Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Vom Virenschutz übersprungen ?

Vom Virenschutz übersprungen ?


Plagegeister aller Art und deren Bekämpfung: Vom Virenschutz übersprungen ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.12.2010, 17:51   #1
mp1001
 
Vom Virenschutz übersprungen ? - Ausrufezeichen

Vom Virenschutz übersprungen ?


Hallo !

Ich bin neu hier im Trojaner Board und habe folgendes Problem

Seit geraumer Zeit steht im dettaliereten Bericht der volständigen Untersuchung von Kaspersky Internet Security folgendes:

Programm:Host Process for Windows Services
Komponenteatei-Anti-Virus
Ergebnis : Bearbeitungsfehler objekt:C:\$EXTEND\$ObjId:$O:$INDEX_ALLOCATION
Grund:Lesefehler

Ich vermute das es sich im oben genannten Ordner um einen Virus Trojaner oder ähnliches handelt der sich aber nicht identifizieren läßt

Habe auch schon versucht diesen Ordener zu öffnen ging aber nicht
als ich vor ungefähr 30 tagen die Testversion von Bitdefender verwendet habe
hatte der diesen Ornder auch immer übersprungen weis nicht wieso

Kann jemand mit mein Problem etwas anfangen?
Ich hoffe dass meine Schilderungen reichen.

Danke schon mal

Alt 14.12.2010, 11:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


Hallo und

Zitat:
Ich vermute das es sich im oben genannten Ordner um einen Virus Trojaner oder ähnliches handelt der sich aber nicht identifizieren läßt
Glaub ich nicht wirklich, das sieht vielmehr nach einem dateisystemrelevanten Eintrag aus, den man als Benutzer so normalerweise niemals sehen wird. (NTFS-Metadaten).

Aber wir können trotzdem mal dein System genauer unter die Lupe nehmen. Bitte dazu routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!

Danach OTL:

Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in den Thread.
__________________

__________________
Alt 14.12.2010, 20:27   #3
mp1001
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


alwarebytes' Anti-Malware 1.50
Malwarebytes

Datenbank Version: 5312

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

14.12.2010 20:18:30
mbam-log-2010-12-14 (20-18-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 441745
Laufzeit: 1 Stunde(n), 2 Minute(n), 8 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
__________________
Alt 14.12.2010, 20:31   #4
mp1001
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


die vollständige untersuchung mit Malwarebytes ist abgeschlossen
es sind keine infizierten einträge vorhanden

Alt 15.12.2010, 21:50   #5
mp1001
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 15.12.2010 21:44:57 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Besitzer\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 81,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,95 Gb Total Space | 216,50 Gb Free Space | 47,38% Space Free | Partition Type: NTFS
Drive D: | 457,46 Gb Total Space | 457,32 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: BESITZER-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10l_ActiveX.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\Besitzer\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe File not found
SRV:64bit: - (npggsvc) -- C:\Windows\SysNative\GameMon.des File not found
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (yksvc) -- C:\Windows\SysNative\yk62x64.dll (Marvell)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (Nero BackItUp Scheduler 4.0) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Nero AG)
SRV - (Greg_Service) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe (Acer Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (RalinkRegistryWriter) -- C:\Program Files (x86)\TP-LINK\TL-WN321G\COMMON\RegistryWriter.exe ()
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NPPTNT2) -- C:\Windows\SysNative\npptNT2.sys File not found
DRV:64bit: - (EagleX64) -- C:\Windows\SysNative\drivers\EagleX64.sys File not found
DRV:64bit: - (dump_wmimmc) -- C:\Program Files\gPotato.eu\Rappelz\GameGuard\dump_wmimmc.sys File not found
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (ATI Technologies, Inc.)
DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()
DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()
DRV:64bit: - (kl2) -- C:\Windows\SysNative\drivers\kl2.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KL1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (netr7364) -- C:\Windows\SysNative\drivers\netr7364.sys (Ralink Technology, Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (VCSVADHWSer) Avnex Virtual Audio Device (WDM) -- C:\Windows\SysNative\drivers\vcsvad.sys (Avnex)
DRV:64bit: - (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a) -- C:\Windows\SysNative\drivers\sfdrv01a.sys (Protection Technology (StarForce))
DRV:64bit: - (sfhlp02) StarForce Protection Helper Driver (version 2.x) -- C:\Windows\SysNative\drivers\sfhlp02.sys (Protection Technology (StarForce))
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7300&r=17360610p606pe4e5v1j5w45l2t204
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7300&r=17360610p606pe4e5v1j5w45l2t204
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7300&r=17360610p606pe4e5v1j5w45l2t204
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7300&r=17360610p606pe4e5v1j5w45l2t204
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_m7300&r=17360610p606pe4e5v1j5w45l2t204
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "Search"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {872b5b88-9db5-4310-bdd0-ac189557e5f5}:2.7.2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2010.11.18 14:00:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2010.11.20 09:20:43 | 000,000,000 | ---D | M]
 
