Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/Trash.Gen (Systemfix, Gema, und weitere Viren)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 28.12.2011, 01:24   #1
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Unglücklich

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Hallo Ihr Lieben,

erstmal ein großes Lob dass es so eine tolle Online-Hilfe gibt auf die ich durch Google gestoßen bin und meine letzte Hoffnung ist.
Da ich wenig Ahnung von Viren habe hoffe ich dass ich alles richtig nach den Regeln befolgt habe, falls nicht vorab schonmal sorry!

Vor ein paar Tagen kamen von meinen Anti-Virus-Programm AntiVir plötzlich diverse Virus-Meldungen, ohne dass ich auf irgendwelchen besonderen unbekannten Seiten war. Da ich dies vorher nie hatte wusste ich mir nicht zu helfen ausser immer auf Quarantäne zu klicken.
Nach Neustart am nächsten Tag waren alle meine Dateien ausgeblendet, Hintergrund schwarz und der Systemfix-virus zu sehen. Bei Neustart kam dann der Gema-Virus und es ging nichts mehr.

Habe dann eine Systemwiederherstellung gemacht so dass der Laptop wieder hochfahren konnte. Mit unhide.exe habe ich die Dateien wieder sichtbar bekommen. Habe AVG und Malwarebytes laufen lassen, was die Viren auch erkennt aber nach meinem Eindruck nicht wirklich entfernen kann (oder ich nicht wüsste wie.)

Kann mir da jemand helfen? Sind die Trojaner überhaupt noch zu entfernen oder kann ich das vergessen?

Alle Logfiles habe ich angehängt.

Ich danke vielmals!

Code:
ATTFilter
OTL logfile created on: 28.12.2011 01:38:39 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Toshiba\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,74 Gb Available Physical Memory | 39,32% Memory free
3,98 Gb Paging File | 2,49 Gb Available in Paging File | 62,71% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,77 Gb Total Space | 35,27 Gb Free Space | 38,02% Space Free | Partition Type: NTFS
Drive E: | 92,07 Gb Total Space | 63,90 Gb Free Space | 69,40% Space Free | Partition Type: NTFS
 
