Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Viruswarnung von Avast in dem syswow64 Ordner

Viruswarnung von Avast in dem syswow64 Ordner


Log-Analyse und Auswertung: Viruswarnung von Avast in dem syswow64 Ordner

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 05.09.2012, 20:03   #1
Indymama
 
Viruswarnung von Avast in dem syswow64 Ordner - Standard

Viruswarnung von Avast in dem syswow64 Ordner


Wie in der Titelleiste beschrieben bekomme ich ständige Virenwarnungen in diesem Orner. dieser ist auch am 2. 9. erst neu erstellt bzw geändert worden. Installiert habe ich nichts neu.
Ich habe Win 7 64 bit.
Leider kenne ich mich mit win 7 noch nicht so aus XP habe ich relativ gut beherrscht und wusste welcher Orner zu was gehörte und konnte so Veränderungen schnell zuornen.
Diesmal stehe ich im Regen. Mir war der Order nie aufgefallen.
Ich wollte ihn löschen, da kam die Antwort ich brauche die Rechte von TrustInstaller, was ich nicht verstehe.

OTLTxt.
OTL logfile created on: Mittwoch, 05.09.12 20:29:30 - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = D:\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dddd, dd.MM.yy

7,98 Gb Total Physical Memory | 6,64 Gb Available Physical Memory | 83,19% Memory free
15,96 Gb Paging File | 14,13 Gb Available in Paging File | 88,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 47,34 Gb Free Space | 48,53% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 823,37 Gb Free Space | 98,74% Space Free | Partition Type: NTFS

Computer Name: * | User Name:* | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/09/05 20:26:15 | 000,599,040 | ---- | M] (OldTimer Tools) -- D:\Downloads\OTL.exe
PRC - [2012/09/02 14:38:35 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2012/08/21 11:12:26 | 004,282,728 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastUI.exe
PRC - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe
PRC - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) -- D:\Programme\PSI Secuna\PSI\psia.exe
PRC - [2011/10/14 08:01:48 | 000,399,416 | ---- | M] (Secunia) -- D:\Programme\PSI Secuna\PSI\sua.exe


========== Modules (No Company Name) ==========

MOD - [2012/09/02 14:38:34 | 002,242,528 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf


========== Services (SafeList) ==========

SRV:64bit: - [2012/02/14 22:16:40 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/09/29 03:51:08 | 000,203,264 | ---- | M] (AMD) [On_Demand | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012/08/21 11:12:25 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012/08/16 12:27:17 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/03/08 18:47:14 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/03/07 13:09:42 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2012/03/07 13:09:08 | 000,079,360 | ---- | M] (Creative Labs) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2011/10/14 08:01:50 | 000,994,360 | ---- | M] (Secunia) [Auto | Running] -- D:\Programme\PSI Secuna\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2011/10/14 08:01:48 | 000,399,416 | ---- | M] (Secunia) [On_Demand | Running] -- D:\Programme\PSI Secuna\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/01/09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009/08/31 23:00:28 | 001,821,184 | ---- | M] (UASSOFT.COM) [On_Demand | Stopped] -- C:\Program Files (x86)\Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/02/23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Disabled | Stopped] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/08/21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/08/21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/08/21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/08/21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/08/21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/06/04 14:29:00 | 000,134,880 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\acedrv09.sys -- (acedrv09)
DRV:64bit: - [2012/04/29 17:44:38 | 000,015,672 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SWDUMon.sys -- (SWDUMon)
DRV:64bit: - [2012/03/08 12:14:01 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2012/03/07 13:07:14 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 17:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 17:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/01/30 14:58:40 | 000,036,448 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/09/29 04:26:12 | 007,883,264 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/09/29 03:14:48 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/09/01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010/08/24 11:55:43 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/06/11 15:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2010/02/18 10:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/04/30 01:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2000/01/01 02:00:00 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2000/01/01 02:00:00 | 000,082,048 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2000/01/01 02:00:00 | 000,056,448 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2000/01/01 02:00:00 | 000,042,624 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2000/01/01 02:00:00 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV - [2012/01/03 22:22:54 | 000,055,936 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.1)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 38 C2 BA 31 76 1D CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://mail.aol.com/35700-111/aol-6/de-de/Suite.aspx"
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120827
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10
FF - prefs.js..extensions.enabledAddons: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.5
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.0: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.0: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0-git-20120217-1212: D:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Programmme\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/06/23 20:55:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\Alwil Software\Avast5\WebRep\FF [2012/08/30 17:31:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/02 14:38:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/08/30 17:32:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

