Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
"Debugging or Monitoring tool detected"

"Debugging or Monitoring tool detected"


Log-Analyse und Auswertung: "Debugging or Monitoring tool detected"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 15.06.2011, 20:24   #1
GreyShaddow
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Hallo liebe Community,
ich habe diese Meldung bekommen, nachdem ich ein Spiele Update für Spellforce aufrufen wollte: hxxp://img695.imageshack.us/img695/1179/unbenanntwfmx.png

0190 Warner habe ich meines Wissens nach nicht installiert.

In letzter Zeit habe ich manchmal Kleinigkeiten bemerkt, was z.B. die Geschwindigkeit des PC's angeht.
Nach dem Installieren von Spellforce und den ganzen Vorgängen musste mein PC 15 Windows Updates laden.

Antivir und Spybot S&D sagen es ist alles ok.

Danke für eure Auswwertung!

OS: Win 7 Home Premium 64 Bit

Alt 16.06.2011, 11:05   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Hallo und

Bitte routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!


Danach OTL-Custom:


CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die Textbox.
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________

__________________
Alt 16.06.2011, 16:18   #3
GreyShaddow
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Malwarebytes:
(1 Fund - gelöscht)
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.0.1200
www.malwarebytes.org

Datenbank Version: 6869

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

16.06.2011 15:12:42
mbam-log-2011-06-16 (15-12-35).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|E:\|F:\|G:\|)
Durchsuchte Objekte: 405592
Laufzeit: 54 Minute(n), 26 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 1
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

OTL:
Code:
ATTFilter
OTL logfile created on: 16.06.2011 15:57:10 - Run 1
OTL by OldTimer - Version 3.2.24.0     Folder = D:\Users\***\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,61 Gb Available Physical Memory | 65,18% Memory free
8,00 Gb Paging File | 6,36 Gb Available in Paging File | 79,57% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 254,01 Gb Free Space | 85,24% Space Free | Partition Type: NTFS
Drive D: | 596,17 Gb Total Space | 356,46 Gb Free Space | 59,79% Space Free | Partition Type: NTFS
Drive E: | 3,14 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.06.16 14:14:19 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Users\***\Downloads\OTL.exe
PRC - [2011.04.27 14:45:40 | 000,136,360 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\sched.exe
PRC - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2011.03.17 21:02:28 | 000,269,480 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.21 14:04:30 | 000,987,704 | ---- | M] (Secunia) -- D:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2010.12.21 14:04:30 | 000,399,416 | ---- | M] (Secunia) -- D:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.11.03 20:25:07 | 000,281,768 | ---- | M] (Avira GmbH) -- D:\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2010.08.03 09:43:02 | 000,522,824 | ---- | M] (Logitech Inc.) -- C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe
PRC - [2010.05.06 00:51:00 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2010.05.06 00:46:10 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2009.12.31 01:24:34 | 000,703,488 | ---- | M] (FileZilla Project) -- D:\Program Files (x86)\FileZilla Server\FileZilla server.exe
PRC - [2009.10.05 18:05:12 | 002,158,592 | ---- | M] () -- D:\Program Files (x86)\Vtune\TBPANEL.exe
PRC - [2009.07.01 20:23:52 | 001,435,136 | ---- | M] () -- D:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe
PRC - [2009.07.01 20:19:18 | 000,601,088 | ---- | M] () -- D:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe
PRC - [2009.04.02 13:27:26 | 000,090,112 | ---- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008.08.06 17:31:44 | 000,233,576 | ---- | M] (Creative Technology Ltd) -- D:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe
PRC - [2008.03.14 10:48:00 | 001,085,440 | ---- | M] (Hama GmbH & Co KG) -- C:\Program Files (x86)\Hama\Common\RaUI.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011.06.16 14:14:19 | 000,580,608 | ---- | M] (OldTimer Tools) -- D:\Users\***\Downloads\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
MOD - [2009.07.14 03:15:48 | 000,035,328 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\mssprxy.dll
MOD - [2009.07.14 03:09:00 | 000,002,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\normaliz.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2011.04.27 14:45:40 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011.04.08 07:14:00 | 002,218,600 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.04.07 21:54:52 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2011.03.17 21:02:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- D:\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.21 14:04:30 | 000,987,704 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)
SRV - [2010.12.21 14:04:30 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- D:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2010.12.06 09:31:50 | 002,101,640 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2010.09.06 19:56:38 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.31 15:57:13 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2009.12.31 01:24:34 | 000,703,488 | ---- | M] (FileZilla Project) [Auto | Running] -- D:\Program Files (x86)\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)
SRV - [2009.12.25 01:08:56 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.04.02 13:27:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) [Auto | Running] -- D:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe -- (SBSDWSCService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011.05.10 23:31:34 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.04.13 15:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.18 16:36:58 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010.11.23 21:00:17 | 000,083,120 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.09.01 10:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)
DRV:64bit: - [2010.05.06 02:37:44 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2010.05.06 02:37:36 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2010.05.06 02:37:28 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2010.05.06 02:37:20 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2010.05.06 02:37:12 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2010.05.06 02:37:04 | 000,686,808 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k) Creative Audio Driver (WDM)
DRV:64bit: - [2010.05.06 02:36:56 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2010.05.06 02:36:46 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2010.05.06 02:36:46 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2010.05.06 02:36:34 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2010.05.06 02:36:34 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2010.05.06 02:36:28 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2010.05.06 02:36:28 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2010.03.20 14:18:56 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2010.03.20 14:18:55 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2009.11.23 18:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.23 18:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.08.23 14:08:08 | 000,056,320 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009.06.10 22:35:38 | 000,707,072 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\netr7364.sys -- (netr7364)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.28 12:07:14 | 000,376,848 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:64bit: - [2009.05.28 12:07:14 | 000,061,712 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:64bit: - [2009.05.18 15:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.14 10:26:24 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.03.27 02:23:54 | 000,019,432 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz132_x64.sys -- (cpuz132)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.01.09 12:28:20 | 000,034,032 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\seehcri.sys -- (seehcri)
DRV:64bit: - [2006.07.13 09:58:32 | 000,078,208 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfsync04.sys -- (sfsync04) StarForce Protection Synchronization Driver (version 4.x)
DRV:64bit: - [2006.07.05 14:48:19 | 000,077,688 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\sfdrv01a.sys -- (sfdrv01a) StarForce Protection Environment Driver (version 1.x.a)
DRV:64bit: - [2006.06.14 16:58:10 | 000,014,192 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sfhlp02.sys -- (sfhlp02) StarForce Protection Helper Driver (version 2.x)
DRV - [2009.12.25 01:57:55 | 000,013,520 | ---- | M] (OpenLibSys.org) [Kernel | On_Demand | Stopped] -- D:\Users\***\Documents\C2DtoG15 1.1.0.0\WinRing0x64.sys -- (WinRing0_1_1_1)
DRV - [2007.03.16 10:11:20 | 000,015,648 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)
DRV - [2007.02.07 20:27:46 | 000,014,104 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | Boot | Running] -- C:\Windows\SysWOW64\speedfan.sys -- (speedfan)
DRV - [2001.09.22 10:16:42 | 000,004,016 | ---- | M] (SpecoSoft) [Kernel | On_Demand | Stopped] -- D:\Program Files (x86)\UltraStar\zlportio.sys -- (zlportio)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 34 7F 5D 64 16 08 CB 01  [binary data]
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "ICQ Search"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.8
FF - prefs.js..extensions.enabledItems: inspector@mozilla.org:2.0.9
FF - prefs.js..extensions.enabledItems: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}:0.9.8
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.7
FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.3
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.5
FF - prefs.js..extensions.enabledItems: {cf47767d-5f3a-4e32-9fce-5d79565c9702}:1.1.3
FF - prefs.js..extensions.enabledItems: {73a6fe31-595d-460b-a920-fcc0f8843232}:2.1.1.2rc1
FF - prefs.js..extensions.enabledItems: {1f91cde0-c040-11da-a94d-0800200c9a66}:8
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20110323
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2011.05.10 23:30:13 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.17\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2011.05.10 13:30:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Components: D:\Program Files (x86)\Mozilla Sunbird\components [2010.12.22 21:56:55 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Sunbird 0.9\extensions\\Plugins: D:\Program Files (x86)\Mozilla Sunbird\plugins
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Components: D:\Program Files (x86)\Mozilla Thunderbird\components [2011.05.05 22:46:32 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Thunderbird 3.1.10\extensions\\Plugins: D:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2009.12.24 02:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2009.12.24 02:59:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.06.16 14:05:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions
[2011.05.26 23:28:28 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.05.10 13:31:36 | 000,000,000 | ---D | M] (RSS Ticker) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}
[2011.06.12 22:25:03 | 000,000,000 | ---D | M] (NoScript) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
[2011.05.10 13:31:37 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.06.15 07:33:06 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2011.05.18 21:21:27 | 000,000,000 | ---D | M] (Fast Video Download (with SearchMenu)) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{c50ca3c4-5656-43c2-a061-13e717f73fc8}
[2011.06.07 19:37:57 | 000,000,000 | ---D | M] (LinkExtend) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{cf47767d-5f3a-4e32-9fce-5d79565c9702}
[2011.05.23 21:34:37 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.05.26 17:57:25 | 000,000,000 | ---D | M] ("BetterPrivacy") -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
[2011.03.12 00:45:28 | 000,000,000 | ---D | M] (Download Statusbar) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
[2011.06.15 07:33:05 | 000,000,000 | ---D | M] (DownThemAll!) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2011.06.03 14:59:15 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.02.20 15:27:11 | 000,000,000 | ---D | M] (DOM Inspector) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\inspector@mozilla.org
[2010.02.20 22:17:39 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\moveplayer@movenetworks.com
[2011.05.10 13:31:39 | 000,000,000 | ---D | M] (Personas) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\personas@christopher.beard
[2011.06.15 07:33:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\cwqoodar.default\extensions\staged-xpis
[2009.12.24 02:59:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Sunbird\Profiles\ds3951os.default\extensions
[2011.06.12 03:50:07 | 000,001,056 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\cwqoodar.default\searchplugins\icqplugin.xml
[2011.03.13 19:10:22 | 000,000,000 | ---D | M] (Java Console) -- D:\PROGRAM FILES (X86)\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
 