Computer Name: TOSHIBA-PC | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.28 01:04:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Downloads\OTL.exe
PRC - [2011.12.28 01:03:42 | 000,050,477 | ---- | M] () -- C:\Users\Toshiba\Downloads\Defogger.exe
PRC - [2011.12.03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe
PRC - [2011.11.28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgnsx.exe
PRC - [2011.11.23 22:15:52 | 000,140,616 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\openvpntray.exe
PRC - [2011.11.23 22:14:26 | 000,330,072 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\openvpnas.exe
PRC - [2011.11.23 21:45:48 | 000,329,544 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\hsswd.exe
PRC - [2011.11.23 21:45:44 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011.10.14 22:41:00 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.09.29 08:19:26 | 000,020,880 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.09.29 08:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.09.08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgrsx.exe
PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.08.15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.06.28 17:16:49 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.04.28 18:07:12 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.04 14:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.13 09:50:57 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.02.13 04:08:14 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2007.08.15 14:31:50 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.08.15 13:58:02 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe
PRC - [2007.08.09 18:26:42 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007.07.20 19:45:16 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007.07.10 08:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2007.06.19 14:28:32 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007.05.22 16:32:52 | 000,538,744 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2007.04.03 16:52:22 | 000,509,496 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007.03.29 10:39:00 | 000,411,192 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2007.03.01 05:01:00 | 000,180,736 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE
PRC - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006.11.02 13:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2006.11.02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2006.11.02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.28 01:03:42 | 000,050,477 | ---- | M] () -- C:\Users\Toshiba\Downloads\Defogger.exe
MOD - [2011.11.23 22:16:00 | 000,009,544 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\lang\gui-eng.dll
MOD - [2011.11.23 22:15:52 | 000,140,616 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\openvpntray.exe
MOD - [2011.10.11 13:03:39 | 000,115,137 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
MOD - [2011.09.29 08:19:26 | 000,020,880 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.09.16 03:55:38 | 000,621,480 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
MOD - [2011.09.16 03:55:38 | 000,463,784 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll
MOD - [2011.09.16 03:55:38 | 000,007,168 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll
MOD - [2011.09.16 03:55:38 | 000,003,584 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll
MOD - [2010.02.14 14:36:02 | 000,519,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\ccbce195617d03b0d63d5afd4855e556\TCrdMain.ni.exe
MOD - [2010.02.14 14:35:53 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\22e348e7fee20fcb2013d3dfe016ae8e\System.Management.ni.dll
MOD - [2010.02.14 14:35:04 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll
MOD - [2010.02.14 14:34:53 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll
MOD - [2010.02.14 12:15:25 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a0522cb280c09b3441e1889502ca145a\System.Core.ni.dll
MOD - [2010.02.14 12:15:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a122c56b60812fb5cbc2e941d4875a87\PresentationFramework.Aero.ni.dll
MOD - [2010.02.14 12:15:16 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\29eb51a21ce62ed759b162307bd65e32\PresentationFramework.ni.dll
MOD - [2010.02.14 12:14:52 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2010.02.14 12:14:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2010.02.14 12:14:32 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2010.02.14 12:14:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll
MOD - [2010.02.14 12:14:20 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\dc8dccca85718096c895b74094e09e5a\PresentationCore.ni.dll
MOD - [2010.02.14 12:14:00 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c049bc39cb33f7459936a689484285d6\WindowsBase.ni.dll
MOD - [2010.02.14 12:13:55 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2010.02.14 12:13:31 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2010.02.14 11:37:29 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.02.13 03:25:55 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.02.13 03:24:08 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009.09.04 07:19:30 | 000,644,096 | ---- | M] () -- C:\Programme\IZArc\IZArcCM.dll
MOD - [2009.01.18 15:50:02 | 000,417,792 | ---- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\AdobeXMP.dll
MOD - [2007.11.16 16:02:18 | 000,479,232 | R--- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\ccme_base.dll
MOD - [2007.11.16 16:02:18 | 000,401,408 | R--- | M] () -- C:\Programme\Adobe\Reader 9.0\Reader\cryptocme2.dll
MOD - [2007.09.14 08:39:37 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2764.39489__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:37 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2764.39446__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:37 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2764.39503__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2764.39480__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2764.39502__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2764.39466__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:36 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2764.39718__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:36 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2764.39709__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:36 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2764.39668__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:36 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2764.39601__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:35 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2764.39745__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:55 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2764.39676__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:55 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2764.39752__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:55 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2764.39682__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2764.39459__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2764.39675__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2764.39738__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:54 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2764.39611__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2764.39516__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2764.39467__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2764.39695__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:54 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2764.39509__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2764.39634__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2764.39609__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2764.39521__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2764.39633__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,897,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2764.39711__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:53 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2764.39603__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:53 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2764.39655__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:53 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2764.39522__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:53 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2764.39601__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2764.39609__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2764.39654__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2729.30202__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2729.30197__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2729.30224__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2729.30212__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2729.30222__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2729.30178__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2007.09.14 08:38:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2729.30264__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2729.30174__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2729.30313__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2007.09.14 08:38:52 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2729.30184__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2729.30259__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2729.30211__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2729.30185__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2729.30207__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2729.30242__90ba9c70f846762e\DEM.OS.