[2012/03/07 13:33:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2012/09/02 14:41:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\s3mh33u4.default\extensions
[2012/08/30 17:30:18 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Antje\AppData\Roaming\mozilla\Firefox\Profiles\s3mh33u4.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/06/23 20:55:53 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Antje\AppData\Roaming\mozilla\Firefox\Profiles\s3mh33u4.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/08/30 17:30:39 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\s3mh33u4.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}
[2012/07/31 12:30:00 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\s3mh33u4.default\extensions\firefox@ghostery.com
[2012/09/02 14:41:11 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\s3mh33u4.default\extensions\foxmarks@kei.com
[2012/07/31 12:30:01 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Antje\AppData\Roaming\mozilla\firefox\profiles\s3mh33u4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/09/05 16:22:59 | 000,002,112 | ---- | M] () -- C:\Users\*\AppData\Roaming\mozilla\firefox\profiles\s3mh33u4.default\searchplugins\wot-safe-search.xml
[2012/03/19 17:47:31 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/09/02 14:38:35 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/18 14:49:17 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/09/02 14:38:34 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/18 14:49:17 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/03/18 14:49:17 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/03/18 14:49:17 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/03/18 14:49:17 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2012/05/06 11:40:58 | 000,000,987 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\Alwil Software\Avast5\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\Alwil Software\Avast5\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [avast] C:\Program Files\Alwil Software\Avast5\avastUI.exe (AVAST Software)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [ASRockXTU] File not found
O4 - HKCU..\Run: [zASRockInstantBoot] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Antje\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B2A850B7-57D5-4FE3-AD13-762C198C609E}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/09/05 17:02:27 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No23 Recorder
[2012/09/03 16:56:21 | 000,000,000 | ---D | C] -- C:\Users\*****\Kxgcccxx
[2012/09/02 14:47:40 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\NokiaAccount
[2012/09/02 14:46:59 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Local\Nokia
[2012/09/02 14:46:58 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\PC Suite
[2012/09/02 14:46:57 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Suite
[2012/09/02 14:46:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Nokia
[2012/09/02 14:46:22 | 000,000,000 | ---D | C] -- C:\Program Files\DIFX
[2012/09/02 14:46:21 | 000,026,112 | ---- | C] (Nokia) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys
[2012/09/02 14:45:59 | 000,057,856 | ---- | C] (Nokia) -- C:\Windows\SysNative\nmwcdclsX64.dll
[2012/09/02 14:45:08 | 000,000,000 | ---D | C] -- C:\ProgramData\NokiaInstallerCache
[2012/09/02 14:45:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Nokia
[2012/08/30 22:07:24 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/08/30 22:07:24 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/08/30 22:07:23 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/08/30 22:07:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/08/30 22:07:22 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/08/30 22:07:22 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/08/30 22:07:22 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/08/30 22:07:22 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/08/30 22:07:21 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/08/30 22:07:21 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/08/30 22:07:21 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/08/30 22:07:20 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/08/30 22:07:20 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/08/30 17:32:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012/08/30 16:53:33 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll
[2012/08/30 16:53:30 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2012/08/30 16:53:30 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2012/08/30 16:53:30 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe
[2012/08/30 16:53:29 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll
[2012/08/30 16:53:29 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll
[2012/08/30 16:53:29 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll
[2012/08/30 16:53:26 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll
[2012/08/10 12:31:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012/08/10 11:48:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012/08/10 11:48:54 | 000,000,000 | ---D | C] -- C:\Users\*\AppData\Local\Google
[2007/08/13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\Antje\AppData\Local\CDRip.dll
[2007/01/18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\Antje\AppData\Local\No23 Recorder.exe
[2006/12/11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\Antje\AppData\Local\basscd.dll
[2006/12/11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\Antje\AppData\Local\bass.dll