O1 HOSTS File: ([2011.05.27 23:34:39 | 000,434,670 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	123fporn.info
O1 - Hosts: 14957 more lines...
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4 - HKLM..\Run: [Ai Nap] D:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Cpu Level Up help] D:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [QFan Help] D:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
O4 - HKLM..\Run: [VolPanel] D:\Program Files (x86)\Creative\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
O4 - HKCU..\Run: [TBPanel] D:\Program Files (x86)\Vtune\TBPanel.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package)
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Creative Software AutoUpdate Support Package 1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.06.11 12:43:24 | 001,122,304 | R--- | M] (JoWooD Software Productions AG) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2000.10.12 12:20:48 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004.04.05 20:59:02 | 000,021,630 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O33 - MountPoints2\{815ad9cd-1ce8-11e0-9c3b-00248c0e4426}\Shell - "" = AutoRun
O33 - MountPoints2\{815ad9cd-1ce8-11e0-9c3b-00248c0e4426}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{abfb1c35-7b44-11e0-9f81-00248c0e4426}\Shell - "" = AutoRun
O33 - MountPoints2\{abfb1c35-7b44-11e0-9f81-00248c0e4426}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
 
MsConfig:64bit - StartUpFolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^C2DtoG15 - Verknüpfung.lnk - D:\Users\***\DOCUME~1\C2DTOG~1.0\C2DtoG15.exe - (A.Sammann)
MsConfig:64bit - StartUpFolder: C:^Users^***^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.1.lnk - D:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe - ()
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - D:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: Ai Nap - hkey= - key= - D:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe ()
MsConfig:64bit - StartUpReg: Cpu Level Up help - hkey= - key= - D:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe ()
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: FileZilla Server Interface - hkey= - key= - D:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe (FileZilla Project)
MsConfig:64bit - StartUpReg: ICQ - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: igndlm.exe - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - D:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: QFan Help - hkey= - key= - D:\Program Files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe ()
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: SpybotSD TeaTimer - hkey= - key= - D:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= - D:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - D:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {DCB5A516-D3A0-83A7-7CA8-1FD6614C36F2} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32: msacm.iac2 - C:\Windows\SysWOW64\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.vorbis - C:\Windows\SysWow64\vorbis.acm (HMS hxxp://hp.vector.co.jp/authors/VA012897/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: vidc.iv31 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv32 - C:\Windows\SysWow64\ir32_32.dll (Intel(R) Corporation)
Drivers32: vidc.iv41 - C:\Windows\SysWow64\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\Windows\SysWow64\ir50_32.dll (Intel Corporation)
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
Drivers32: vidc.yvu9 - C:\Windows\SysWow64\iyvu9_32.dll ()
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.06.16 14:14:55 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2011.06.16 14:14:50 | 000,039,984 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.06.16 14:14:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011.06.16 14:14:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.06.16 14:14:45 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.06.15 19:59:05 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\%APPDATA%
[2011.06.15 19:08:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
[2011.06.14 20:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus
[2011.06.01 23:35:34 | 000,000,000 | ---D | C] -- D:\Users\***\Documents\Black & White 2
[2011.06.01 23:17:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Black & White 2
[2011.05.29 15:28:33 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\School Tycoon
[2011.05.28 14:57:58 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\go
[2011.05.28 14:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Easybits GO
[2011.05.27 22:07:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2011.05.27 22:07:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2011.05.17 17:59:21 | 000,000,000 | ---D | C] -- D:\Users\***\Desktop\***
[2010.05.06 00:53:34 | 000,060,928 | ---- | C] ( ) -- C:\Windows\SysWow64\a3d.dll
[2010.05.06 00:32:20 | 000,012,800 | ---- | C] ( ) -- C:\Windows\SysWow64\killapps.exe
[2007.08.13 18:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\***\AppData\Local\CDRip.dll
[2007.01.18 22:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\***\AppData\Local\No23 Recorder.exe
[2006.12.11 20:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\***\AppData\Local\basscd.dll
[2006.12.11 20:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\***\AppData\Local\bass.dll
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.06.16 15:21:43 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.06.16 15:21:43 | 000,014,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.06.16 15:14:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.06.16 15:14:13 | 3220,480,000 | -HS- | M] () -- C:\hiberfil.sys
[2011.06.16 15:13:24 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000001-00001102-00000005-60071102}.rfx
[2011.06.16 15:13:23 | 000,061,256 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-60071102}.rfx
[2011.06.16 15:13:23 | 000,061,256 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000001-00001102-00000005-60071102}.rfx
[2011.06.16 14:14:50 | 000,000,792 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.15 20:14:35 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.06.15 20:14:35 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.06.15 20:14:35 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.06.15 20:14:35 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.06.15 20:14:35 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.06.15 20:07:26 | 005,108,080 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.06.15 19:25:17 | 000,020,572 | ---- | M] () -- D:\Users\***\Desktop\Unbenannt.png
[2011.06.15 19:08:31 | 000,000,945 | ---- | M] () -- D:\Users\***\Desktop\SpellForce - Platinum Edition.lnk
[2011.06.01 23:23:18 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\Black & White 2.lnk
[2011.05.29 15:28:33 | 000,002,845 | ---- | M] () -- D:\Users\***\Desktop\School Tycoon.lnk
[2011.05.29 09:11:30 | 000,039,984 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011.05.29 09:11:20 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.05.27 23:34:39 | 000,434,670 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011.05.27 22:07:05 | 000,001,071 | ---- | M] () -- D:\Users\***\Desktop\Spybot - Search & Destroy.lnk
[2011.05.22 00:08:57 | 000,019,753 | ---- | M] () -- D:\Users\***\Desktop\Neuer PC.ods
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.06.16 14:14:50 | 000,000,792 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011.06.15 19:42:05 | 000,000,945 | ---- | C] () -- D:\Users\***\Desktop\SpellForce - Platinum Edition.lnk
[2011.06.15 19:25:11 | 000,020,572 | ---- | C] () -- D:\Users\***\Desktop\Unbenannt.png
[2011.06.01 23:23:18 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\Black & White 2.lnk
[2011.05.29 15:28:33 | 000,002,845 | ---- | C] () -- D:\Users\***\Desktop\School Tycoon.lnk
[2011.05.28 14:57:58 | 000,001,686 | ---- | C] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spielen (EasyBits GO).lnk
[2011.05.27 22:07:05 | 000,001,071 | ---- | C] () -- D:\Users\***\Desktop\Spybot - Search & Destroy.lnk
[2011.05.26 22:42:36 | 000,012,180 | ---- | C] () -- C:\Users\***\samstag.ods
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.02.08 15:00:18 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.12.19 15:18:39 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2010.09.05 16:48:43 | 000,008,192 | ---- | C] () -- C:\Windows\d3dx.dat
[2010.06.17 22:08:58 | 000,000,132 | ---- | C] () -- C:\Users\***\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2010.05.06 01:34:18 | 000,027,039 | ---- | C] () -- C:\Windows\SysWow64\instwdm.ini
[2010.05.06 00:51:04 | 000,002,560 | ---- | C] () -- C:\Windows\SysWow64\CtxfiRes.dll
[2010.05.06 00:40:38 | 000,321,512 | ---- | C] () -- C:\Windows\SysWow64\ctdlang.dat
[2010.05.06 00:40:38 | 000,056,509 | ---- | C] () -- C:\Windows\SysWow64\ctdnlstr.dat
[2010.05.06 00:32:24 | 000,007,680 | ---- | C] () -- C:\Windows\SysWow64\enlocstr.exe
[2010.03.30 14:55:21 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2010.03.30 14:55:21 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2010.03.14 01:17:53 | 000,027,648 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2010.03.13 21:59:08 | 000,000,002 | -HS- | C] () -- C:\Users\***\AppData\Roaming\evf2
[2010.02.13 23:40:27 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.01.03 17:14:32 | 001,970,176 | ---- | C] () -- C:\Windows\SysWow64\d3dx9.dll
[2009.12.25 21:46:10 | 000,001,525 | ---- | C] () -- C:\Users\***\AppData\Local\RecConfig.xml
[2009.12.25 03:16:32 | 000,007,603 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg
[2009.12.25 01:35:05 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2009.12.25 01:35:05 | 000,013,368 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2009.12.25 01:30:33 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2009.12.25 01:08:17 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2009.12.25 01:08:17 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2009.12.25 01:07:59 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL
[2009.07.14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.03 22:00:28 | 000,000,054 | ---- | C] () -- C:\Windows\SysWow64\ctzapxx.ini
[2009.05.26 19:56:08 | 000,000,297 | ---- | C] () -- C:\Windows\SysWow64\kill.ini
[2007.08.13 18:46:00 | 000,155,136 | ---- | C] () -- C:\Users\***\AppData\Local\lame_enc.dll
[2007.05.16 09:35:44 | 002,071,552 | ---- | C] () -- C:\Windows\setup_rangers_2.exe
[2007.04.27 10:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2006.10.26 02:06:48 | 000,064,000 | ---- | C] () -- C:\Users\***\AppData\Local\vorbisenc.dll
[2006.10.26 02:06:48 | 000,019,456 | ---- | C] () -- C:\Users\***\AppData\Local\vorbisfile.dll
[2006.10.26 02:06:46 | 000,143,872 | ---- | C] () -- C:\Users\***\AppData\Local\vorbis.dll
[2006.10.26 02:06:36 | 000,015,872 | ---- | C] () -- C:\Users\***\AppData\Local\ogg.dll
[2005.08.23 23:34:06 | 000,029,184 | ---- | C] () -- C:\Users\***\AppData\Local\no23xwrapper.dll
 