[2010.11.18 14:01:12 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Extensions
[2010.12.01 21:20:35 | 000,000,000 | ---D | M] -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\lno6r4ak.default\extensions
[2010.11.18 14:15:20 | 000,000,000 | ---D | M] (DVDVideoSoftTB Toolbar) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\lno6r4ak.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2010.11.18 14:15:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Besitzer\AppData\Roaming\mozilla\Firefox\Profiles\lno6r4ak.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.11.18 15:06:40 | 000,000,873 | ---- | M] () -- C:\Users\Besitzer\AppData\Roaming\Mozilla\FireFox\Profiles\lno6r4ak.default\searchplugins\conduit.xml
[2010.12.12 16:59:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.12.12 16:59:27 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@Kaspersky.ru
[2010.12.12 16:59:25 | 000,000,000 | ---D | M] -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru
[2010.10.27 06:44:13 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.10.27 06:44:13 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.10.27 06:44:13 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.10.27 06:44:13 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.10.27 06:44:13 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\ievkbd.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5805.1910\swg64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (IEVkbdBHO Class) - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ievkbd.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.6.5805.1910\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FilterBHO Class) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Besitzer\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Besitzer\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_E11712C84EA7E12B.dll (Google Inc.)
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\ie_banner_deny.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\x64\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: &Virtuelle Tastatur - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Li&nks untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2011\klwtbbho.dll (Kaspersky Lab ZAO)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab (BDSCANONLINE Control)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.31.0.cab (Battlefield Heroes Updater)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 78.42.43.62 82.212.62.62
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\kloehk.dll (Kaspersky Lab ZAO)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\x64\sbhook64.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\mzvkbd3.dll (Kaspersky Lab ZAO)
O20 - AppInit_DLLs: (C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll) - C:\PROGRA~2\KASPER~1\KASPER~1\sbhook.dll (Kaspersky Lab ZAO)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\klogon: DllName - Reg Error: Key error. - C:\Windows\SysNative\klogon.dll (Kaspersky Lab ZAO)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.15 21:42:33 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2010.12.15 13:50:06 | 001,169,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskschd.dll
[2010.12.15 13:50:06 | 000,524,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wmicmiplugin.dll
[2010.12.15 13:50:06 | 000,496,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskschd.dll
[2010.12.15 13:50:06 | 000,473,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskcomp.dll
[2010.12.15 13:50:06 | 000,464,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskeng.exe
[2010.12.15 13:50:06 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskcomp.dll
[2010.12.15 13:50:06 | 000,285,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\schtasks.exe
[2010.12.15 13:50:05 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\schtasks.exe
[2010.12.15 13:50:04 | 000,367,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2010.12.15 13:50:04 | 000,294,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2010.12.15 13:50:04 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2010.12.15 13:50:04 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2010.12.15 13:50:03 | 000,395,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\webio.dll
[2010.12.15 13:50:02 | 000,314,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\webio.dll
[2010.12.15 13:50:01 | 000,112,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2010.12.15 13:49:56 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2010.12.15 13:49:55 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeeds.dll
[2010.12.15 13:49:55 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2010.12.15 13:49:55 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2010.12.15 13:49:55 | 000,256,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2010.12.15 13:49:55 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2010.12.15 13:49:55 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2010.12.15 13:49:55 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2010.12.15 13:49:55 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2010.12.15 13:49:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2010.12.15 13:49:55 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2010.12.15 13:49:55 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2010.12.15 13:49:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2010.12.15 13:49:55 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2010.12.14 19:02:53 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Malwarebytes
[2010.12.14 19:02:46 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.14 19:02:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.12.14 19:02:43 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.12.14 19:02:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2010.12.12 16:58:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2010.12.12 16:58:16 | 000,556,120 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.12.12 13:51:59 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\Cross Fire
[2010.12.12 13:51:59 | 000,000,000 | ---D | C] -- C:\CFLog
[2010.12.12 13:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Z8Games
[2010.12.11 20:29:14 | 000,000,000 | ---D | C] -- C:\Windows\BDOSCAN8
[2010.12.11 12:35:40 | 000,000,000 | ---D | C] -- C:\Programme\Bohemia Interactive
[2010.12.11 09:30:14 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\QuickScan
[2010.12.11 09:29:57 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\BitDefender
[2010.12.10 22:41:10 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\ArmA
[2010.12.10 22:41:10 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\ArmA
[2010.12.10 22:31:38 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\ArmedAssault_Setup