========== Files - Modified Within 30 Days ==========

[2012/09/05 20:27:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/05 20:06:17 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/05 20:06:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/05 18:17:00 | 000,000,266 | ---- | M] () -- C:\Windows\tasks\AutoKMS.job
[2012/09/05 18:03:33 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/09/05 18:03:33 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/09/05 18:03:33 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/09/05 18:03:33 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/09/05 18:03:33 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/09/05 17:24:57 | 000,001,474 | ---- | M] () -- C:\Users\*****\AppData\Local\RecConfig.xml
[2012/09/05 17:02:41 | 000,000,992 | ---- | M] () -- C:\Users\*****\Desktop\No23 Recorder.lnk
[2012/09/05 16:26:40 | 000,029,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/05 16:26:40 | 000,029,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/05 16:19:02 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/05 16:18:35 | 2131,681,279 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/31 16:09:33 | 002,374,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/08/30 17:31:39 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012/08/30 16:44:29 | 318,273,022 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/08/21 11:13:13 | 000,969,200 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012/08/21 11:13:13 | 000,359,464 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012/08/21 11:13:13 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012/08/21 11:13:12 | 000,071,600 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012/08/21 11:13:12 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012/08/21 11:13:11 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012/08/21 11:12:33 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012/08/21 11:12:23 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012/08/21 11:12:02 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012/08/16 12:27:16 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/16 12:27:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/10 18:06:23 | 002,338,210 | ---- | M] () -- C:\Users\*****\Documents\autoaufkleber.psd

========== Files Created - No Company Name ==========

[2012/09/05 17:24:57 | 000,001,474 | ---- | C] () -- C:\Users\*****\AppData\Local\RecConfig.xml
[2012/09/05 17:02:41 | 000,000,992 | ---- | C] () -- C:\Users\*****\Desktop\No23 Recorder.lnk
[2012/08/30 17:32:52 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012/08/10 17:55:33 | 002,338,210 | ---- | C] () -- C:\Users\Antje\Documents\autoaufkleber.psd
[2012/08/10 11:49:06 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/10 11:49:04 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/06/04 14:29:00 | 000,089,312 | ---- | C] () -- C:\Windows\SysWow64\acedrv09.dll
[2012/03/08 12:37:13 | 000,000,173 | ---- | C] () -- C:\Users\Antje\AppData\Local\msmathematics.qat.Antje
[2012/03/07 13:17:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/02/14 22:05:16 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2007/08/13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\*****\AppData\Local\lame_enc.dll
[2006/10/26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\*****\AppData\Local\vorbisenc.dll
[2006/10/26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\*****\AppData\Local\vorbisfile.dll
[2006/10/26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\*****\AppData\Local\vorbis.dll
[2006/10/26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\*****\AppData\Local\ogg.dll
[2005/08/23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\*****\AppData\Local\no23xwrapper.dll

========== LOP Check ==========

[2012/03/20 18:58:20 | 000,000,000 | ---D | M] -- C:\Users\*****\AppData\Roaming\Ashampoo
[2012/06/23 20:55:52 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\Audacity
[2012/03/18 18:05:34 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\Babylon
[2012/06/14 17:46:29 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\Canneverbe Limited
[2012/05/07 11:21:04 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/06/17 18:35:13 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\DVDVideoSoft
[2012/06/17 18:34:57 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/06/14 17:48:05 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\GitarreroBeginner
[2012/06/14 17:46:29 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\GitarreroSoftware
[2012/06/14 17:48:07 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\MusE
[2012/06/14 17:46:37 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\OpenOffice.org
[2012/09/02 14:46:58 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\PC Suite
[2012/03/08 19:20:18 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\Temp
[2012/08/30 17:32:54 | 000,000,000 | ---D | M] -- C:\Users\*\AppData\Roaming\Thunderbird
[2012/09/05 18:17:00 | 000,000,266 | ---- | M] () -- C:\Windows\Tasks\AutoKMS.job
[2012/06/24 18:31:32 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

Extra.txt
OTL Extras logfile created on: Mittwoch, 05.09.12 20:29:30 - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = D:\Downloads
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dddd, dd.MM.yy

7,98 Gb Total Physical Memory | 6,64 Gb Available Physical Memory | 83,19% Memory free
15,96 Gb Paging File | 14,13 Gb Available in Paging File | 88,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 97,56 Gb Total Space | 47,34 Gb Free Space | 48,53% Space Free | Partition Type: NTFS
Drive D: | 833,85 Gb Total Space | 823,37 Gb Free Space | 98,74% Space Free | Partition Type: NTFS