========== LOP Check ==========
 
[2010.12.01 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2010.11.11 20:53:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ableton
[2010.12.12 02:22:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2011.02.08 15:01:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atari
[2009.12.27 19:20:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Audacity
[2011.05.11 01:59:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CPUControl
[2011.05.10 23:32:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.11.11 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Fender
[2010.06.20 19:34:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2011.06.16 13:53:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\go
[2010.11.13 18:51:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hardcore
[2011.01.24 18:44:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2010.07.11 15:46:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Imperium Romanum
[2010.02.17 18:22:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010.05.20 12:25:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2010.05.07 17:35:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MusicBrainz
[2009.12.24 02:25:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2010.11.13 15:39:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\REAPER
[2010.05.02 14:05:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE
[2010.11.14 03:08:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SynthMaker
[2009.12.26 22:11:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2009.12.24 02:59:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.02.13 23:56:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2010.04.03 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\UFOAI
[2010.12.29 02:53:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\XMedia Recode
[2011.06.07 18:21:10 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.12.01 21:38:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\.minecraft
[2010.11.11 20:53:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ableton
[2010.06.08 15:51:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AccurateRip
[2010.06.17 21:55:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Adobe
[2010.12.12 02:22:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2010.04.20 21:08:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Apple Computer
[2011.02.08 15:01:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Atari
[2009.12.27 19:20:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Audacity
[2010.03.25 14:08:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Avira
[2011.05.11 01:59:06 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CPUControl
[2010.08.26 07:26:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Creative
[2011.05.10 23:32:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DAEMON Tools Lite
[2010.05.01 18:19:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\dvdcss
[2010.11.11 20:28:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Fender
[2010.06.20 19:34:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FileZilla
[2011.06.16 13:53:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\go
[2010.11.13 18:51:26 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Hardcore
[2011.01.24 18:44:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2009.12.24 00:10:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Identities
[2010.05.01 18:15:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IGN_DLM
[2010.07.11 15:46:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Imperium Romanum
[2009.12.25 01:30:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InstallShield
[2010.01.27 20:19:07 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InstallShield Installation Information
[2010.02.17 18:22:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Leadertech
[2010.03.19 12:21:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Macromedia
[2010.05.20 12:25:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MAGIX
[2011.06.16 14:14:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Malwarebytes
[2009.07.14 20:18:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Media Center Programs
[2011.05.11 02:03:41 | 000,000,000 | --SD | M] -- C:\Users\***\AppData\Roaming\Microsoft
[2009.12.24 02:59:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mozilla
[2010.05.07 17:35:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MusicBrainz
[2010.12.31 15:30:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Nero
[2010.03.30 22:23:50 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\NVIDIA
[2009.12.24 02:25:02 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org
[2010.11.13 15:39:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\REAPER
[2010.01.08 23:07:13 | 000,000,000 | RH-D | M] -- C:\Users\***\AppData\Roaming\SecuROM
[2011.06.16 15:13:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skype
[2011.05.28 14:31:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\skypePM
[2010.05.02 14:05:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SPORE
[2010.11.14 03:08:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\SynthMaker
[2009.12.24 02:59:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Talkback
[2009.12.26 22:11:04 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer
[2009.12.24 02:59:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Thunderbird
[2010.02.13 23:56:34 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TS3Client
[2011.01.18 22:53:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\U3
[2010.04.03 20:00:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\UFOAI
[2011.05.10 13:16:48 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\vlc
[2011.02.04 18:53:01 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Winamp
[2009.12.24 00:43:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinRAR
[2010.12.29 02:53:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\XMedia Recode
 
< %APPDATA%\*.exe /s >
[2010.01.27 20:00:58 | 000,331,776 | ---- | M] () -- C:\Users\***\AppData\Roaming\InstallShield Installation Information\{FDBBAF14-5ED8-49B7-A5BE-1C35668B074D}\SetupUT3.exe
[2010.10.16 13:14:03 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\***\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2011.03.07 21:31:11 | 000,003,262 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{22B0E143-2B0B-435B-9F56-136A3D16065F}\controlPanelIcon.exe
[2011.03.07 21:31:11 | 000,010,134 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{22B0E143-2B0B-435B-9F56-136A3D16065F}\SystemFolder_msiexec.exe
[2011.05.29 15:28:33 | 000,007,078 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{34341E0F-C3F4-4EA2-9E6B-55DDA2A67568}\school_icon.exe
[2011.05.07 10:55:23 | 000,010,134 | R--- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Installer\{89661B04-C646-4412-B6D3-5E19F02F1F37}\ARPPRODUCTICON.exe
[2007.10.23 10:27:20 | 000,110,592 | ---- | M] () -- C:\Users\***\AppData\Roaming\U3\temp\cleanup.exe
[2008.05.02 11:41:48 | 003,493,888 | -H-- | M] (SanDisk Corporation) -- C:\Users\***\AppData\Roaming\U3\temp\Launchpad Removal.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2010.11.20 14:21:37 | 011,410,432 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\wmp.dll
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0

< End of report >
__________________
Alt 16.06.2011, 19:47   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:
ATTFilter
:OTL
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004.06.11 12:43:24 | 001,122,304 | R--- | M] (JoWooD Software Productions AG) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2000.10.12 12:20:48 | 000,000,047 | R--- | M] () - E:\Autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2004.04.05 20:59:02 | 000,021,630 | R--- | M] () - E:\autorun.ico -- [ CDFS ]
O33 - MountPoints2\{815ad9cd-1ce8-11e0-9c3b-00248c0e4426}\Shell - "" = AutoRun
O33 - MountPoints2\{815ad9cd-1ce8-11e0-9c3b-00248c0e4426}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{abfb1c35-7b44-11e0-9f81-00248c0e4426}\Shell - "" = AutoRun
O33 - MountPoints2\{abfb1c35-7b44-11e0-9f81-00248c0e4426}\Shell\AutoRun\command - "" = F:\AUTORUN.EXE
[2010.03.13 21:59:08 | 000,000,002 | -HS- | C] () -- C:\Users\***\AppData\Roaming\evf2
[2007.08.13 18:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\***\AppData\Local\CDRip.dll
[2006.12.11 20:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\***\AppData\Local\basscd.dll
[2006.12.11 20:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\***\AppData\Local\bass.dll
@Alternate Data Stream - 229 bytes -> C:\ProgramData\TEMP:8FF81EB0
:Commands
[purity]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.


Ich brauch danach den Quarantäneordner von OTL. Bitte folgendes machen:

1.) GANZ WICHTIG!! Virenscanner deaktivieren, der darf das Packen nicht beeinflussen!
2.) Ordner MovedFiles in C:\_OTL in eine Datei zippen
3.) Die erstellte ZIP-Datei hier hochladen => http://www.trojaner-board.de/54791-a...ner-board.html
4.) Wenns erfolgreich war Bescheid sagen
5.) Erst dann wieder den Virenscanner einschalten
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 16.06.2011, 21:46   #5
GreyShaddow
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Ist geglückt, allerdings in 2 Anläufen, da ich erst vergaß die Sternchen rauszunehmen

Dummerweise kann ich mein DVD-Laufwerk E: nicht mehr öffnen.
Im Explorer bei auswerfen sagt er Fehler.
Er öffnete sich nur um die DVD anzunehmen.

Jetzt bekomme ich eine Malware Warnung von AntiVir:
Code:
ATTFilter
In der Datei 'C:\Users\Thorben\AppData\Local\Mozilla\Firefox\Profiles\cwqoodar.default\Cache\547373B1d01'
wurde ein Virus oder unerwünschtes Programm 'SPR/Crack.Face.1' [riskware] gefunden.
Ausgeführte Aktion: Zugriff erlauben
 
Die Datei 'C:\Users\Thorben\AppData\Local\Mozilla\Firefox\Profiles\cwqoodar.default\Cache\547373B1d01'
enthielt einen Virus oder unerwünschtes Programm 'SPR/Crack.Face.1' [riskware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4b3ec979.qua' verschoben!