[2010.12.04 21:07:03 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Funcom
[2010.12.03 19:41:07 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\SCE
[2010.11.30 22:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2010.11.30 21:24:53 | 000,421,376 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.11.30 21:24:51 | 000,059,392 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.11.30 21:24:46 | 000,241,664 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.11.30 21:24:43 | 003,460,096 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.11.30 21:24:42 | 000,053,248 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.11.30 21:24:36 | 000,278,528 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.11.30 21:24:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.11.30 21:24:36 | 000,052,736 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.11.30 21:24:30 | 000,012,288 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.11.30 21:24:15 | 000,332,800 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2010.11.30 21:24:11 | 000,536,576 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.11.30 21:24:10 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.11.30 21:24:04 | 007,883,264 | ---- | C] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.11.30 21:24:03 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.11.30 21:24:03 | 000,053,760 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.11.30 21:23:57 | 000,285,696 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.11.30 21:23:56 | 004,407,808 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.11.30 21:23:53 | 005,240,832 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.11.30 21:23:53 | 000,030,720 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.11.30 21:23:51 | 000,462,336 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010.11.30 21:23:44 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.11.30 21:23:44 | 000,012,800 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.11.30 21:23:42 | 000,143,360 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.11.30 21:23:42 | 000,021,504 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.11.30 21:23:41 | 016,201,728 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.11.30 21:23:41 | 000,051,200 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2010.11.30 21:23:35 | 000,014,848 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.11.30 21:23:33 | 000,051,200 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.11.30 21:23:30 | 004,077,568 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.11.30 21:23:30 | 003,222,016 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.11.30 21:23:25 | 000,356,352 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.11.30 21:23:01 | 005,470,720 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.11.30 21:21:33 | 000,019,968 | ---- | C] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.11.30 21:19:06 | 000,340,480 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2010.11.30 21:17:22 | 000,116,240 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2010.11.30 21:04:22 | 000,450,560 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.11.30 21:03:55 | 000,203,264 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010.11.30 21:03:34 | 021,344,256 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.11.30 21:03:34 | 003,953,152 | ---- | C] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.11.30 21:03:33 | 000,044,544 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.11.30 21:03:31 | 000,043,520 | ---- | C] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.11.30 21:03:11 | 000,046,080 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.11.30 21:03:09 | 000,044,032 | ---- | C] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.11.30 13:57:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2010.11.24 14:11:06 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\GUILD WARS
[2010.11.24 14:10:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GUILD WARS
[2010.11.24 08:28:49 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\Gfs von Manuel Peter 8e
[2010.11.22 21:03:13 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2010.11.22 12:41:11 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\Neuer Ordner (8)
[2010.11.22 12:39:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GamersFirst
[2010.11.20 12:02:17 | 000,638,976 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2010.11.18 19:03:23 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\Podcast Studio
[2010.11.18 19:03:04 | 000,835,584 | ---- | C] (NCT) -- C:\Windows\SysWow64\NCTAudioCDGrabber2.dll
[2010.11.18 19:03:04 | 000,634,880 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioEditor2.dll
[2010.11.18 19:03:04 | 000,522,752 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioTransform2.dll
[2010.11.18 19:03:04 | 000,479,232 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioVisualization2.dll
[2010.11.18 19:03:04 | 000,348,160 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTWMAFile2.dll
[2010.11.18 19:03:03 | 000,966,144 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioInformation2.dll
[2010.11.18 19:03:03 | 000,877,568 | ---- | C] (NCT Company Ltd.) -- C:\Windows\SysWow64\NCTAudioFile2.dll
[2010.11.18 19:03:03 | 000,467,968 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioRecord2.dll
[2010.11.18 19:03:03 | 000,467,456 | ---- | C] (Online Media Technologies Ltd.) -- C:\Windows\SysWow64\NCTAudioPlayer2.dll
[2010.11.18 19:03:02 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\concept design
[2010.11.18 19:03:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\concept design
[2010.11.18 14:16:55 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\Neuer Ordner (7)
[2010.11.18 14:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2010.11.18 14:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoftTB
[2010.11.18 14:15:19 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.11.18 14:15:13 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Documents\DVDVideoSoft
[2010.11.18 14:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.11.18 14:15:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.11.18 14:00:54 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Roaming\Mozilla
[2010.11.18 14:00:54 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\AppData\Local\Mozilla
[2010.11.18 14:00:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2010.11.16 12:24:22 | 000,000,000 | ---D | C] -- C:\Users\Besitzer\Desktop\Neuer Ordner (4)
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.15 21:42:39 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Besitzer\Desktop\OTL.exe
