13 18:11:39 | 000,127,404 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.02.13 18:11:39 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.02.13 17:17:57 | 000,016,200 | ---- | M] (McAfee, Inc.) -- C:\Windows\stinger.sys
[2012.02.13 17:13:39 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\stflt.sys
[2012.02.08 19:39:27 | 000,000,292 | ---- | M] () -- C:\Windows\tasks\DLL-files.com Fixer_UPDATES.job
[2012.02.08 18:36:15 | 000,001,358 | ---- | M] () -- C:\Users\Domey\Desktop\Free YouTube to MP3 Converter.lnk
[2012.02.05 16:53:26 | 000,178,800 | ---- | M] (Sony DADC Austria AG.) -- C:\Windows\SysWow64\CmdLineExt_x64.dll
[2012.01.30 16:07:07 | 000,612,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.01.17 18:04:50 | 000,000,043 | ---- | M] () -- C:\Windows\gswin64.ini
[2012.01.17 16:35:27 | 000,001,039 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.13 19:01:29 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.01.17 18:08:01 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\pdfcmnnt.dll
[2012.01.17 18:04:18 | 000,000,043 | ---- | C] () -- C:\Windows\gswin64.ini
[2012.01.17 16:35:27 | 000,001,039 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012.01.17 13:18:15 | 000,087,040 | ---- | C] () -- C:\Windows\SysNative\redmonnt.dll
[2012.01.17 13:18:15 | 000,046,080 | ---- | C] () -- C:\Windows\SysNative\unredmon.exe
[2012.01.17 13:14:46 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.09.14 10:47:40 | 000,053,760 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.06.16 14:51:52 | 000,286,212 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2011.03.17 18:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.02.24 18:49:16 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.02.24 16:54:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd9.dll
[2011.02.24 16:54:52 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\dlumd10.dll
[2011.02.24 16:54:24 | 000,000,880 | ---- | C] () -- C:\Windows\HBCIKRNL.INI
[2011.02.24 16:42:57 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.02.24 16:41:47 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.dll
[2011.02.24 16:41:06 | 000,017,408 | ---- | C] () -- C:\Windows\SysWow64\rpcnetp.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2007.04.27 09:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
 
========== LOP Check ==========
 
[2011.04.26 18:46:50 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\AnvSoft
[2012.02.13 16:45:35 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\Azureus
[2011.10.30 13:33:50 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\Canneverbe Limited
[2011.05.12 08:54:43 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\CrypTool
[2012.01.17 17:46:01 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\DAEMON Tools Lite
[2011.10.30 13:32:29 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\DeepBurner
[2011.10.27 17:28:38 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\dll-files.com
[2012.02.08 18:36:37 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\DVDVideoSoft
[2011.03.31 12:12:22 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.17 18:07:18 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\FreePDF
[2011.08.13 15:46:34 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\MAGIX
[2012.01.17 18:08:03 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\pdfforge
[2011.03.11 18:33:33 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\Publish Providers
[2012.02.13 17:36:02 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\QuickScan
[2011.08.19 10:00:36 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\Serif
[2011.03.11 18:41:19 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\Sony
[2012.02.13 17:13:39 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\Spyware Terminator
[2011.03.13 00:44:30 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\Ulead Systems
[2012.01.17 13:21:09 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\WordToPDF
[2011.04.27 22:01:17 | 000,000,000 | ---D | M] -- C:\Users\Domey\AppData\Roaming\WTouch
[2012.02.08 19:39:27 | 000,000,292 | ---- | M] () -- C:\Windows\Tasks\DLL-files.com Fixer_UPDATES.job
[2012.01.01 16:31:56 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
         
__________________


Antwort

Themen zu Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr!
avira, explorer, externe festplatte, falsch, fehlermeldung, festplatte, forum, frage, klick, laptop, leer, mcafee, namen, nicht gefunden, nicht mehr, ordner, problem, programme, recycle.bin, recycler, spanisch, spyware, virus, warnmeldung, wichtige daten, wurm, öffnen



Ähnliche Themen: Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr!


  1. Virus erstellt Verknüpfungen auf externen Geräten und setzt MP3 Player außer Gefecht
    Log-Analyse und Auswertung - 22.04.2015 (10)
  2. Ordner und Dateien auf externen Laufwerken werden nur als Verknüpfungen angezeigt
    Log-Analyse und Auswertung - 04.10.2014 (19)
  3. Ordner auf Externen Festplatte werden nur noch als Verknüpfungen angezeigt
    Log-Analyse und Auswertung - 07.10.2012 (3)
  4. RECYCLER Ordner auf externen Datenträgern, Nur noch Verknüpfungen..Wo sind meine Daten hin?
    Plagegeister aller Art und deren Bekämpfung - 04.10.2012 (4)
  5. Virus - Ordner auf externen Datenträgern werden zu Verknüpfungen
    Log-Analyse und Auswertung - 23.02.2012 (7)
  6. Ordner der Externen Festplatte sind plötzlich Verknüpfungen
    Plagegeister aller Art und deren Bekämpfung - 04.02.2012 (26)
  7. recycler 470a1245.exe Kann auf Ordner auf der externen Platte nicht mehr zugreifen.
    Log-Analyse und Auswertung - 06.01.2012 (1)
  8. Ordner werden auch bei mir nach Virenbefall auf der Externen nur noch als Verknüpfungen angezeigt
    Log-Analyse und Auswertung - 03.12.2011 (4)
  9. Ordner auf Externer WD HDMI Festplatte lassen sich nicht mehr öffnen, PC hängt sich auf
    Netzwerk und Hardware - 17.11.2011 (14)
  10. Auf externen Datenträgern werden Ordner zu Verknüpfungen
    Log-Analyse und Auswertung - 06.11.2011 (4)
  11. Alle Ordner auf externen Speichermedien sind Verknüpfungen
    Log-Analyse und Auswertung - 30.10.2011 (2)
  12. Ordner auf externer Festplatte werden nur noch als Verknüpfungen angezeigt, die sich nicht öffnen
    Log-Analyse und Auswertung - 17.10.2011 (24)
  13. Bilder lassen sich von externen Platte nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 16.10.2011 (1)
  14. Alle Ordner auf externen Speichermedien nur noch Verknüpfungen
    Log-Analyse und Auswertung - 07.08.2011 (2)
  15. b71b77f5.exe - Ordner auf externen Speichermedien werden zu Verknüpfungen nach cmd.exe
    Log-Analyse und Auswertung - 18.07.2011 (5)
  16. b71b77f5.exe - Ordner auf externen Speichermedien werden zu Verknüpfungen nach cmd.exe
    Plagegeister aller Art und deren Bekämpfung - 13.07.2011 (1)
  17. Internet Explorer-Verknüpfungen lassen sich vom Desktop nicht mehr öffnen
    Plagegeister aller Art und deren Bekämpfung - 24.09.2004 (2)

Zum Thema Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr! - Guten Abend! Das ist mein erster Post in diesem Forum, hoffe ich mache nichts falsch und mir kann geholfen werden Also zu meinem Problem: Habe vor ca. 2 Stunden meine - Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr!...
Archiv
Du betrachtest: Verknüpfungen auf externen Geräten - Ordner öffnen sich nicht mehr! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.