Alt 16.06.2011, 22:02   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Bitte nun dieses Tool von Kaspersky ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - also beide Haken setzen, auf Start scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
--> "Debugging or Monitoring tool detected"

Alt 16.06.2011, 22:10   #7
GreyShaddow
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Code:
ATTFilter
2011/06/16 23:09:19.0127 1412	TDSS rootkit removing tool 2.5.5.0 Jun 16 2011 15:25:15
2011/06/16 23:09:19.0283 1412	================================================================================
2011/06/16 23:09:19.0283 1412	SystemInfo:
2011/06/16 23:09:19.0283 1412	
2011/06/16 23:09:19.0283 1412	OS Version: 6.1.7601 ServicePack: 1.0
2011/06/16 23:09:19.0283 1412	Product type: Workstation
2011/06/16 23:09:19.0283 1412	ComputerName: ***
2011/06/16 23:09:19.0283 1412	UserName: ***
2011/06/16 23:09:19.0283 1412	Windows directory: C:\Windows
2011/06/16 23:09:19.0283 1412	System windows directory: C:\Windows
2011/06/16 23:09:19.0283 1412	Running under WOW64
2011/06/16 23:09:19.0283 1412	Processor architecture: Intel x64
2011/06/16 23:09:19.0283 1412	Number of processors: 4
2011/06/16 23:09:19.0283 1412	Page size: 0x1000
2011/06/16 23:09:19.0283 1412	Boot type: Normal boot
2011/06/16 23:09:19.0283 1412	================================================================================
2011/06/16 23:09:20.0032 1412	Initialize success
2011/06/16 23:09:21.0561 3416	================================================================================
2011/06/16 23:09:21.0561 3416	Scan started
2011/06/16 23:09:21.0561 3416	Mode: Manual; 
2011/06/16 23:09:21.0561 3416	================================================================================
2011/06/16 23:09:22.0278 3416	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
2011/06/16 23:09:22.0356 3416	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
2011/06/16 23:09:22.0387 3416	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
2011/06/16 23:09:22.0419 3416	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
2011/06/16 23:09:22.0450 3416	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
2011/06/16 23:09:22.0481 3416	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
2011/06/16 23:09:22.0543 3416	AFD             (d5b031c308a409a0a576bff4cf083d30) C:\Windows\system32\drivers\afd.sys
2011/06/16 23:09:22.0575 3416	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
2011/06/16 23:09:22.0606 3416	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
2011/06/16 23:09:22.0668 3416	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
2011/06/16 23:09:22.0699 3416	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
2011/06/16 23:09:22.0715 3416	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
2011/06/16 23:09:22.0746 3416	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
2011/06/16 23:09:22.0762 3416	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
2011/06/16 23:09:22.0793 3416	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
2011/06/16 23:09:22.0855 3416	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
2011/06/16 23:09:22.0887 3416	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
2011/06/16 23:09:22.0902 3416	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
2011/06/16 23:09:22.0949 3416	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
2011/06/16 23:09:22.0996 3416	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
2011/06/16 23:09:23.0027 3416	atksgt          (fc0e8778c000291caf60eb88c011e931) C:\Windows\system32\DRIVERS\atksgt.sys
2011/06/16 23:09:23.0058 3416	avgntflt        (39c2e2870fc0c2ae0595b883cbe716b4) C:\Windows\system32\DRIVERS\avgntflt.sys
2011/06/16 23:09:23.0121 3416	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
2011/06/16 23:09:23.0152 3416	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
2011/06/16 23:09:23.0167 3416	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
2011/06/16 23:09:23.0214 3416	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
2011/06/16 23:09:23.0261 3416	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
2011/06/16 23:09:23.0277 3416	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
2011/06/16 23:09:23.0308 3416	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
2011/06/16 23:09:23.0323 3416	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
2011/06/16 23:09:23.0355 3416	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
2011/06/16 23:09:23.0370 3416	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
2011/06/16 23:09:23.0386 3416	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
2011/06/16 23:09:23.0401 3416	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
2011/06/16 23:09:23.0479 3416	Cardex          (2bd001601496ae87f7cb86f1fcd6f1ec) C:\Windows\SysWOW64\drivers\TBPANELX64.SYS
2011/06/16 23:09:23.0511 3416	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
2011/06/16 23:09:23.0557 3416	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys
2011/06/16 23:09:23.0589 3416	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
2011/06/16 23:09:23.0620 3416	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
2011/06/16 23:09:23.0667 3416	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
2011/06/16 23:09:23.0698 3416	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
2011/06/16 23:09:23.0745 3416	CNG             (d5fea92400f12412b3922087c09da6a5) C:\Windows\system32\Drivers\cng.sys
2011/06/16 23:09:23.0760 3416	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
2011/06/16 23:09:23.0807 3416	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
2011/06/16 23:09:23.0901 3416	cpuz132         (c9c25778efe890baa4087e32937016a0) C:\Windows\system32\drivers\cpuz132_x64.sys
2011/06/16 23:09:23.0932 3416	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
2011/06/16 23:09:23.0994 3416	CT20XUT         (f2e8c13e27a0044a19ba82e5c6e8879e) C:\Windows\system32\drivers\CT20XUT.SYS
2011/06/16 23:09:24.0041 3416	CT20XUT.SYS     (f2e8c13e27a0044a19ba82e5c6e8879e) C:\Windows\System32\drivers\CT20XUT.SYS
2011/06/16 23:09:24.0072 3416	ctac32k         (15425196a518c4f0d5a5bba524d60c4b) C:\Windows\system32\drivers\ctac32k.sys
2011/06/16 23:09:24.0103 3416	ctaud2k         (095f82704725db00307a9c7193c13b3c) C:\Windows\system32\drivers\ctaud2k.sys
2011/06/16 23:09:24.0150 3416	CTEXFIFX        (4551fc6a89328995d87dc23e4fd1050b) C:\Windows\system32\drivers\CTEXFIFX.SYS
2011/06/16 23:09:24.0197 3416	CTEXFIFX.SYS    (4551fc6a89328995d87dc23e4fd1050b) C:\Windows\System32\drivers\CTEXFIFX.SYS
2011/06/16 23:09:24.0213 3416	CTHWIUT         (4ec7e207a05b974f59f477e3305cd60d) C:\Windows\system32\drivers\CTHWIUT.SYS
2011/06/16 23:09:24.0228 3416	CTHWIUT.SYS     (4ec7e207a05b974f59f477e3305cd60d) C:\Windows\System32\drivers\CTHWIUT.SYS
2011/06/16 23:09:24.0259 3416	ctprxy2k        (3e4e7a4a3b2f3d0172f276a0a1a60595) C:\Windows\system32\drivers\ctprxy2k.sys
2011/06/16 23:09:24.0275 3416	ctsfm2k         (15ac0a5aa8e88fd6843c70c1738eb963) C:\Windows\system32\drivers\ctsfm2k.sys
2011/06/16 23:09:24.0322 3416	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
2011/06/16 23:09:24.0369 3416	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
2011/06/16 23:09:24.0400 3416	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
2011/06/16 23:09:24.0447 3416	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
2011/06/16 23:09:24.0493 3416	dtsoftbus01     (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
2011/06/16 23:09:24.0525 3416	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
2011/06/16 23:09:24.0603 3416	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
2011/06/16 23:09:24.0649 3416	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
2011/06/16 23:09:24.0681 3416	emupia          (c8f9f86a1a078fdb304e2b6029f1e5e2) C:\Windows\system32\drivers\emupia2k.sys
2011/06/16 23:09:24.0712 3416	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
2011/06/16 23:09:24.0743 3416	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
2011/06/16 23:09:24.0774 3416	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
2011/06/16 23:09:24.0790 3416	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
2011/06/16 23:09:24.0821 3416	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
2011/06/16 23:09:24.0837 3416	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
2011/06/16 23:09:24.0883 3416	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
2011/06/16 23:09:24.0930 3416	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
2011/06/16 23:09:24.0946 3416	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
2011/06/16 23:09:24.0977 3416	Fs_Rec          (e95ef8547de20cf0603557c0cf7a9462) C:\Windows\system32\drivers\Fs_Rec.sys
2011/06/16 23:09:25.0008 3416	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
2011/06/16 23:09:25.0039 3416	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
2011/06/16 23:09:25.0086 3416	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
2011/06/16 23:09:25.0133 3416	ha20x2k         (57f6cf8c66d23b2ebd32b4a00fe82a15) C:\Windows\system32\drivers\ha20x2k.sys
2011/06/16 23:09:25.0180 3416	hamachi         (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
2011/06/16 23:09:25.0211 3416	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
2011/06/16 23:09:25.0258 3416	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
2011/06/16 23:09:25.0305 3416	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
2011/06/16 23:09:25.0336 3416	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
2011/06/16 23:09:25.0351 3416	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
2011/06/16 23:09:25.0383 3416	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
2011/06/16 23:09:25.0429 3416	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
2011/06/16 23:09:25.0476 3416	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
2011/06/16 23:09:25.0523 3416	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
2011/06/16 23:09:25.0632 3416	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
2011/06/16 23:09:25.0695 3416	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
2011/06/16 23:09:25.0741 3416	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
2011/06/16 23:09:25.0788 3416	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
2011/06/16 23:09:25.0819 3416	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
2011/06/16 23:09:25.0851 3416	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
2011/06/16 23:09:25.0897 3416	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
2011/06/16 23:09:25.0929 3416	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
2011/06/16 23:09:25.0944 3416	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
2011/06/16 23:09:25.0975 3416	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
2011/06/16 23:09:25.0991 3416	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
2011/06/16 23:09:26.0038 3416	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
2011/06/16 23:09:26.0069 3416	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
2011/06/16 23:09:26.0100 3416	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
2011/06/16 23:09:26.0131 3416	KSecDD          (ccd53b5bd33ce0c889e830d839c8b66e) C:\Windows\system32\Drivers\ksecdd.sys
2011/06/16 23:09:26.0163 3416	KSecPkg         (9ff918a261752c12639e8ad4208d2c2f) C:\Windows\system32\Drivers\ksecpkg.sys
2011/06/16 23:09:26.0178 3416	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
2011/06/16 23:09:26.0225 3416	L1E             (b8e670d7ef61615fa03104552854fac9) C:\Windows\system32\DRIVERS\L1E62x64.sys
2011/06/16 23:09:26.0272 3416	LADF_DHP2       (883e2bc3e28458f17b02df95ce46c4d6) C:\Windows\system32\DRIVERS\ladfDHP2amd64.sys
2011/06/16 23:09:26.0303 3416	LADF_SBVM       (b012b0402856eefe7e9527b4086a1388) C:\Windows\system32\DRIVERS\ladfSBVMamd64.sys
2011/06/16 23:09:26.0350 3416	LGBusEnum       (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
2011/06/16 23:09:26.0365 3416	LGVirHid        (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
2011/06/16 23:09:26.0412 3416	lirsgt          (156ab2e56dc3ca0b582e3362e07cded7) C:\Windows\system32\DRIVERS\lirsgt.sys
2011/06/16 23:09:26.0443 3416	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
2011/06/16 23:09:26.0475 3416	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
2011/06/16 23:09:26.0506 3416	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
2011/06/16 23:09:26.0521 3416	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
2011/06/16 23:09:26.0553 3416	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
2011/06/16 23:09:26.0584 3416	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
2011/06/16 23:09:26.0615 3416	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
2011/06/16 23:09:26.0631 3416	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
2011/06/16 23:09:26.0662 3416	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
2011/06/16 23:09:26.0709 3416	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
2011/06/16 23:09:26.0740 3416	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
2011/06/16 23:09:26.0771 3416	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
2011/06/16 23:09:26.0802 3416	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