[2010.12.15 21:42:26 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.15 21:42:26 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.15 21:34:56 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.15 21:34:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.15 21:34:38 | 2146,131,967 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.15 17:12:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.15 15:39:28 | 000,419,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2010.12.14 19:02:46 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.12 17:15:56 | 000,150,083 | ---- | M] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.12.12 17:15:56 | 000,107,075 | ---- | M] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.12.12 16:58:16 | 000,556,120 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2010.12.12 16:47:00 | 000,079,602 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2010.12.11 20:41:14 | 000,001,229 | ---- | M] () -- C:\Users\Besitzer\Desktop\cmd.lnk
[2010.12.11 15:16:18 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2010.12.11 15:16:18 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2010.12.11 15:16:18 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysNative\OpenAL32.dll
[2010.12.11 15:16:18 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2010.12.11 12:42:20 | 000,000,994 | ---- | M] () -- C:\Users\Besitzer\Desktop\ArmA starten.lnk
[2010.12.11 09:36:06 | 000,000,415 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2010.12.07 14:30:12 | 000,014,874 | ---- | M] () -- C:\Users\Besitzer\Documents\Wohnungen.docx
[2010.12.05 17:55:41 | 000,007,597 | ---- | M] () -- C:\Users\Besitzer\AppData\Local\Resmon.ResmonCfg
[2010.12.04 17:02:20 | 000,000,220 | ---- | M] () -- C:\Users\Besitzer\Desktop\Age of Conan Rise of Godslayer.url
[2010.12.01 08:44:11 | 000,000,310 | ---- | M] () -- C:\Windows\Podcast.INI
[2010.11.30 21:24:54 | 000,421,376 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atipdl64.dll
[2010.11.30 21:24:53 | 000,059,392 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\atiedu64.dll
[2010.11.30 21:24:51 | 003,460,096 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiumdva.dll
[2010.11.30 21:24:48 | 000,241,664 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atiadlxy.dll
[2010.11.30 21:24:43 | 000,053,248 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\ati2erec.dll
[2010.11.30 21:24:42 | 000,614,400 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.11.30 21:24:39 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atimpc32.dll
[2010.11.30 21:24:39 | 000,052,736 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\amdpcom32.dll
[2010.11.30 21:24:38 | 000,278,528 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\Oemdspif.dll
[2010.11.30 21:24:32 | 000,012,288 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2010.11.30 21:24:30 | 007,883,264 | ---- | M] (ATI Technologies Inc.) -- C:\Windows\SysNative\drivers\atikmdag.sys
[2010.11.30 21:24:26 | 004,660,224 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atidxx64.dll
[2010.11.30 21:24:18 | 000,332,800 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODE.exe
[2010.11.30 21:24:18 | 000,078,848 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.11.30 21:24:15 | 000,536,576 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\aticfx32.dll
[2010.11.30 21:24:11 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2010.11.30 21:24:04 | 004,407,808 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticaldd.dll
[2010.11.30 21:24:04 | 000,022,190 | ---- | M] () -- C:\Windows\atiogl.xml
[2010.11.30 21:24:03 | 016,201,728 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysWow64\atioglxx.dll
[2010.11.30 21:24:03 | 005,240,832 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\atiumd64.dll
[2010.11.30 21:24:03 | 000,614,400 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.11.30 21:24:03 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atimpc64.dll
[2010.11.30 21:24:03 | 000,053,760 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\amdpcom64.dll
[2010.11.30 21:24:01 | 000,285,696 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\atikmpag.sys
[2010.11.30 21:23:54 | 000,037,888 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiu9p64.dll
[2010.11.30 21:23:54 | 000,030,720 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiuxpag.dll
[2010.11.30 21:23:52 | 000,462,336 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2010.11.30 21:23:51 | 000,039,936 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiuxp64.dll
[2010.11.30 21:23:45 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiglpxx.dll
[2010.11.30 21:23:45 | 000,012,800 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiglpxx.dll
[2010.11.30 21:23:44 | 004,077,568 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atiumdag.dll
[2010.11.30 21:23:44 | 000,143,360 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiapfxx.exe
[2010.11.30 21:23:44 | 000,021,504 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6txx.dll
[2010.11.30 21:23:42 | 003,222,016 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atiumd6a.dll
[2010.11.30 21:23:42 | 000,051,200 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIODCLI.exe
[2010.11.30 21:23:39 | 000,051,200 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalrt64.dll
[2010.11.30 21:23:39 | 000,014,848 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysNative\atig6pxx.dll
[2010.11.30 21:23:38 | 000,028,672 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atiu9pag.dll
[2010.11.30 21:23:32 | 000,356,352 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\atipdlxx.dll
[2010.11.30 21:23:28 | 005,470,720 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticaldd64.dll
[2010.11.30 21:23:20 | 021,344,256 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atio6axx.dll
[2010.11.30 21:22:27 | 000,019,968 | ---- | M] (Advanced Micro Devices, Inc. ) -- C:\Windows\SysWow64\atigktxx.dll
[2010.11.30 21:21:33 | 000,340,480 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\atiadlxx.dll
[2010.11.30 21:19:06 | 000,116,240 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysNative\drivers\AtihdW76.sys
[2010.11.30 21:17:37 | 000,628,224 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysNative\aticfx64.dll
[2010.11.30 21:07:40 | 003,953,152 | ---- | M] (ATI Technologies Inc. ) -- C:\Windows\SysWow64\atidxx32.dll
[2010.11.30 21:05:08 | 000,450,560 | ---- | M] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\ATIDEMGX.dll
[2010.11.30 21:04:24 | 000,203,264 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2010.11.30 21:03:55 | 000,044,544 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysNative\aticalcl64.dll
[2010.11.30 21:03:34 | 000,043,520 | ---- | M] (ATI Technologies, Inc.) -- C:\Windows\SysWow64\ati2edxx.dll