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2729.30256__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2729.30203__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2729.30241__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2007.09.14 08:38:51 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2729.30226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2729.30227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2729.30225__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2729.30230__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2729.30213__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2729.30259__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2729.30262__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2729.30228__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2729.30212__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2729.30208__90ba9c70f846762e\APM.Foundation.dll
MOD - [2007.09.14 08:38:50 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2729.30176__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2007.09.14 08:38:50 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2007.09.14 08:38:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2729.30201__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2007.09.14 08:38:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2764.39723_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2007.09.14 08:38:35 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2764.39475__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2007.09.14 08:38:35 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2764.39723__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2007.09.14 08:38:35 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2764.39730__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2007.09.14 08:38:35 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2764.39438__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2007.09.14 08:38:35 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2764.39729__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2007.09.14 08:38:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2729.30193__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2007.09.14 08:38:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2729.30209__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2007.09.14 08:38:35 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2764.39776__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2007.09.14 08:38:35 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2729.30188__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2007.09.14 08:38:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2729.30258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2007.09.14 08:38:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2729.30211__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2007.09.14 08:38:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2729.30214__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2007.09.14 08:38:35 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2764.39436__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2007.09.14 08:38:34 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2764.39454__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2007.09.14 08:38:34 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2764.39438__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2007.09.14 08:38:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2764.39437__90ba9c70f846762e\APM.Server.dll
MOD - [2007.09.14 08:38:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2764.39436__90ba9c70f846762e\AEM.Server.dll
MOD - [2007.09.14 08:38:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2729.30205__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2007.09.14 08:38:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2764.39730__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2007.09.14 08:38:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2007.09.14 08:38:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2729.30243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2007.08.29 15:11:16 | 000,958,464 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll
MOD - [2007.07.27 22:26:30 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
MOD - [2007.05.31 09:12:32 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2006.11.09 18:27:00 | 000,090,112 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006.11.08 19:08:30 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2006.10.10 10:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (TOSHIBA Bluetooth Service)
SRV - File not found [Auto | Stopped] --  -- (MOBCleanup)
SRV - File not found [Auto | Stopped] --  -- (0260821278877219mcinstcleanup) McAfee Application Installer Cleanup (0260821278877219)
SRV - [2011.11.23 22:16:54 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2011.11.23 22:14:26 | 000,330,072 | ---- | M] () [Auto | Running] -- C:\Programme\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011.11.23 21:45:48 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011.11.23 21:45:44 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.06.28 17:16:49 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.28 18:07:12 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007.09.14 07:44:02 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005.11.17 13:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.10.07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011.10.04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.09.13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.08.31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.08.08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.07.20 08:46:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011.07.20 08:46:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2011.07.20 08:46:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011.07.20 08:45:52 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.07.20 08:45:52 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.07.20 08:45:52 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011.07.20 08:45:52 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.07.20 08:45:52 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011.07.11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.07.11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.07.11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011.07.11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011.06.28 17:16:50 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 17:16:50 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.21 08:45:18 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.10.21 08:45:16 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.10.21 08:45:16 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.09.22 20:19:02 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2010.09.22 20:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.29 07:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 07:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 07:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2007.07.27 22:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.07.26 15:18:04 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007.06.01 12:07:48 | 000,252,416 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.03.21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007.01.18 15:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006.11.28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.20 13:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006.10.23 15:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006.05.03 21:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd.sys -- (snpstd)
DRV - [2003.08.01 13:47:24 | 000,029,239 | ---- | M] (Pinnacle Systems) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vobid.sys -- (VOBID)
DRV - [2002.04.17 19:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asapiW2k.sys -- (ASAPIW2K)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.21amo
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: afurladvisor@anchorfree.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Toshiba\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Toshiba\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Toshiba\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011.12.28 01:00:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.11.11 19:09:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.25 11:20:43 | 000,000,000 | ---D | M]
 