Computer Name: * | User Name: * | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09E39CF2-B1D9-41F8-821C-FA4166A1554B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1710A4C0-45B4-4985-A8A8-BB88887A80A1}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2655F875-F396-4C63-8054-9DCD782DB661}" = lport=10243 | protocol=6 | dir=in | app=system |
"{2EFE3C3B-350A-4ABD-B145-44593330D6EA}" = lport=137 | protocol=17 | dir=in | app=system |
"{38AA0872-F088-4DFF-A4CB-C8EED66ECBD2}" = rport=138 | protocol=17 | dir=out | app=system |
"{42F70861-6109-40E7-9B9E-62C55D267EDA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{43FE8813-EF35-4D4B-BF95-D5D0D2084E37}" = lport=138 | protocol=17 | dir=in | app=system |
"{4B186C7B-2AE2-4314-A9F0-3C810A87A1B0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7655C642-8EF5-492B-8A3E-4F2EBB7366A1}" = lport=445 | protocol=6 | dir=in | app=system |
"{8EAA353C-CFC9-442E-9D59-DF6E6149E63B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{94769662-E53F-439D-83A9-BF70DBBB666A}" = rport=137 | protocol=17 | dir=out | app=system |
"{A12C8B30-4E63-4BE8-84C1-AA1098967F9A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE30C2AA-C274-4C8A-AECF-7B5B7B6A0C5C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{B061B1D0-F89C-42F6-9347-A70F81241545}" = rport=445 | protocol=6 | dir=out | app=system |
"{B3437890-2EC6-438D-9198-B43727647610}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B6A31FAA-7C6D-496D-81D2-1B5ACB46F21F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{C4C66221-7642-4760-AB3B-47DF1E332BF8}" = rport=139 | protocol=6 | dir=out | app=system |
"{CB746F42-D949-4CB6-9392-05D45F3DBA94}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE5D6435-684B-4DB6-B564-2F374915C6BA}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D6CDF869-BF67-4DDA-B69E-0680F5A51020}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{DB8FAC49-6473-49DF-BE2A-AFFD35D9D53B}" = lport=139 | protocol=6 | dir=in | app=system |
"{E3B5B3D9-CD0D-4C67-9E80-5752686EDDBC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{E4A5DE21-DBA4-4349-9901-AAC8C38AEC60}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EE542FEB-FE26-4ABC-8B4E-61C1B8252F1D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{050B756A-7D09-420F-89B0-36FBF693AEB6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1081BA21-E992-4996-A7D6-E8DFB0DB2A48}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{12458E8D-EF33-4770-99CB-6D77F73BC347}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2965F38A-49B8-43B1-A457-5ED7E618E161}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3063A6E3-5882-460D-B3D0-992EA3BD5710}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{332FA4F5-8643-4591-8156-A9A6AA7B91CE}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{3B6A217B-C0DF-43E0-8A29-1344FF5994BF}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5AFB3AE9-D4B1-472C-B0A5-BA76E66C14F0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{75436C35-6926-47A2-A8A9-02801296BC2D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7E773686-D4F9-4A23-A4C9-53879DFCEDDF}" = protocol=6 | dir=out | app=system |
"{8BFD4619-6FDB-4F8C-9E28-EF3EE1154C09}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{962E33FD-8BA5-48BA-B77C-DFC4FBB02647}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97578D7B-8BE4-4395-BD3F-56BDA706D3BD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A19C18DF-D41C-456B-8710-A47C6100A27C}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A23654FE-EBBD-423D-A14E-4C6E64D62D30}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{A5A2F3C1-8F72-433A-A806-2627AB76C178}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{AD0CD557-5D10-40C6-9F4C-7AD84233E26D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B5CB4159-8975-4DAC-884B-E9CCD05764EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8FFF704-0EBD-489B-9231-1612E72D8F36}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{BCE3B46A-50C1-4EC2-88AB-DF4DE6ED05FA}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CD2EB4E0-CCF4-4CB4-A0EB-3F8D7D072494}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{EC06B0F5-1EF0-4F53-B567-BABFCD9C2E90}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{F3212531-D4E2-4593-8085-E2ADFF18DED5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"TCP Query User{0E5ED087-084E-4D67-9DEF-0B89BF8EE071}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=6 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"TCP Query User{46E8DE19-6929-4B0C-A76D-CB7D482CB76A}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"TCP Query User{BADAC3F6-2B00-484D-91AE-A35BF661E4FE}D:\downloads\sardu_2.0.4.3\sardu_x64.exe" = protocol=6 | dir=in | app=d:\downloads\sardu_2.0.4.3\sardu_x64.exe |
"UDP Query User{0D348395-FD8F-4BD7-BA9F-AD809F807B98}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{382D1BF7-F5C8-43DF-8ABF-FA45C9E172D5}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe" = protocol=17 | dir=in | app=c:\windows\microsoft.net\framework\v2.0.50727\vbc.exe |
"UDP Query User{627CB38B-C651-4319-A3A4-633BD6AA2460}D:\downloads\sardu_2.0.4.3\sardu_x64.exe" = protocol=17 | dir=in | app=d:\downloads\sardu_2.0.4.3\sardu_x64.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86417005FF}" = Java(TM) 7 Update 5 (64-bit)
"{391ED0B2-B886-A6D0-B1A6-C25A7FE5B452}" = ATI AVIVO64 Codecs
"{4A2DE0FA-BB5C-4154-CB34-CE0CB920BEAD}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{4F8A27CA-6788-7965-3259-5C3B9C37FCD8}" = ATI Problem Report Wizard
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6D80AAE7-FF65-4950-B1CA-3A7EA4995574}_is1" = Adobe Reader 64-bit fixes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{83ED5086-5D6B-698F-5CD4-2F631DA8FD69}" = AMD Drag and Drop Transcoding
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8CC4F2B6-07EB-D27F-AFD5-7D9E5ACFAD65}" = AMD Fuel
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B04FC536-A80C-D862-A8A6-16459DB26D41}" = AMD Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"VLC media player" = VLC media player 2.1.0-git-20120217-1212