[2010.11.30 21:03:33 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2010.11.30 21:03:32 | 000,224,342 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.11.30 21:03:32 | 000,046,080 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalrt.dll
[2010.11.30 21:03:22 | 000,044,032 | ---- | M] (Advanced Micro Devices Inc.) -- C:\Windows\SysWow64\aticalcl.dll
[2010.11.30 15:24:11 | 000,000,221 | ---- | M] () -- C:\Users\Besitzer\Desktop\Call of Duty Black Ops - Multiplayer.url
[2010.11.30 14:04:12 | 000,000,219 | ---- | M] () -- C:\Users\Besitzer\Desktop\Left 4 Dead 2.url
[2010.11.30 14:00:17 | 000,000,993 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.11.29 19:20:31 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2010.11.29 19:20:31 | 000,189,480 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2010.11.29 17:42:18 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.11.29 17:42:06 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.28 19:53:18 | 000,021,634 | ---- | M] () -- C:\Users\Besitzer\Documents\Erfinder der Lambdasonde.docx
[2010.11.28 19:53:11 | 000,125,568 | ---- | M] () -- C:\Users\Besitzer\Documents\Einbau der.docx
[2010.11.28 19:53:01 | 000,013,166 | ---- | M] () -- C:\Users\Besitzer\Documents\Die Lambdasonde.docx
[2010.11.28 19:52:55 | 000,065,068 | ---- | M] () -- C:\Users\Besitzer\Documents\Aufbau der.docx
[2010.11.26 19:15:54 | 001,469,866 | ---- | M] () -- C:\Users\Besitzer\Documents\Präsentation1.pptx
[2010.11.24 15:01:57 | 000,000,502 | ---- | M] () -- C:\Users\Besitzer\Desktop\Guild Wars - Verknüpfung.lnk
[2010.11.24 08:29:56 | 001,527,504 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2010.11.24 08:29:56 | 000,664,396 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2010.11.24 08:29:56 | 000,624,578 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2010.11.24 08:29:56 | 000,134,564 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2010.11.24 08:29:56 | 000,110,216 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2010.11.20 16:23:09 | 000,006,537 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2010.11.20 12:02:18 | 000,000,814 | ---- | M] () -- C:\Users\Public\Desktop\MAGIX Podcast Maker e-version.lnk
[2010.11.20 09:20:44 | 000,002,018 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.18 19:03:06 | 000,002,249 | ---- | M] () -- C:\Users\Besitzer\Desktop\Podcast Director.lnk
[2010.11.18 19:03:06 | 000,001,315 | ---- | M] () -- C:\Users\Besitzer\Desktop\Podcast Manager.lnk
[2010.11.18 14:15:16 | 000,001,243 | ---- | M] () -- C:\Users\Besitzer\Desktop\DVDVideoSoft Free Studio.lnk
[2010.11.18 14:00:56 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2010.11.18 14:00:49 | 000,001,943 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.11.16 16:13:43 | 000,015,421 | ---- | M] () -- C:\Users\Besitzer\Documents\inhalt.docx
[2010.11.16 16:06:21 | 000,069,373 | ---- | M] () -- C:\Users\Besitzer\Desktop\Betrieb.docx
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.14 19:02:46 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.12.12 16:59:15 | 000,150,083 | ---- | C] () -- C:\Windows\SysNative\drivers\klin.dat
[2010.12.12 16:59:15 | 000,107,075 | ---- | C] () -- C:\Windows\SysNative\drivers\klick.dat
[2010.12.11 20:40:28 | 000,001,229 | ---- | C] () -- C:\Users\Besitzer\Desktop\cmd.lnk
[2010.12.11 12:42:20 | 000,000,994 | ---- | C] () -- C:\Users\Besitzer\Desktop\ArmA starten.lnk
[2010.12.11 09:36:06 | 000,000,415 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2010.12.11 09:29:55 | 000,079,602 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2010.12.07 14:30:12 | 000,014,874 | ---- | C] () -- C:\Users\Besitzer\Documents\Wohnungen.docx
[2010.12.04 17:02:20 | 000,000,220 | ---- | C] () -- C:\Users\Besitzer\Desktop\Age of Conan Rise of Godslayer.url
[2010.11.30 21:24:36 | 000,614,400 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2010.11.30 21:24:15 | 000,078,848 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2010.11.30 21:24:04 | 000,022,190 | ---- | C] () -- C:\Windows\atiogl.xml
[2010.11.30 21:24:00 | 000,614,400 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2010.11.30 21:03:11 | 000,224,342 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2010.11.30 13:57:34 | 000,000,993 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2010.11.28 19:53:18 | 000,021,634 | ---- | C] () -- C:\Users\Besitzer\Documents\Erfinder der Lambdasonde.docx
[2010.11.28 19:53:10 | 000,125,568 | ---- | C] () -- C:\Users\Besitzer\Documents\Einbau der.docx
[2010.11.28 19:53:01 | 000,013,166 | ---- | C] () -- C:\Users\Besitzer\Documents\Die Lambdasonde.docx
[2010.11.28 19:52:54 | 000,065,068 | ---- | C] () -- C:\Users\Besitzer\Documents\Aufbau der.docx
[2010.11.28 17:31:42 | 000,000,219 | ---- | C] () -- C:\Users\Besitzer\Desktop\Left 4 Dead 2.url
[2010.11.26 19:15:54 | 001,469,866 | ---- | C] () -- C:\Users\Besitzer\Documents\Präsentation1.pptx
[2010.11.24 15:01:57 | 000,000,502 | ---- | C] () -- C:\Users\Besitzer\Desktop\Guild Wars - Verknüpfung.lnk
[2010.11.24 08:28:26 | 000,001,302 | ---- | C] () -- C:\Users\Besitzer\Desktop\Fiesta Online(EU_German) - Kopie.lnk
[2010.11.18 19:03:06 | 000,002,249 | ---- | C] () -- C:\Users\Besitzer\Desktop\Podcast Director.lnk
[2010.11.18 19:03:06 | 000,001,315 | ---- | C] () -- C:\Users\Besitzer\Desktop\Podcast Manager.lnk
[2010.11.18 19:03:02 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2010.11.18 19:03:02 | 000,201,728 | ---- | C] () -- C:\Windows\SysWow64\lame.exe
[2010.11.18 19:03:02 | 000,201,728 | ---- | C] () -- C:\Windows\lame.exe
[2010.11.18 19:03:02 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\mp3gain.exe
[2010.11.18 19:03:02 | 000,079,360 | ---- | C] () -- C:\Windows\mp3gain.exe
[2010.11.18 14:15:14 | 000,001,243 | ---- | C] () -- C:\Users\Besitzer\Desktop\DVDVideoSoft Free Studio.lnk
[2010.11.18 14:00:56 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.11.18 14:00:49 | 000,001,943 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2010.10.14 01:36:44 | 000,179,263 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2010.10.12 15:47:57 | 000,000,310 | ---- | C] () -- C:\Windows\Podcast.INI
[2010.10.12 15:45:31 | 000,006,537 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2010.09.14 18:02:22 | 000,007,597 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\Resmon.ResmonCfg
[2010.08.23 14:45:00 | 000,025,088 | ---- | C] () -- C:\Windows\SysWow64\RAEXTUI.dll
[2010.07.04 08:16:36 | 000,000,096 | ---- | C] () -- C:\Users\Besitzer\AppData\Local\fusioncache.dat
[2010.07.03 21:19:38 | 001,526,730 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2010.06.30 20:48:26 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2010.05.07 15:48:11 | 000,015,573 | ---- | C] () -- C:\ProgramData\ArcadeDeluxe4.log
[2010.03.18 04:44:23 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.01.05 14:44:10 | 000,000,483 | ---- | C] () -- C:\Windows\bdoscandellang.ini
 