2011/06/16 23:09:26.0849 3416	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
2011/06/16 23:09:26.0865 3416	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
2011/06/16 23:09:26.0896 3416	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
2011/06/16 23:09:26.0943 3416	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
2011/06/16 23:09:26.0958 3416	mrxsmb10        (2086d463bd371d8a37d153897430916d) C:\Windows\system32\DRIVERS\mrxsmb10.sys
2011/06/16 23:09:26.0974 3416	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
2011/06/16 23:09:27.0005 3416	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
2011/06/16 23:09:27.0036 3416	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
2011/06/16 23:09:27.0067 3416	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
2011/06/16 23:09:27.0083 3416	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
2011/06/16 23:09:27.0114 3416	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
2011/06/16 23:09:27.0161 3416	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
2011/06/16 23:09:27.0177 3416	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
2011/06/16 23:09:27.0192 3416	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
2011/06/16 23:09:27.0223 3416	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
2011/06/16 23:09:27.0255 3416	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
2011/06/16 23:09:27.0270 3416	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
2011/06/16 23:09:27.0286 3416	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
2011/06/16 23:09:27.0317 3416	MTsensor        (2219a3d695405e7ba2186ba6b9ede14a) C:\Windows\system32\DRIVERS\ASACPI.sys
2011/06/16 23:09:27.0348 3416	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
2011/06/16 23:09:27.0395 3416	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
2011/06/16 23:09:27.0457 3416	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
2011/06/16 23:09:27.0489 3416	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
2011/06/16 23:09:27.0520 3416	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
2011/06/16 23:09:27.0551 3416	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
2011/06/16 23:09:27.0598 3416	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
2011/06/16 23:09:27.0629 3416	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
2011/06/16 23:09:27.0645 3416	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
2011/06/16 23:09:27.0676 3416	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
2011/06/16 23:09:27.0754 3416	netr7364        (81b8d0c1ce44a7fdbd596b693783950c) C:\Windows\system32\DRIVERS\netr7364.sys
2011/06/16 23:09:27.0785 3416	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
2011/06/16 23:09:27.0816 3416	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
2011/06/16 23:09:27.0847 3416	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
2011/06/16 23:09:27.0894 3416	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
2011/06/16 23:09:27.0925 3416	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
2011/06/16 23:09:28.0144 3416	nvlddmkm        (a963c2c276a97b088ded5d7a83be8052) C:\Windows\system32\DRIVERS\nvlddmkm.sys
2011/06/16 23:09:28.0237 3416	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
2011/06/16 23:09:28.0269 3416	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
2011/06/16 23:09:28.0315 3416	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
2011/06/16 23:09:28.0362 3416	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
2011/06/16 23:09:28.0409 3416	ossrv           (64184884b0f505e0e8d8a48f551e13a8) C:\Windows\system32\drivers\ctoss2k.sys
2011/06/16 23:09:28.0440 3416	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
2011/06/16 23:09:28.0471 3416	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
2011/06/16 23:09:28.0518 3416	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
2011/06/16 23:09:28.0534 3416	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
2011/06/16 23:09:28.0549 3416	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
2011/06/16 23:09:28.0581 3416	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
2011/06/16 23:09:28.0612 3416	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
2011/06/16 23:09:28.0690 3416	Point64         (33328fa8a580885ab0065be6db266e9f) C:\Windows\system32\DRIVERS\point64.sys
2011/06/16 23:09:28.0752 3416	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
2011/06/16 23:09:28.0768 3416	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
2011/06/16 23:09:28.0830 3416	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
2011/06/16 23:09:28.0877 3416	PSI             (fb46e9a827a8799ebd7bfa9128c91f37) C:\Windows\system32\DRIVERS\psi_mf.sys
2011/06/16 23:09:28.0924 3416	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
2011/06/16 23:09:28.0955 3416	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
2011/06/16 23:09:28.0986 3416	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
2011/06/16 23:09:29.0002 3416	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
2011/06/16 23:09:29.0033 3416	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
2011/06/16 23:09:29.0064 3416	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
2011/06/16 23:09:29.0095 3416	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
2011/06/16 23:09:29.0127 3416	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
2011/06/16 23:09:29.0158 3416	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
2011/06/16 23:09:29.0189 3416	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
2011/06/16 23:09:29.0205 3416	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
2011/06/16 23:09:29.0220 3416	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
2011/06/16 23:09:29.0236 3416	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
2011/06/16 23:09:29.0267 3416	RDPWD           (15b66c206b5cb095bab980553f38ed23) C:\Windows\system32\drivers\RDPWD.sys
2011/06/16 23:09:29.0314 3416	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
2011/06/16 23:09:29.0361 3416	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
2011/06/16 23:09:29.0407 3416	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
2011/06/16 23:09:29.0470 3416	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
2011/06/16 23:09:29.0501 3416	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
2011/06/16 23:09:29.0563 3416	seehcri         (ede7a1d2715aac2190d51dc07afd44e3) C:\Windows\system32\DRIVERS\seehcri.sys
2011/06/16 23:09:29.0610 3416	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
2011/06/16 23:09:29.0626 3416	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
2011/06/16 23:09:29.0657 3416	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
2011/06/16 23:09:29.0704 3416	sfdrv01a        (dda1b38a59de5096e2619d4cfde01f4a) C:\Windows\system32\drivers\sfdrv01a.sys
2011/06/16 23:09:29.0751 3416	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
2011/06/16 23:09:29.0766 3416	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
2011/06/16 23:09:29.0782 3416	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
2011/06/16 23:09:29.0797 3416	sfhlp02         (17f6bd95bf04b924f4c05ce78bef8ae6) C:\Windows\system32\drivers\sfhlp02.sys
2011/06/16 23:09:29.0813 3416	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
2011/06/16 23:09:29.0860 3416	sfsync04        (5322b5366fc315e1b4c03633a1331cd1) C:\Windows\system32\drivers\sfsync04.sys
2011/06/16 23:09:29.0907 3416	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
2011/06/16 23:09:29.0922 3416	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
2011/06/16 23:09:29.0938 3416	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
2011/06/16 23:09:30.0000 3416	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
2011/06/16 23:09:30.0063 3416	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
2011/06/16 23:09:30.0109 3416	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
2011/06/16 23:09:30.0156 3416	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
2011/06/16 23:09:30.0187 3416	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
2011/06/16 23:09:30.0234 3416	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
2011/06/16 23:09:30.0359 3416	Tcpip           (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\drivers\tcpip.sys
2011/06/16 23:09:30.0421 3416	TCPIP6          (92ce29d95ac9dd2d0ee9061d551ba250) C:\Windows\system32\DRIVERS\tcpip.sys
2011/06/16 23:09:30.0453 3416	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
2011/06/16 23:09:30.0484 3416	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
2011/06/16 23:09:30.0499 3416	TDTCP           (e4245bda3190a582d55ed09e137401a9) C:\Windows\system32\drivers\tdtcp.sys
2011/06/16 23:09:30.0531 3416	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
2011/06/16 23:09:30.0546 3416	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
2011/06/16 23:09:30.0609 3416	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
2011/06/16 23:09:30.0640 3416	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
2011/06/16 23:09:30.0702 3416	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
2011/06/16 23:09:30.0718 3416	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
2011/06/16 23:09:30.0765 3416	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
2011/06/16 23:09:30.0796 3416	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
2011/06/16 23:09:30.0843 3416	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
2011/06/16 23:09:30.0858 3416	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
2011/06/16 23:09:30.0905 3416	USBAAPL64       (54d4b48d443e7228bf64cf7cdc3118ac) C:\Windows\system32\Drivers\usbaapl64.sys
2011/06/16 23:09:30.0936 3416	usbaudio        (82e8f44688e6fac57b5b7c6fc7adbc2a) C:\Windows\system32\drivers\usbaudio.sys
2011/06/16 23:09:30.0967 3416	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
2011/06/16 23:09:30.0999 3416	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
2011/06/16 23:09:31.0030 3416	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
2011/06/16 23:09:31.0061 3416	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
2011/06/16 23:09:31.0077 3416	usbohci         (58e546bbaf87664fc57e0f6081e4f609) C:\Windows\system32\DRIVERS\usbohci.sys
2011/06/16 23:09:31.0092 3416	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
2011/06/16 23:09:31.0123 3416	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
2011/06/16 23:09:31.0155 3416	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\DRIVERS\usbuhci.sys
2011/06/16 23:09:31.0170 3416	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
2011/06/16 23:09:31.0201 3416	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
2011/06/16 23:09:31.0217 3416	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
2011/06/16 23:09:31.0248 3416	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
2011/06/16 23:09:31.0264 3416	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
2011/06/16 23:09:31.0295 3416	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
2011/06/16 23:09:31.0326 3416	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
2011/06/16 23:09:31.0373 3416	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
2011/06/16 23:09:31.0389 3416	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
2011/06/16 23:09:31.0420 3416	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
2011/06/16 23:09:31.0435 3416	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
2011/06/16 23:09:31.0482 3416	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
2011/06/16 23:09:31.0498 3416	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
2011/06/16 23:09:31.0529 3416	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/16 23:09:31.0545 3416	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
2011/06/16 23:09:31.0576 3416	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
2011/06/16 23:09:31.0607 3416	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
2011/06/16 23:09:31.0654 3416	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
2011/06/16 23:09:31.0669 3416	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
2011/06/16 23:09:31.0810 3416	WinRing0_1_1_1  (9ac4e7473665809b12f7b8355d1e5b7b) D:\Users\***\Documents\C2DtoG15 1.1.0.0\WinRing0x64.sys
2011/06/16 23:09:31.0857 3416	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
2011/06/16 23:09:31.0919 3416	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
2011/06/16 23:09:31.0950 3416	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
2011/06/16 23:09:31.0997 3416	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
2011/06/16 23:09:32.0044 3416	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
2011/06/16 23:09:32.0231 3416	zlportio        (baa50c4daa2a85c949788734885b2726) D:\Program Files (x86)\UltraStar\zlportio.sys
2011/06/16 23:09:32.0278 3416	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1
2011/06/16 23:09:32.0325 3416	MBR (0x1B8)     (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
2011/06/16 23:09:32.0325 3416	================================================================================
2011/06/16 23:09:32.0325 3416	Scan finished
2011/06/16 23:09:32.0325 3416	================================================================================
2011/06/16 23:09:32.0340 4152	Detected object count: 0
2011/06/16 23:09:32.0340 4152	Actual detected object count: 0