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0160AE9C-7ABB-F615-EDB1-4151DF0D12A8}" = Catalyst Control Center InstallProxy
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{061F7A5C-0655-B5E4-6F42-5FFEC0F37721}" = CCC Help Japanese
"{07BFA98D-6DB0-6D9C-95D5-7EF347AF587B}" = HydraVision
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09AC81F2-A4F3-66D6-F25F-1609EF9B3E55}" = CCC Help Chinese Standard
"{0BD171A4-7DAC-A12B-14E3-E33DA0B6FE6A}" = CCC Help Finnish
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{17700924-F2F1-CAFB-4B6A-546A031305FA}" = CCC Help Spanish
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1912032B-2FDF-483A-FA2B-1F4A9D73F341}" = CCC Help Thai
"{1B5C0E90-65E1-8A0C-C69B-93BA154212A7}" = CCC Help Russian
"{1D4BA420-070F-3F9B-4969-126689978A98}" = CCC Help Greek
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2198B991-FCB1-F74E-26C9-5F7127B9DB0F}" = ccc-core-static
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{305B866D-F979-D107-7CD3-9C35E8E07FAD}" = CCC Help Italian
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3CCF4608-EE15-B263-DA9A-DF63E42081EF}" = CCC Help Turkish
"{48B41C3A-9A92-4B81-B653-C97FEB85C910}" = C4USelfUpdater
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CDA414B-9E1B-82DD-B6C6-D9B9FB96B8D7}" = AMD VISION Engine Control Center
"{5075FA17-AD98-C2B7-EA00-5B94C8FA7133}" = CCC Help Swedish
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5505EAB8-9F72-8837-348E-CBF318ADAD46}" = CCC Help German
"{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"{591E94FB-F15C-5045-F87A-E0840A540639}" = CCC Help Hungarian
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{664F3F50-AB45-897C-EDFA-095E0ADD5C67}" = CCC Help Polish
"{6820C1C5-176F-E45E-2905-76AA8591639B}" = CCC Help French
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6C036B50-FBB9-51FD-DEC4-BF4724A37331}" = CCC Help Korean
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8A54BB79-658E-84A4-FBB7-93FD1EB20174}" = CCC Help Danish
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{97C88AC2-BB76-28E0-E327-60D34F986527}" = CCC Help Czech
"{98DAE47C-159D-9CE1-F315-69A6AD262995}" = CCC Help Chinese Traditional
"{9B01A62F-5908-23B7-CBB9-307D47FB0158}" = CCC Help English
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A0D2B948-BB85-589F-D283-2145A54BB11B}" = CCC Help English
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B282CB34-95CC-06B2-DFBC-07617F722837}" = CCC Help Spanish
"{B2B74B47-3CEF-A1E3-88CC-A9F60BBA2DA6}" = CCC Help Danish
"{B2D15950-F118-BE64-018D-38F8BA86EDBF}" = Catalyst Control Center Localization All
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{CFCEDA9A-1B02-1DD1-A01D-664F0A320A7F}" = CCC Help Norwegian
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DCEB31F0-3213-0003-3B1E-F7026B1637AA}" = CCC Help Greek
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{ED9E5BCC-371A-5BE1-6DC6-CF7D8DC9A2B7}" = CCC Help Czech
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3F8BEC4-1D0E-9E50-0AF6-54A16094C92E}" = CCC Help German
"{F6DAC07A-B4E9-B018-8D46-7A128E80F067}" = CCC Help Dutch
"{F800A95D-3CC1-1BBB-05AF-39AC94BCAE06}" = CCC Help Portuguese
"{FEED8571-7B09-0A02-BD38-C28245B264D4}" = CCC Help Finnish
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"5513-1208-7298-9440" = JDownloader 0.9
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"Ashampoo Burning Studio Elements_is1" = Ashampoo Burning Studio Elements 10.0.9
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.57
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.26
"Audacity_is1" = Audacity 2.0
"avast" = avast! Free Antivirus
"BestPractice" = BestPractice (remove only)
"CDex" = CDex - Open Source Digital Audio CD Extractor
"Finale NotePad 2008" = Finale NotePad 2008
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.24.608
"InstallShield_{55BFC356-5A7B-482F-A213-9ACFDDFF6037}" = Mouse Driver
"MixPad" = MixPad
"Mozilla Firefox 15.0 (x86 de)" = Mozilla Firefox 15.0 (x86 de)
"Mozilla Thunderbird 15.0 (x86 de)" = Mozilla Thunderbird 15.0 (x86 de)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"RealPlayer 15.0" = RealPlayer
"Secunia PSI" = Secunia PSI (2.0.0.4003)
"WavePad" = WavePad Sound Editor
"XFastUsb" = XFastUsb