========== Files - Unicode (All) ==========
[2010.12.12 16:47:00 | 000,000,000 | ---- | M] ()(C:\Windows\SysNative\?????) -- C:\Windows\SysNative\獷楬汢捯污
[2010.12.12 16:45:31 | 000,000,000 | ---- | C] ()(C:\Windows\SysNative\?????) -- C:\Windows\SysNative\獷楬汢捯污
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:4D066AD2

< End of report >
--- --- ---
Alt 15.12.2010, 21:53   #6
mp1001
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 15.12.2010 21:44:57 - Run 1
OTL by OldTimer - Version 3.2.17.3     Folder = C:\Users\Besitzer\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
8,00 Gb Total Physical Memory | 6,00 Gb Available Physical Memory | 81,00% Memory free
16,00 Gb Paging File | 14,00 Gb Available in Paging File | 89,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,95 Gb Total Space | 216,50 Gb Free Space | 47,38% Space Free | Partition Type: NTFS
Drive D: | 457,46 Gb Total Space | 457,32 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: BESITZER-PC | User Name: Besitzer | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- C:\Windows\System32\ieframe.DLL (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series" = Canon MX320 series MP Drivers
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{503640E5-B2ED-3173-D109-D4D03153471A}" = AMD Drag and Drop Transcoding
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DF9D3DF-6D03-A04F-217F-F2577D973DBE}" = ATI Catalyst Install Manager
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{AE0D971F-5430-8874-B09E-3F1C76E2F8FF}" = WMV9/VC-1 Video Playback
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{D29E5E5F-47CA-087E-DCBF-FB75171D5B2E}" = ccc-utility64
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"NVIDIA Drivers" = NVIDIA Drivers
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{11083C7A-D0D6-4DA4-8C3A-74B8389EC07B}" = ATI Catalyst Registration
"{1286324F-03F2-268A-FB0E-A34E4E102731}" = Catalyst Control Center InstallProxy
"{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}" = Risen
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising
"{1D108D70-E7D1-4089-9A0A-99629C4D0CB8}" = Morrowind
"{1dd4419c-b2a8-423f-9661-7984e7a4f4f7}" = Nero 9 Essentials
"{1FDA5A37-B22D-43FF-B582-B8964050DC13}" = Microsoft Games for Windows - LIVE Redistributable
"{20400DBD-E6DB-45B8-9B6B-1DD7033818EC}" = Nero InfoTool Help
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2348B586-C9AE-46CE-936C-A68E9426E214}" = Nero StartSmart Help
"{259A8A5E-2886-4BED-9EF1-D5485282CCC3}" = Overlord
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{33CF58F5-48D8-4575-83D6-96F574E4D83A}" = Nero DriveSpeed
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F66C4BF-4BD9-FF9C-FA9F-4579F60A33B3}" = Catalyst Control Center Graphics Previews Vista
"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]
"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)
"{415B2719-AD3A-4944-B404-C472DB6085B3}" = Cisco EAP-FAST Module
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{46710AEB-ACE9-4386-9DFB-8B65153BFA74}" = REALTEK Wireless LAN Driver
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4D43D635-6FDA-4FA5-AA9B-23CF73D058EA}" = Nero StartSmart OEM
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{556E8E15-ECD5-4E5C-9250-C425C89E75DE}" = Quake Live Internet Explorer Plugin
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57634571-FD82-4BEC-B822-A1ED7765474F}_is1" = SmartLauncher
"{595A3116-40BB-4E0F-A2E8-D7951DA56270}" = NeroExpress
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}" = Cisco PEAP Module
"{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7748AC8C-18E3-43BB-959B-088FAEA16FB2}" = Nero StartSmart
"{7AF32AB1-CB97-11D4-9607-0050BA84F5F7}" = Baldur's Gate(TM) II - Schatten von Amn(TM)
"{7EF80615-639D-4BD0-B612-E347096452AD}" = TL-WN321G-Drahtlos-Tool
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{83202942-84B3-4C50-8622-B8C0AA2D2885}" = Nero Express Help
"{83770D14-21B9-44B3-8689-F7B523F94560}" = Cisco LEAP Module