[2010.02.12 15:31:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Extensions
[2011.12.28 00:33:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions
[2011.08.26 10:03:13 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.12.22 23:29:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.22 23:29:23 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.12.22 23:29:23 | 000,000,000 | ---D | M] (RapidShare DownloadHelper) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\rsDownloadHelper@yevgenyandrov.net
[2011.12.19 22:03:21 | 000,000,933 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\11-suche.xml
[2011.12.19 22:03:21 | 000,002,419 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\englische-ergebnisse.xml
[2011.12.19 22:03:21 | 000,010,525 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\gmx-suche.xml
[2011.12.19 22:03:21 | 000,002,457 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\lastminute.xml
[2011.12.19 22:03:21 | 000,005,508 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\webde-suche.xml
[2011.11.11 19:09:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.09.11 20:45:04 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.02.12 14:27:48 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\AMZNUWL2@AMAZON.COM.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2011.11.11 19:09:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.07 00:03:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.07 00:03:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.07 00:03:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.07 00:03:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.07 00:03:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.07 00:03:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\Windows\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe (Simply Super Software)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus DX4400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8440FB01-9569-4B78-8B58-06AA31C0FEA6}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95C7DACE-22B6-45C0-A39E-96CC6E45EDE6}: NameServer = 10.7.16.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\Shell\AutoRun\command - "" = D:\USBAutoRun.exe
O33 - MountPoints2\{842ceb84-02b3-11e0-847f-00a0d19da3c8}\Shell\AutoRun\command - "" = D:\SamsungSoftware\APPInst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.28 01:08:51 | 000,000,000 | ---D | C] -- C:\$AVG
[2011.12.28 01:02:14 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\AVG2012
[2011.12.28 01:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2011.12.28 01:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011.12.28 00:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011.12.28 00:57:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011.12.28 00:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011.12.28 00:55:35 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Malwarebytes
[2011.12.28 00:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.12.28 00:30:29 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\Simply Super Software
[2011.12.28 00:30:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
[2011.12.28 00:30:15 | 000,000,000 | ---D | C] -- C:\Program Files\Trojan Remover
[2011.12.28 00:30:15 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Simply Super Software
[2011.12.28 00:30:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Simply Super Software
[2011.12.28 00:25:47 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.12.23 00:36:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\gegl-0.0
[2011.12.22 15:48:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\sauber
[2011.12.22 15:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.22 15:48:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.22 15:41:17 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Opera
[2011.12.22 15:17:27 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\NPE
[2011.12.18 22:48:47 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\{c0cf964c-bdff-41a5-950f-9bdfa4c6a7ce}
[2011.12.03 13:32:08 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Christoph Maria Herbst - Ein Traum von einem Schiff
[2010.10.30 15:12:07 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Toshiba\AppData\Roaming\pcouffin.sys
[2005.04.20 23:16:28 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll
[2004.02.16 19:59:50 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.28 01:34:44 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.28 01:34:44 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.28 01:34:44 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.28 01:34:44 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.28 01:33:17 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.28 01:33:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.28 01:14:06 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 01:14:06 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.28 01:13:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.28 01:13:50 | 2011,217,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.28 01:06:42 | 055,659,611 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.12.28 01:04:03 | 000,000,000 | ---- | M] () -- C:\Users\Toshiba\defogger_reenable
[2011.12.28 01:00:38 | 000,000,863 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011.12.27 23:46:00 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000UA.job
[2011.12.27 23:46:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000Core.job
[2011.12.27 15:54:47 | 000,000,422 | ---- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{54B6077B-E065-414B-9A7F-0656851B3A2B}.job
[2011.12.22 15:26:24 | 000,000,000 | ---- | M] () -- C:\ProgramData\1rOGra2.dat
[2011.12.22 15:22:53 | 009,730,308 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\SMRBackup210.dat
[2011.12.22 15:04:43 | 000,000,448 | ---- | M] () -- C:\ProgramData\bd2IHMHea4yma0
[2011.12.22 15:01:44 | 000,000,296 | ---- | M] () -- C:\ProgramData\~bd2IHMHea4yma0
[2011.12.22 15:01:44 | 000,000,208 | ---- | M] () -- C:\ProgramData\~bd2IHMHea4yma0r
[2011.11.29 02:39:39 | 000,069,120 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.28 01:06:42 | 055,659,611 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.12.28 01:04:03 | 000,000,000 | ---- | C] () -- C:\Users\Toshiba\defogger_reenable
[2011.12.28 01:00:38 | 000,000,863 | ---- | C] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2011.12.28 00:30:21 | 000,162,304 | ---- | C] () -- C:\Windows\System32\ztvunrar36.dll
[2011.12.28 00:30:21 | 000,077,312 | ---- | C] () -- C:\Windows\System32\ztvunace26.dll
[2011.12.28 00:30:21 | 000,075,264 | ---- | C] () -- C:\Windows\System32\unacev2.dll
[2011.12.28 00:30:20 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNRAR3.dll
[2011.12.22 22:33:15 | 2011,217,920 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.22 15:26:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\1rOGra2.dat
[2011.12.22 15:21:04 | 009,730,308 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\SMRBackup210.dat
[2011.12.22 15:01:44 | 000,000,296 | ---- | C] () -- C:\ProgramData\~bd2IHMHea4yma0
[2011.12.22 15:01:44 | 000,000,208 | ---- | C] () -- C:\ProgramData\~bd2IHMHea4yma0r
[2011.12.22 14:52:25 | 000,000,448 | ---- | C] () -- C:\ProgramData\bd2IHMHea4yma0
[2011.12.17 15:45:43 | 003,804,762 | ---- | C] () -- C:\Users\Toshiba\Desktop\poster.JPG
[2011.10.17 11:40:57 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.10.17 11:40:56 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.07.26 16:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.03.16 23:17:05 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.31 01:19:07 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.10.30 15:12:07 | 000,087,608 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\inst.exe
[2010.10.30 15:12:07 | 000,007,887 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\pcouffin.cat
[2010.10.30 15:12:07 | 000,001,144 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\pcouffin.inf
[2010.09.09 12:23:18 | 000,000,570 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\AutoGK.ini
[2010.05.21 17:28:30 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.05.21 17:28:30 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.05.21 17:28:30 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.05.21 17:28:30 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.05.21 17:28:30 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.05.21 17:28:30 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.05.21 17:28:30 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.05.21 17:28:29 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.05.21 17:28:29 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.05.21 17:28:29 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.05.21 17:28:29 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.05.21 17:28:29 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.05.21 17:28:29 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.05.21 17:28:29 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.05.21 17:28:29 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.05.21 17:28:29 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.05.21 17:28:29 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.05.21 17:28:29 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.05.21 17:28:29 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.05.04 21:30:11 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2010.04.08 12:04:33 | 000,000,680 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\d3d9caps.dat
[2010.02.28 21:50:54 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.02.25 19:10:17 | 000,000,016 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\mxfilerelatedcache.mxc2
[2010.02.25 19:10:17 | 000,000,016 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\mxfilerelatedcache.mxc2
[2010.02.12 15:29:28 | 000,069,120 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 08:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.01.25 22:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.01.09 00:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.09.14 09:27:05 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.09.14 09:12:14 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.09.14 09:00:46 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.09.14 09:00:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.09.14 09:00:46 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.09.14 09:00:46 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.09.14 08:59:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.09.14 08:59:38 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.09.14 08:59:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.09.14 08:59:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.09.14 08:59:38 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.09.14 08:59:38 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.09.14 08:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007.09.14 08:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007.09.14 08:40:24 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.09.14 07:25:36 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.09.14 07:24:00 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.09.14 07:24:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.09.14 07:23:59 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.12.05 12:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 16:33:31 | 000,641,344 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,116,706 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,416,912 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,610,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.05.03 21:40:42 | 000,390,784 | ---- | C] () -- C:\Windows\System32\drivers\snpstd.sys
[2005.10.11 19:54:48 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd.exe
[2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2005.02.02 01:29:12 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd.exe
[2003.09.19 14:02:26 | 000,406,016 | ---- | C] () -- C:\Windows\System32\PSDrvCheck.exe
[2003.01.17 23:34:40 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
[2002.10.15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
========== LOP Check ==========
 