Alt 17.06.2011, 07:52   #8
GreyShaddow
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Jetzt lässt sich das Laufwerk wieder öffnen, aber meine Swat4 DVD wird nicht mehr als original erkannt (auch im 2. Laufwerk), komisch.

Alt 17.06.2011, 10:17   #9
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 17.06.2011, 19:11   #10
GreyShaddow
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Code:
ATTFilter
ComboFix 11-06-16.02 - *Name* 17.06.2011  19:40:12.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4095.2662 [GMT 2:00]
ausgeführt von:: d:\users\*Name*\Desktop\cofi.exe
AV: AntiVir Desktop *Disabled/Updated* {090F9C29-64CE-6C6F-379C-5901B49A85B7}
SP: AntiVir Desktop *Disabled/Updated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\*Name*\AppData\Local\lame_enc.dll
c:\users\*Name*\AppData\Local\no23xwrapper.dll
c:\users\*Name*\AppData\Local\ogg.dll
c:\users\*Name*\AppData\Local\vorbis.dll
c:\users\*Name*\AppData\Local\vorbisenc.dll
c:\users\*Name*\AppData\Local\vorbisfile.dll
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2011-05-17 bis 2011-06-17  ))))))))))))))))))))))))))))))
.
.
2011-06-17 17:43 . 2011-06-17 17:43	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2011-06-17 17:43 . 2011-06-17 17:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-06-17 07:14 . 2011-05-09 22:00	8718160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{8A92FC07-4767-4A69-8B3A-1EA540C30933}\mpengine.dll
2011-06-16 17:00 . 2011-06-17 06:55	43520	----a-w-	c:\windows\SysWow64\CmdLineExt03.dll
2011-06-16 12:14 . 2011-06-16 12:14	--------	d-----w-	c:\users\*Name*\AppData\Roaming\Malwarebytes
2011-06-16 12:14 . 2011-05-29 07:11	39984	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-16 12:14 . 2011-06-16 12:14	--------	d-----w-	c:\programdata\Malwarebytes
2011-06-16 12:14 . 2011-05-29 07:11	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-06-15 17:20 . 2011-04-25 05:33	1923968	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-06-15 17:20 . 2011-04-25 02:34	499200	----a-w-	c:\windows\system32\drivers\afd.sys
2011-06-15 17:20 . 2011-04-27 02:40	158208	----a-w-	c:\windows\system32\drivers\mrxsmb.sys
2011-06-15 17:20 . 2011-04-27 02:39	289280	----a-w-	c:\windows\system32\drivers\mrxsmb10.sys
2011-06-15 17:20 . 2011-04-27 02:39	128000	----a-w-	c:\windows\system32\drivers\mrxsmb20.sys
2011-06-15 17:20 . 2011-05-28 03:06	3135488	----a-w-	c:\windows\system32\win32k.sys
2011-06-15 17:20 . 2011-04-29 03:06	467456	----a-w-	c:\windows\system32\drivers\srv.sys
2011-06-15 17:20 . 2011-04-29 03:05	410112	----a-w-	c:\windows\system32\drivers\srv2.sys
2011-06-15 17:20 . 2011-04-29 03:05	168448	----a-w-	c:\windows\system32\drivers\srvnet.sys
2011-06-15 17:20 . 2011-02-25 06:22	861696	----a-w-	c:\windows\system32\oleaut32.dll
2011-06-15 17:20 . 2011-02-25 05:34	571904	----a-w-	c:\windows\SysWow64\oleaut32.dll
2011-06-15 17:20 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2011-06-15 17:20 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2011-05-28 12:57 . 2011-06-17 07:24	--------	d-----w-	c:\users\*Name*\AppData\Roaming\go
2011-05-28 12:57 . 2011-06-17 07:24	--------	d-----w-	c:\programdata\Easybits GO
2011-05-27 20:07 . 2011-06-16 21:25	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2011-05-25 19:55 . 2011-04-22 22:15	27520	----a-w-	c:\windows\system32\drivers\Diskdump.sys
2011-05-19 13:22 . 2011-04-09 06:58	142336	----a-w-	c:\windows\system32\poqexec.exe
2011-05-19 13:22 . 2011-04-09 05:56	123904	----a-w-	c:\windows\SysWow64\poqexec.exe
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-05-16 21:41 . 2011-05-16 21:09	404640	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-10 21:31 . 2011-05-10 21:31	254528	----a-w-	c:\windows\system32\drivers\dtsoftbus01.sys
2011-04-28 20:07 . 2009-08-18 11:49	564632	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\wlidui.dll
2011-04-28 20:07 . 2009-08-18 10:24	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2011-04-23 23:20 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2011-04-23 23:20 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2011-04-21 16:08 . 2011-04-21 16:08	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2011-04-21 16:08 . 2011-04-21 16:08	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2011-04-21 16:08 . 2011-04-21 16:08	1126912	----a-w-	c:\windows\SysWow64\wininet.dll
2011-04-21 16:08 . 2011-04-21 16:08	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2011-04-21 16:08 . 2011-04-21 16:08	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2011-04-21 16:08 . 2011-04-21 16:08	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2011-04-21 16:08 . 2011-04-21 16:08	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2011-04-21 16:08 . 2011-04-21 16:08	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2011-04-21 16:08 . 2011-04-21 16:08	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2011-04-21 16:08 . 2011-04-21 16:08	367104	----a-w-	c:\windows\SysWow64\html.iec
2011-04-21 16:08 . 2011-04-21 16:08	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2011-04-21 16:08 . 2011-04-21 16:08	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2011-04-21 16:08 . 2011-04-21 16:08	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2011-04-21 16:08 . 2011-04-21 16:08	1427456	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2011-04-21 16:08 . 2011-04-21 16:08	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2011-04-21 16:08 . 2011-04-21 16:08	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2011-04-21 16:08 . 2011-04-21 16:08	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2011-04-21 16:08 . 2011-04-21 16:08	49664	----a-w-	c:\windows\system32\imgutil.dll
2011-04-21 16:08 . 2011-04-21 16:08	48640	----a-w-	c:\windows\system32\mshtmler.dll
2011-04-21 16:08 . 2011-04-21 16:08	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2011-04-21 16:08 . 2011-04-21 16:08	222208	----a-w-	c:\windows\system32\msls31.dll
2011-04-21 16:08 . 2011-04-21 16:08	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2011-04-21 16:08 . 2011-04-21 16:08	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2011-04-21 16:08 . 2011-04-21 16:08	1389056	----a-w-	c:\windows\system32\wininet.dll
2011-04-21 16:08 . 2011-04-21 16:08	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2011-04-21 16:08 . 2011-04-21 16:08	12288	----a-w-	c:\windows\system32\mshta.exe
2011-04-21 16:08 . 2011-04-21 16:08	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2011-04-21 16:08 . 2011-04-21 16:08	114176	----a-w-	c:\windows\system32\admparse.dll
2011-04-21 16:08 . 2011-04-21 16:08	111616	----a-w-	c:\windows\system32\iesysprep.dll
2011-04-21 16:08 . 2011-04-21 16:08	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2011-04-21 16:08 . 2011-04-21 16:08	85504	----a-w-	c:\windows\system32\iesetup.dll
2011-04-21 16:08 . 2011-04-21 16:08	76800	----a-w-	c:\windows\system32\tdc.ocx
2011-04-21 16:08 . 2011-04-21 16:08	603648	----a-w-	c:\windows\system32\vbscript.dll
2011-04-21 16:08 . 2011-04-21 16:08	448512	----a-w-	c:\windows\system32\html.iec
2011-04-21 16:08 . 2011-04-21 16:08	30720	----a-w-	c:\windows\system32\licmgr10.dll
2011-04-21 16:08 . 2011-04-21 16:08	165888	----a-w-	c:\windows\system32\iexpress.exe
2011-04-21 16:08 . 2011-04-21 16:08	160256	----a-w-	c:\windows\system32\wextract.exe
2011-04-21 16:08 . 2011-04-21 16:08	1492992	----a-w-	c:\windows\system32\inetcpl.cpl
2011-04-13 13:04 . 2011-04-13 13:04	45432	----a-w-	c:\windows\system32\drivers\point64.sys
2011-04-13 13:04 . 2011-04-13 13:04	1721576	----a-w-	c:\windows\system32\wdfcoinstaller01009.dll
2011-04-09 16:55 . 2011-04-09 16:55	15453336	----a-w-	c:\windows\SysWow64\xlive.dll
2011-04-09 16:55 . 2011-04-09 16:55	13642904	----a-w-	c:\windows\SysWow64\xlivefnt.dll
2011-04-09 07:02 . 2011-05-11 13:22	5562240	----a-w-	c:\windows\system32\ntoskrnl.exe
2011-04-09 06:02 . 2011-05-11 13:22	3967872	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2011-04-09 06:02 . 2011-05-11 13:22	3912576	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2011-04-08 21:00 . 2011-04-08 21:00	464896	----a-w-	c:\windows\system32\ipcoin815.dll
2011-04-08 05:14 . 2011-04-20 08:34	67176	----a-w-	c:\windows\system32\OpenCL.dll
2011-04-08 05:14 . 2011-04-20 08:34	6299752	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2011-04-08 05:14 . 2011-04-20 08:34	57960	----a-w-	c:\windows\SysWow64\OpenCL.dll
2011-04-08 05:14 . 2011-04-20 08:34	6974056	----a-w-	c:\windows\system32\nvcuda.dll
2011-04-08 05:14 . 2011-04-20 08:34	5183080	----a-w-	c:\windows\SysWow64\nvcuda.dll
2011-04-08 05:14 . 2011-04-20 08:34	2893416	----a-w-	c:\windows\system32\nvcuvid.dll
2011-04-08 05:14 . 2011-04-20 08:34	2765928	----a-w-	c:\windows\SysWow64\nvcuvid.dll
2011-04-08 05:14 . 2011-04-20 08:34	2204264	----a-w-	c:\windows\system32\nvcuvenc.dll
2011-04-08 05:14 . 2011-04-20 08:34	2074216	----a-w-	c:\windows\SysWow64\nvcuvenc.dll
2011-04-08 05:14 . 2011-04-20 08:34	20700264	----a-w-	c:\windows\system32\nvoglv64.dll
2011-04-08 05:14 . 2011-04-20 08:34	1619048	----a-w-	c:\windows\system32\nvdispco6420140.dll
2011-04-08 05:14 . 2011-04-20 08:34	15227496	----a-w-	c:\windows\SysWow64\nvoglv32.dll