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{869200DB-287A-4DC0-B02B-2B6787FBCD4C}" = Nero DiscSpeed
"{86A4C6D9-29EE-4719-AFA1-BA3341862B83}" = Microsoft Games for Windows - LIVE
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{974C4B12-4D02-4879-85E0-61C95CC63E9E}" = Fallout 3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{99A37AC7-E724-4621-B167-500B5A52B69C}" = LastChaosGER
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress
"{A914AE85-1A36-0575-714C-BF996BDA20C7}" = ccc-core-static
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{AE249BA3-2421-3996-5E9A-DF4A9F3551FC}" = Catalyst Control Center InstallProxy
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center
"{B7BD291B-D415-4484-89A4-82077504BE93}_is1" = SmartCopy
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}" = Norton Online Backup
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CC019E3F-59D2-4486-8D4B-878105B62A71}" = Nero DiscSpeed Help
"{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}" = WinZip 14.5
"{DB8B49A9-7CF1-34DB-6DF2-1EC41C0FE5E1}" = Catalyst Control Center Graphics Previews Common
"{DDA34038-89BD-4804-B0B8-DC48D5DFB463}" = Catalyst Control Center - Branding
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E426CEC1-35C5-42BF-913E-6EF8F1211D01}" = Overlord II
"{E4406ED3-B04C-44F1-ABB4-08775B74934F}" = Call Of Cthulhu DCoTE
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5C7D048-F9B4-4219-B323-8BDB01A2563D}" = Nero DriveSpeed Help
"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F20C1251-1D0A-4944-B2AE-678581B33B19}" = Neverwinter Nights 2
"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FBCDFD61-7DCF-4E71-9226-873BA0053139}" = Nero InfoTool
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
"{FF113499-EA89-445A-8C93-F6849F36333E}_is1" = concept/design Podcast Studio
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ArmA" = ArmA Uninstall
"AV Voice Changer Software GOLD 7.0" = AV Voice Changer Software GOLD 7.0
"Baldur's Gate" = Baldur's Gate
"BattlEye" = BattlEye Uninstall
"CABAL Online_is1" = CABAL Online
"Canon MX320 series Benutzerregistrierung" = Canon MX320 series Benutzerregistrierung
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Drakensang_TRoT_is1" = Drakensang - Am Fluss der Zeit
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EADM" = EA Download Manager
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"Fiesta Online(EU_German)" = Fiesta Online(EU_German) 1.02.093
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Guild Wars" = GUILD WARS
"HaaliMkx" = Haali Media Splitter
"Hotkey Utility" = Hotkey Utility
"Icewind Dale" = Icewind Dale
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A357EF4C-2B6F-4980-ACA9-B1E42A74D7F3}" = Red Faction Guerrilla
"InstallWIX_{66F1F013-008F-4875-B283-5A814B820347}" = Kaspersky Internet Security 2011
"Klett Lernsoftware Mathematik - Schnittpunkt (5.~ACED3B27_is1" = Klett Lernsoftware Mathematik - Schnittpunkt (5. Lernjahr) 9 BW
"MAGIX Podcast Maker e-version D" = MAGIX Podcast Maker e-version (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Marvell Miniport Driver" = Marvell Miniport Driver
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"MP Navigator EX 2.1" = Canon MP Navigator EX 2.1
"Neffy" = Neffy 1,3,29,0
"Oblivion mod manager_is1" = Oblivion mod manager 1.1.9
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenAL" = OpenAL
"OpenTTD" = OpenTTD 1.0.0
"PunkBusterSvc" = PunkBuster Services
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 550" = Left 4 Dead 2
"Steam App 6360" = Age of Conan: Rise of the Godslayer
"The Void_is1" = The Void
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.0
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{A8E2EF8F-73EF-4DD8-BB38-31FCCAF50103}" = Dark Messiah 
"InstallShield_{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}" = Unreal Tournament 3 (LG)
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
--- --- ---
Alt 15.12.2010, 21:55   #7
mp1001
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