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - Freitag, 15.06.12 12:50:39 | Computer Name = * | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - Freitag, 15.06.12 12:50:40 | Computer Name = * | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - Freitag, 15.06.12 12:50:40 | Computer Name = * | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - Freitag, 15.06.12 12:50:41 | Computer Name = * | Source = .NET Runtime Optimization Service | ID = 1101
Description =

Error - Freitag, 15.06.12 16:53:41 | Computer Name = * | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 13.0.0.4535,
Zeitstempel: 0x4fc8de63 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll_unloaded,
Version: 0.0.0.0, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x6b6e9903 ID des fehlerhaften Prozesses: 0x41c Startzeit der fehlerhaften Anwendung:
0x01cd4b38856f5da1 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla
Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll
Berichtskennung:
2f7dc00d-b72c-11e1-8e36-002522fc36c4

Error - Mittwoch, 27.06.12 13:28:31 | Computer Name = * | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 13.0.1.4548 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a68 Startzeit:
01cd548321398aca Endzeit: 60 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
78297d65-c07d-11e1-9e52-002522fc36c4

Error - Samstag, 07.07.12 10:29:45 | Computer Name = * | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_262.exe,
Version: 11.3.300.262, Zeitstempel: 0x4fe20fae Name des fehlerhaften Moduls: NPSWF32_11_3_300_262.dll,
Version: 11.3.300.262, Zeitstempel: 0x4fe21212 Ausnahmecode: 0xc0000005 Fehleroffset:
0x00490fb1 ID des fehlerhaften Prozesses: 0xbe4 Startzeit der fehlerhaften Anwendung:
0x01cd5c46435113dc Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll
Berichtskennung:
32405518-c840-11e1-8796-002522fc36c4

Error - Sonntag, 08.07.12 15:01:31 | Computer Name = * | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Photoshop.exe, Version: 10.0.0.0,
Zeitstempel: 0x4601eae8 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0xffffffff ID des fehlerhaften
Prozesses: 0xc2c Startzeit der fehlerhaften Anwendung: 0x01cd5d26b0cceeea Pfad der
fehlerhaften Anwendung: D:\Programme\Adobe\Adobe Photoshop CS3\Photoshop.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 53c19f44-c92f-11e1-857c-002522fc36c4

Error - Dienstag, 31.07.12 14:23:13 | Computer Name = * | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "L:\Programme\Windows
Starter Kit\System & Tuning\SoftonicDownloader_fuer_finale-notepad.exe". Fehler
in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - Mittwoch, 05.09.12 11:00:21 | Computer Name = * | Source = MsiInstaller | ID = 11314
Description =

[ System Events ]
Error - Sonntag, 02.09.12 08:54:10 | Computer Name = *| Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Sonntag, 02.09.12 08:54:10 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Sonntag, 02.09.12 08:54:11 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Mittwoch, 05.09.12 10:19:18 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Mittwoch, 05.09.12 10:19:18 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Mittwoch, 05.09.12 10:19:19 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Mittwoch, 05.09.12 10:19:19 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Mittwoch, 05.09.12 10:19:20 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR7 gefunden.