2011-04-08 05:14 . 2011-04-20 08:34	1404008	----a-w-	c:\windows\system32\nvgenco642060.dll
2011-04-08 05:14 . 2011-04-20 08:34	13262184	----a-w-	c:\windows\system32\drivers\nvlddmkm.sys
2011-04-08 05:14 . 2011-04-20 08:34	12934248	----a-w-	c:\windows\system32\nvd3dumx.dll
2011-04-08 05:14 . 2011-04-20 08:34	10071656	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2011-04-08 05:14 . 2011-04-20 08:34	18578536	----a-w-	c:\windows\system32\nvcompiler.dll
2011-04-08 05:14 . 2011-04-20 08:34	13007464	----a-w-	c:\windows\SysWow64\nvcompiler.dll
2011-04-08 05:14 . 2010-03-30 12:47	2034280	----a-w-	c:\windows\SysWow64\nvapi.dll
2011-04-08 05:14 . 2009-12-24 23:27	2273896	----a-w-	c:\windows\system32\nvapi64.dll
2011-04-08 05:14 . 2009-07-13 21:59	8411752	----a-w-	c:\windows\system32\nvwgf2umx.dll
2011-04-07 21:19 . 2011-04-07 21:19	2582120	----a-w-	c:\windows\system32\nvsvcr.dll
2011-04-07 21:19 . 2011-04-07 21:19	117864	----a-w-	c:\windows\system32\nvmctray.dll
2011-04-07 21:19 . 2011-04-07 21:19	1012328	----a-w-	c:\windows\system32\nvvsvc.exe
2011-04-07 21:19 . 2011-04-07 21:19	797288	----a-w-	c:\windows\system32\easyUpdatusAPIU64.dll
2011-04-07 21:19 . 2011-04-07 21:19	6338152	----a-w-	c:\windows\system32\nvcpl.dll
2011-04-07 21:18 . 2011-04-07 21:18	3041384	----a-w-	c:\windows\system32\nvsvc64.dll
2011-04-06 14:26 . 2011-04-06 14:26	96544	----a-w-	c:\windows\system32\dnssd.dll
2011-04-06 14:26 . 2011-04-06 14:26	119584	----a-w-	c:\windows\system32\dns-sd.exe
2011-04-06 14:20 . 2011-04-06 14:20	91424	----a-w-	c:\windows\SysWow64\dnssd.dll
2011-04-06 14:20 . 2011-04-06 14:20	107808	----a-w-	c:\windows\SysWow64\dns-sd.exe
2011-03-31 15:50 . 2009-12-24 23:08	466520	----a-w-	c:\windows\system32\wrap_oal.dll
2011-03-31 15:50 . 2009-12-24 23:08	445016	----a-w-	c:\windows\SysWow64\wrap_oal.dll
2011-03-31 15:50 . 2009-12-24 23:08	123480	----a-w-	c:\windows\system32\OpenAL32.dll
2011-03-31 15:50 . 2009-12-24 23:08	109144	----a-w-	c:\windows\SysWow64\OpenAL32.dll
2011-03-25 03:29 . 2011-05-11 13:22	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2011-03-25 03:29 . 2011-05-11 13:22	98816	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2011-03-25 03:29 . 2011-05-11 13:22	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2011-03-25 03:29 . 2011-05-11 13:22	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2011-03-25 03:29 . 2011-05-11 13:22	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2011-03-25 03:28 . 2011-05-11 13:22	7936	----a-w-	c:\windows\system32\drivers\usbd.sys
2006-05-03 10:06	163328	--sh--r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sh--r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sh--r-	c:\windows\SysWOW64\nbDX.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TBPanel"="d:\program files (x86)\Vtune\TBPanel.exe" [2009-10-05 2158592]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="d:\avira\AntiVir Desktop\avgnt.exe" [2010-11-03 281768]
"VolPanel"="d:\program files (x86)\Creative\Volume Panel\VolPanlu.exe" [2008-08-06 233576]
"Ai Nap"="d:\program files (x86)\ASUS\AI Suite\AiNap\AiNap.exe" [2009-07-01 1435136]
"QFan Help"="d:\program files (x86)\ASUS\AI Suite\QFan3\QFanHelp.exe" [2009-07-01 601088]
"Cpu Level Up help"="d:\program files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe" [2007-11-30 881152]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-10-29 249064]
"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]
"iTunesHelper"="d:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-14 421160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Hama Wireless LAN Utility.lnk - c:\program files (x86)\Hama\Common\RaUI.exe [2011-2-11 1085440]
Secunia PSI Tray.lnk - d:\program files (x86)\Secunia\PSI\psi_tray.exe [2010-12-21 291896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys [x]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ALSysIO;ALSysIO;c:\users\*Name*\AppData\Local\Temp\ALSysIO64.sys [x]
R3 cpuz130;cpuz130;c:\users\*Name*\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-01-31 79360]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2009-12-24 79360]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [x]
R3 LADF_DHP2;G35 DHP2 Filter Driver;c:\windows\system32\DRIVERS\ladfDHP2amd64.sys [x]
R3 LADF_SBVM;G35 SBVM Filter Driver;c:\windows\system32\DRIVERS\ladfSBVMamd64.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R3 WinRing0_1_1_1;WinRing0_1_1_1;d:\users\*Name*\Documents\C2DtoG15 1.1.0.0\WinRing0x64.sys [2009-12-24 13520]
R3 zlportio;zlportio;d:\program files (x86)\UltraStar\zlportio.sys [2001-09-22 4016]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 AntiVirSchedulerService;Avira AntiVir Planer;d:\avira\AntiVir Desktop\sched.exe [2011-04-27 136360]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2009-04-02 90112]
S2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;d:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2010-12-06 2101640]
S2 ICQ Service;ICQ Service;c:\program files (x86)\ICQ6Toolbar\ICQ Service.exe [2010-09-06 247096]
S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600]
S2 SBSDWSCService;SBSD Security Center Service;d:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 Secunia PSI Agent;Secunia PSI Agent;d:\program files (x86)\Secunia\PSI\PSIA.exe [2010-12-21 987704]
S2 Secunia Update Agent;Secunia Update Agent;d:\program files (x86)\Secunia\PSI\sua.exe [2010-12-21 399416]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-07 378472]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [x]
S3 netr7364;RT73 USB-Drahtlos-LAN-Kartentreiber für Vista;c:\windows\system32\DRIVERS\netr7364.sys [x]
S3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [x]
S3 seehcri;Sony Ericsson seehcri Device Driver;c:\windows\system32\DRIVERS\seehcri.sys [x]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
.
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-04-13 2399632]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://start.icq.com/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\users\*Name*\AppData\Roaming\Mozilla\Firefox\Profiles\cwqoodar.default\
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=1.1.7&q=
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - d:\program files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - d:\program files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
FF - Ext: DOM Inspector: inspector@mozilla.org - %profile%\extensions\inspector@mozilla.org
FF - Ext: Flagfox: {1018e4d6-728f-4b20-ad56-37578a4de76b} - %profile%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
FF - Ext: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - %profile%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF - Ext: Download Statusbar: {D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389} - %profile%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
FF - Ext: DownThemAll!: {DDC359D1-844A-42a7-9AA1-88A850A938A8} - %profile%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
FF - Ext: Personas: personas@christopher.beard - %profile%\extensions\personas@christopher.beard
FF - Ext: RSS Ticker: {1f91cde0-c040-11da-a94d-0800200c9a66} - %profile%\extensions\{1f91cde0-c040-11da-a94d-0800200c9a66}
FF - Ext: NoScript: {73a6fe31-595d-460b-a920-fcc0f8843232} - %profile%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}
FF - Ext: WOT: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} - %profile%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - Ext: LinkExtend: {cf47767d-5f3a-4e32-9fce-5d79565c9702} - %profile%\extensions\{cf47767d-5f3a-4e32-9fce-5d79565c9702}
FF - Ext: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - %profile%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
FF - Ext: Greasemonkey: {e4a8a97b-f2ed-450b-b12d-ee082ba24781} - %profile%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
AddRemove-3685093448.fuse.fender.com - c:\program files (x86)\Microsoft Silverlight\4.0.50917.0\Silverlight.Configuration.exe
AddRemove-GeoGebra - c:\windows\system32\javaws.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-491705904-157319923-2715609677-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-491705904-157319923-2715609677-1000\Software\SecuROM\License information*]
"datasecu"=hex:81,85,c5,80,be,73,17,86,04,ce,4f,76,6e,33,23,97,35,d8,6d,2a,c1,
   75,e4,bb,6b,72,53,a3,0d,38,fe,05,b7,0e,69,a4,6a,ac,3f,d1,8a,ba,20,cc,4b,06,\
"rkeysecu"=hex:71,b7,99,c2,05,76,27,fa,01,d6,47,19,65,aa,0f,32
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10q_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10q.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
d:\avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Bonjour\mDNSResponder.exe
d:\program files (x86)\FileZilla Server\FileZilla Server.exe
d:\program files (x86)\ASUS\EPU-6 Engine\SixEngine.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2011-06-17  19:48:53 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2011-06-17 17:48
.
Vor Suchlauf: 11 Verzeichnis(se), 271.349.092.352 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 270.935.191.552 Bytes frei
.
- - End Of File - - 2D4FA710197AAFA1AE29A239BC2ED3DB