die zwei anderen einträge mit olt sind jetzt auch da

Alt 16.12.2010, 15:03   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


Die Logs sind unauffällig, ich sehe keine Schädlinge.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.12.2010, 17:58   #9
mp1001
 
Vom Virenschutz übersprungen ? - Standard

Vom Virenschutz übersprungen ?


vielen dank für deine hilfe

Antwort

Themen zu Vom Virenschutz übersprungen ?
bericht, bitdefender, board, defender, ergebnis, folge, folgendes, gen, ide, index, internet, kaspersky, neu, ordner, process, schutz, security, testversion, trojaner, trojaner board, version, verwendet, virenschutz, virus trojaner, vom virenschutz übersprungene datei, windows, ähnliches


« IE öffnet nicht, google umleitung und Stickvirus | ist mein pc wieder sauber? »


Ähnliche Themen: Vom Virenschutz übersprungen ?


  1. Virenschutz für Windows 8.1
    Antiviren-, Firewall- und andere Schutzprogramme - 24.07.2014 (9)
  2. Welcher Virenschutz?
    Antiviren-, Firewall- und andere Schutzprogramme - 29.03.2014 (12)
  3. Virenschutz deaktiviert?
    Antiviren-, Firewall- und andere Schutzprogramme - 02.02.2014 (7)
  4. Virenschutz für Windows 8 getestet
    Nachrichten - 06.04.2013 (0)
  5. Avast Antivirus und Virenschutz
    Antiviren-, Firewall- und andere Schutzprogramme - 10.12.2012 (2)
  6. Virenschutz Sophos
    Antiviren-, Firewall- und andere Schutzprogramme - 15.11.2011 (1)
  7. Brauche Einen Virenschutz !
    Antiviren-, Firewall- und andere Schutzprogramme - 30.05.2011 (1)
  8. Sicherheitscenter und Virenschutz deaktiviert
    Plagegeister aller Art und deren Bekämpfung - 10.04.2011 (19)
  9. Virenschutz zusammenstellung
    Antiviren-, Firewall- und andere Schutzprogramme - 30.12.2009 (11)
  10. Virtual Box als Virenschutz ?
    Diskussionsforum - 21.07.2009 (1)
  11. Ubuntu 8.10 und Virenschutz?
    Alles rund um Mac OSX & Linux - 24.11.2008 (7)
  12. Problem mit Virenschutz
    Antiviren-, Firewall- und andere Schutzprogramme - 28.10.2008 (4)
  13. Virenschutz
    Alles rund um Windows - 11.09.2008 (8)
  14. Erweiterter Virenschutz??
    Antiviren-, Firewall- und andere Schutzprogramme - 16.09.2005 (64)
  15. Guter Virenschutz?
    Plagegeister aller Art und deren Bekämpfung - 06.06.2005 (4)
  16. Virenschutz als gesetzliche Grundlage ?
    Antiviren-, Firewall- und andere Schutzprogramme - 19.07.2004 (15)
  17. Virenschutz bei Freemail - Was soll das?
    Antiviren-, Firewall- und andere Schutzprogramme - 05.12.2003 (19)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Vom Virenschutz übersprungen ? - Hallo ! Ich bin neu hier im Trojaner Board und habe folgendes Problem Seit geraumer Zeit steht im dettaliereten Bericht der volständigen Untersuchung von Kaspersky Internet Security folgendes: Programm:Host Process - Vom Virenschutz übersprungen ?...
Archiv
Du betrachtest: Vom Virenschutz übersprungen ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129