[2010.04.16 21:40:18 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AnvSoft
[2010.12.17 15:09:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Ashampoo
[2010.12.31 01:19:33 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Atari
[2011.12.28 01:02:14 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AVG2012
[2011.10.08 16:30:10 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\calibre
[2011.12.28 01:33:25 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Dropbox
[2011.12.22 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\FreeFLVConverter
[2010.08.14 19:21:21 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\GARMIN
[2011.12.22 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\gtk-2.0
[2010.11.15 12:49:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\ICQ
[2011.06.18 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\LG Electronics
[2011.01.23 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\NCH Swift Sound
[2010.02.15 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\OpenOffice.org
[2011.12.22 15:41:17 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Opera
[2011.08.21 22:57:51 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Samsung
[2011.12.22 15:48:28 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\sauber
[2011.12.28 00:30:15 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Simply Super Software
[2010.02.12 15:33:26 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2010.10.30 15:12:30 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Vso
[2011.06.18 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\{D94BA408-F110-488B-A65E-3AE7945F79E6}
[2011.12.27 23:46:00 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000Core.job
[2011.12.27 23:46:00 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000UA.job
[2011.12.28 01:12:32 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.12.27 15:54:47 | 000,000,422 | ---- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{54B6077B-E065-414B-9A7F-0656851B3A2B}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %SYSTEMDRIVE%\*. >
[2011.12.28 01:08:51 | 000,000,000 | ---D | M] -- C:\$AVG
[2010.12.28 11:19:52 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2007.09.14 07:05:08 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.02.10 12:50:06 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.10.08 13:38:39 | 000,000,000 | ---D | M] -- C:\Hotspot Shield
[2010.02.28 20:54:15 | 000,000,000 | R--D | M] -- C:\MSOCache
[2011.12.28 01:23:22 | 000,000,000 | R--D | M] -- C:\Program Files
[2011.12.28 01:10:49 | 000,000,000 | ---D | M] -- C:\ProgramData
[2010.02.10 12:50:06 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.12.28 01:43:05 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2011.11.18 18:20:18 | 000,000,000 | ---D | M] -- C:\Temp
[2011.01.19 08:21:11 | 000,000,000 | ---D | M] -- C:\Toshiba
[2010.06.23 05:41:25 | 000,000,000 | R--D | M] -- C:\Users
[2011.12.22 23:31:01 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.manifest /3 >
 