Error - Mittwoch, 05.09.12 10:26:45 | Computer Name = * | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
(Definition 1.135.415.0)

Error - Mittwoch, 05.09.12 12:01:01 | Computer Name = * | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk7\DR8 gefunden.


< End of report >


Leider lässt sich dies nicht per Anhang einfügen.
Ich dachte immer es liegt an AOL, da habe ich das Problem mit einem externen Mailprogramm umgangen.
Jetzt hier das gleiche!
Auf das Anhangsymbol geklickt Datei auswählen BUmms
PC aufgehängt nicht mal der Taskmanager geht also Kaltstart

Dies wird aber denke ich ein anderes Problem sein!

Die beiden TXT Dateien sind vor dem Neustart erstellt und danach einkopiert.

Ich danke schon mal im voraus und hoffe auf Hilfe

Indymama

Alt 06.09.2012, 16:21   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Viruswarnung von Avast in dem syswow64 Ordner - Standard

Viruswarnung von Avast in dem syswow64 Ordner


Zitat:
Wie in der Titelleiste beschrieben bekomme ich ständige Virenwarnungen in diesem Orner.
Schön und wo sind die Logs dazu?

Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
__________________

__________________
Alt 07.09.2012, 12:51   #3
Indymama
 
Viruswarnung von Avast in dem syswow64 Ordner - Standard

Viruswarnung von Avast in dem syswow64 Ordner


Ich weiß nicht, was ich posten soll.
Der Virenscanner meldete nur, dass der Ordner sysWow64 unerlaubterweise auf das Netz zugreifen will und Avast dies verhindert hat.
Komischerweise finde ich nix in den Statistiken von Avast.
Der komplette Suchdurchlauf war ohne Befund.
Nun komme ich ins Zweifeln!
Heute hatte ich die Fehlermeldung bzw. Virenmeldung noch nicht.

Ich hatte einfach das Programm OTL gestartet und die Textdateien gepostet.
So genau kenne ich mich nicht aus.

Ich dachte aus diesen Textdateien kann ein Profi was rauslesen, was für mich Bömische Dörfer sind.
Sorry, dass ich da wohl falsch lag!

Ich wollte heute genau nach eurere Anleitung gehen.

Zitat:
Erstelle ein neues Thema und poste den Inhalt von

OTL.txt
EXTRAS.txt
Gmer.txt ( Bei 32 bit Systemen ) [brauche ich nicht, ich habe win 7 64 bit]

Der Defogger lässt sich aber nicht starten. Der "Disabele" Button kann ich klicken. Danach kommt folgende Meldung (Leider kann ich kaum Englisch)

"defogger will forcefully terminate and disable all cd Emulator related driver and processses. You will not be able to use this software until you click Re-enable. please do not click Disable again, unless instructed otherwise. The scan may take a minute or two, this is normal."
Egal ob ich ja oder nein klicke kommt dann finish OK und kein Scann.

Ich glaube ich bin doch zu blöd. Was mache ich falsch?
__________________
Alt 09.09.2012, 20:48   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Viruswarnung von Avast in dem syswow64 Ordner - Standard

Viruswarnung von Avast in dem syswow64 Ordner


Zitat:
Ich weiß nicht, was ich posten soll.
Wurde deutlich gesagt was du posten sollst!
Ohne die Logs von Avast werde ich nicht helfen
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 12.09.2012, 18:11   #5
Indymama
 
Viruswarnung von Avast in dem syswow64 Ordner - Standard

Viruswarnung von Avast in dem syswow64 Ordner


Also, da ich keine Logs von Avast habe und die Viruswarnung auch nicht wieder aufgetreten ist, denke ich hat sich das Problen erledigt!
Ich danke trotzdem.