Alt 19.06.2011, 21:47   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Debugging or Monitoring tool detected" - Standard

"Debugging or Monitoring tool detected"


Sieht ok aus. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SUPERAntiSpyware und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!


Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu "Debugging or Monitoring tool detected"
64 bit, aufrufe, aufrufen, community, detected, gen, geschwindigkeit, home, installier, installiere, installieren, liebe, meldung, monitoring, premium, spiele, spybot, tool, update, updates, vorgänge, warner, win 7, windows, windows updates, wissens


« TR/Rootkit.gen3 - Google/Internet (?) leitet Anfragen auf seltsame URLs | Exploit:Win32/CVE-2011-0658 »


Ähnliche Themen: "Debugging or Monitoring tool detected"


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. "system error. hard disk failure detected" sämtliche daten gelöscht
    Log-Analyse und Auswertung - 25.05.2012 (29)
  3. Virus "System Error. Hard disk failure detected"
    Log-Analyse und Auswertung - 17.05.2012 (39)
  4. Anfänger! "Windows detected a hard disk problem"
    Plagegeister aller Art und deren Bekämpfung - 02.12.2011 (9)
  5. "Windows detected a hard disk problem" A potential disc failure... Hilfe :( :( :(
    Log-Analyse und Auswertung - 19.11.2011 (1)
  6. "Windows detected a hard disk problem" - Fake
    Plagegeister aller Art und deren Bekämpfung - 27.10.2011 (3)
  7. "System Tool", Scan gestartet hat bei "Scanning Useres StartMenue..." hängen
    Plagegeister aller Art und deren Bekämpfung - 14.01.2011 (1)
  8. "Your System is infected - Spyware activity has been detected..."
    Log-Analyse und Auswertung - 16.01.2010 (1)
  9. Windows Warning Message "Spywar detected on your computer" + Win32/Adware.Virtumonde
    Log-Analyse und Auswertung - 11.09.2008 (14)
  10. "Warning! Spyware detected on your..."-Desktophintergrund loswerden
    Mülltonne - 19.08.2008 (0)
  11. Blauer Hintergrund und Meldung "Warning! Spyware detected on your computer!"
    Log-Analyse und Auswertung - 18.08.2008 (35)
  12. Blauer Bildschirm und Fehlermeldung "Warning! Spyware detected on your computer!..."
    Plagegeister aller Art und deren Bekämpfung - 16.08.2008 (14)
  13. Blauer Desktop "Warning! Spyware detected on your computer!"
    Mülltonne - 18.07.2008 (0)
  14. Hilfe Trojaner! Blauer Desktop Hintergrund mit Warnmeldung "Warning Spyware detected"
    Plagegeister aller Art und deren Bekämpfung - 09.07.2008 (20)
  15. "Buffer overrun detected..." mit explorer hochgepoppt - Troja lässt grüßen?
    Log-Analyse und Auswertung - 20.05.2008 (5)
  16. Tool "Stinger" / PC "friert ein"
    Antiviren-, Firewall- und andere Schutzprogramme - 03.07.2005 (7)
  17. "Warning! Windows has detected SPYWARE INSTALLED on your computer"----> HILFE!!! =(
    Log-Analyse und Auswertung - 14.12.2004 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "Debugging or Monitoring tool detected" - Hallo liebe Community, ich habe diese Meldung bekommen, nachdem ich ein Spiele Update für Spellforce aufrufen wollte: hxxp://img695.imageshack.us/img695/1179/unbenanntwfmx.png 0190 Warner habe ich meines Wissens nach nicht installiert. In letzter Zeit - "Debugging or Monitoring tool detected"...
Archiv
Du betrachtest: "Debugging or Monitoring tool detected" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54