 
< MD5 for: AFD.SYS  >
[2006.11.02 09:58:43 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=5D24CAF8EFD924A875698FF28384DB8B -- C:\Windows\System32\drivers\afd.sys
[2006.11.02 09:58:43 | 000,270,336 | ---- | M] (Microsoft Corporation) MD5=5D24CAF8EFD924A875698FF28384DB8B -- C:\Windows\winsxs\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6000.16386_none_d5b1809661820e7c\afd.sys
[2008.01.19 06:57:03 | 000,273,920 | ---- | M] (Microsoft Corporation) MD5=763E172A55177E478CB419F88FD0BA03 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-winsock-core_31bf3856ad364e35_6.0.6001.18000_none_d7e842925e6d1f50\afd.sys
 
< MD5 for: EXPLORER.EXE  >
[2010.02.13 04:08:14 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\explorer.exe
[2010.02.13 04:08:14 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=37440D09DEAE0B672A04DCCF7ABF06BE -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16771_none_4f83bb287ccdb7e3\explorer.exe
[2010.02.13 04:08:13 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=4F554999D7D5F05DAAEBBA7B5BA1089D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18164_none_5177ca9879e978e8\explorer.exe
[2010.02.13 04:08:12 | 002,927,616 | ---- | M] (Microsoft Corporation) MD5=50BA5850147410CDE89C523AD3BC606E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.22298_none_51e4f8c7931bd1e1\explorer.exe
[2010.02.13 04:37:00 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=6D06CD98D954FE87FB2DB8108793B399 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16549_none_4fac29707cae347a\explorer.exe
[2010.02.13 04:37:00 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=BD06F0BF753BC704B653C3A50F89D362 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20668_none_501f261995dcf2cf\explorer.exe
[2010.02.13 04:08:13 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=E7156B0B74762D9DE0E66BDCDE06E5FB -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.20947_none_5033cb5995cd990b\explorer.exe
[2006.11.02 10:45:07 | 002,923,520 | ---- | M] (Microsoft Corporation) MD5=FD8C53FB002217F6F888BCF6F5D7084D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6000.16386_none_4f7de5167cd15deb\explorer.exe
[2008.01.19 08:33:10 | 002,927,104 | ---- | M] (Microsoft Corporation) MD5=FFA764631CB70A30065C12EF8E174F9F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
 