Ich muss sowieso das System mal wieder neu aufsetzen, falls noch was sich eingenistet hat.

Also DANKE


Alt 12.09.2012, 20:52   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Viruswarnung von Avast in dem syswow64 Ordner - Standard

Viruswarnung von Avast in dem syswow64 Ordner


Vllt findest du die Logs nur nicht?
=> Hinweis avast! 7 / 6 / 5 / 4 - Häufig gestelle Fragen und Wissensdatenbank
__________________
--> Viruswarnung von Avast in dem syswow64 Ordner

Antwort

Themen zu Viruswarnung von Avast in dem syswow64 Ordner
.com, 7-zip, antivirus, autorun, bho, converter, document, error, firefox, flash player, format, google earth, helper, iexplore.exe, install.exe, jdownloader, langs, logfile, mozilla, mp3, msiinstaller, plug-in, problem, realtek, registry, richtlinie, rundll, scan, secunia psi, security, senden, software, svchost.exe, taskmanager, usb 3.0, windows


« TR/ATRAPS.Gen, TR/ATRAPS.Gen2, BDS/ZAccess.V u. a. | Nach Malwaresuchlauf Computerprobleme »


Ähnliche Themen: Viruswarnung von Avast in dem syswow64 Ordner


  1. Nach USB-Stick: Avast meldet blockieren der Websites disorderstatus.ru und diferentia.ru; Prozess windows\SysWOW64\msiexec
    Log-Analyse und Auswertung - 14.09.2015 (13)
  2. Avast meldet anythicago im System32 Ordner
    Plagegeister aller Art und deren Bekämpfung - 11.06.2015 (12)
  3. Trojaner auf dem Rechner; Avast meldet Bedrohung und nicht durchsuchbare Ordner
    Plagegeister aller Art und deren Bekämpfung - 03.01.2015 (7)
  4. Hilfe: Avast hat Rootkit hidden files in WinSxS Ordner gefunden
    Log-Analyse und Auswertung - 17.01.2014 (5)
  5. Windows 7: Avast erkennt Win32:Evo-gen im Steam Ordner - Fehlalarm oder nicht?
    Log-Analyse und Auswertung - 13.01.2014 (7)
  6. avast erkennt eine datei im scan ordner von windows defender als trojaner. mbam nicht. fehlmeldung?
    Plagegeister aller Art und deren Bekämpfung - 17.11.2013 (5)
  7. Windows 7: u.A. Lange Bootzeit / Verdächtige Dateien im Ordner Windows/SysWOW64
    Log-Analyse und Auswertung - 23.09.2013 (21)
  8. Malwarebytes hat ausgehenden port 8 blockiert - avast hat im win temp Ordner Win32:Downloader-MIU gefunden
    Log-Analyse und Auswertung - 23.12.2012 (14)
  9. Avast! findet "Rootkit: hiddenfile" in meinem Windows Ordner
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (1)
  10. Viruswarnung von web.de
    Log-Analyse und Auswertung - 09.07.2012 (6)
  11. C:\Windows\SysWOW64 Ordner öffnet sich dauerhaft, wenn ich im Internet surfe
    Plagegeister aller Art und deren Bekämpfung - 28.06.2012 (1)
  12. Rootkit Viruswarnung
    Plagegeister aller Art und deren Bekämpfung - 23.02.2012 (25)
  13. avast meldet: Datei: system\cm106eye.exe - Geöfnet von: SysWOW64\rundll32.exe
    Antiviren-, Firewall- und andere Schutzprogramme - 03.11.2011 (17)
  14. Avast meldet Sinowal-IM in c:\Windows\SysWOW64\prodorom_0.dll
    Log-Analyse und Auswertung - 04.08.2011 (7)
  15. mehrere GB grosser avast ordner unter windows/temp/_AVAST4_ normal ?
    Antiviren-, Firewall- und andere Schutzprogramme - 19.01.2005 (10)
  16. Viruswarnung Teddybär
    Archiv - 22.01.2003 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Viruswarnung von Avast in dem syswow64 Ordner - Wie in der Titelleiste beschrieben bekomme ich ständige Virenwarnungen in diesem Orner. dieser ist auch am 2. 9. erst neu erstellt bzw geändert worden. Installiert habe ich nichts neu. Ich - Viruswarnung von Avast in dem syswow64 Ordner...
Archiv
Du betrachtest: Viruswarnung von Avast in dem syswow64 Ordner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54