< MD5 for: REGEDIT.EXE  >
[2008.01.19 08:33:24 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=467A3B03E924B7B7EDD16D34740574B0 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6001.18000_none_f42eb564dbd8a697\regedit.exe
[2006.11.02 10:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\regedit.exe
[2006.11.02 10:45:35 | 000,134,656 | ---- | M] (Microsoft Corporation) MD5=F13123E76FDA33E55F11E0EB832E832A -- C:\Windows\winsxs\x86_microsoft-windows-registry-editor_31bf3856ad364e35_6.0.6000.16386_none_f1f7f368deed95c3\regedit.exe
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\System32\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-12-27 22:05:42
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB63564$] -> Error: Cannot create file handle -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:66B13F37
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C

< End of report >
         
Angehängte Dateien
Dateityp: txt mbam-log-2011-12-28 (01-10-14).txt (1,7 KB, 155x aufgerufen)

Alt 28.12.2011, 04:40   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________

__________________

Alt 28.12.2011, 20:31   #3
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Malwarebytes

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.24.05

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.17037
Toshiba :: TOSHIBA-PC [Administrator]

Schutz: Aktiviert

28.12.2011 16:48:20
mbam-log-2011-12-28 (18-52-01).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 329442
Laufzeit: 2 Stunde(n), 2 Minute(n), 48 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WROAXN1N\7[1].exe (Trojan.Agent) -> Keine Aktion durchgeführt.

(Ende)
         
älter:

Code:
ATTFilter
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Datenbank Version: 911122705

Windows 6.0.6000
Internet Explorer 7.0.6000.17037

28.12.2011 01:10:34
mbam-log-2011-12-28 (01-10-14).txt

Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 183428
Laufzeit: 11 Minute(n), 32 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 2
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 1
Infizierte Dateien: 6

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\commac (Trojan.Agent) -> Value: commac -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\krnlcred (Trojan.Agent) -> Value: krnlcred -> No action taken.

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
c:\program files\relevantknowledge (Spyware.MarketScore) -> No action taken.

Infizierte Dateien:
c:\programdata\commac.exe (Trojan.Agent) -> No action taken.
c:\Users\Toshiba\AppData\Roaming\krnlcred.exe (Trojan.Agent) -> No action taken.
c:\Users\Toshiba\AppData\Local\Temp\bitenroll.exe (Trojan.Agent) -> No action taken.
c:\Users\Toshiba\AppData\Local\Temp\ekepyw5b12pwrr.exe.tmp (Trojan.FakeAlert) -> No action taken.
c:\Users\Toshiba\AppData\Local\Temp\57A3.tmp (Trojan.Dropper.PE4) -> No action taken.
c:\Users\Toshiba\AppData\Local\Temp\6127.tmp (Trojan.Agent) -> No action taken.
         
Eset:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=356512f68bdc994b93dd7f75eba2313a
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 03:06:36
# local_time=2011-12-28 04:06:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT 
# compatibility_mode=768 16777215 100 0 46156624 46156624 0 0
# compatibility_mode=1024 16777175 100 0 9432 9432 0 0
# compatibility_mode=1797 16775145 100 94 0 61572808 1841752 0
# compatibility_mode=5121 16777214 0 3 46156860 46156860 0 0
# compatibility_mode=5892 16776574 100 100 9066 162568715 0 0
# compatibility_mode=8192 67108863 100 0 330 330 0 0
# scanned=161002
# found=4
# cleaned=4
# scan_time=5609
C:\Users\Toshiba\AppData\Local\Temp\B8A7.tmp	a variant of Win32/Kryptik.XWK trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
C:\Windows\$NtUninstallKB63564$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5B7ODSY6\main[1].htm	JS/Kryptik.EV.Gen trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
C:\Windows\$NtUninstallKB63564$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\926ZLQDQ\main[3].htm	JS/Kryptik.EV.Gen trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
C:\Windows\$NtUninstallKB63564$\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\926ZLQDQ\main[4].htm	JS/Kryptik.EV.Gen trojan (cleaned by deleting - quarantined)	00000000000000000000000000000000	C
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=356512f68bdc994b93dd7f75eba2313a
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-12-28 08:09:28
# local_time=2011-12-28 09:09:28 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6000 NT 
# compatibility_mode=768 16777215 100 0 46216118 46216118 0 0
# compatibility_mode=1024 16777175 100 0 68926 68926 0 0
# compatibility_mode=1797 16775145 100 94 0 61632302 1901246 0
# compatibility_mode=5121 16777214 0 3 46216354 46216354 0 0
# compatibility_mode=5892 16776574 100 100 68560 162628209 0 0
# compatibility_mode=8192 67108863 100 0 59824 59824 0 0
# scanned=181722
# found=4
# cleaned=0
# scan_time=7488
C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KTDV1G0V\3[1].exe	Win32/Sirefef.DV trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WROAXN1N\7[1].exe	a variant of Win32/Kryptik.YCP trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\Toshiba\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\677dfaae-6b9ef10e	Java/Exploit.CVE-2011-3544.K trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\Toshiba\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\677dfaae-6bf49a5f	Java/Exploit.CVE-2011-3544.K trojan (unable to clean)	00000000000000000000000000000000	I
         
Vielen Dank für die schnelle Antwort!
__________________

Alt 28.12.2011, 22:26   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Zitat:
-> No action taken.
Die Funde müssen mit Malwarebytes entfernt waren! Bitte nachholen falls noch nicht getan!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.12.2011, 22:38   #5
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



ist bereits geschehen..und nun?


Alt 28.12.2011, 23:09   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Log posten dazu wäre mal ein Anfang
__________________
--> TR/Trash.Gen (Systemfix, Gema, und weitere Viren)

Alt 28.12.2011, 23:18   #7
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



sorry jetzt mal ne blöde Frage: das was ich eben gepostet habe ist doch die Log-Datei oder nicht?

Alt 28.12.2011, 23:40   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Ja genau DAS sind Logdateien. Du hast aber die Logs gepostet wo festgehalten wurde, dass die Funde NICHT entfernt wurden. Falls das Log da noch ist, bitte auch das posten wo alles entfernt wurde von Malwarebytes (das allein reicht schon, es muss kein Log über nicht entfernte Funde und dann nochmal über entfernte Funde gepostet werden, deswegen schrieb ich ja auch => die Funde mit MBAM alle entfernen)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.12.2011, 00:02   #9
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



So habe nun um auf Nummer sicher zu gehen nochmal Malwarebytes laufen lassen und daraufhin gelöscht und folgende Log-Datei erhalten:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.60.0.1800
www.malwarebytes.org

Datenbank Version: v2011.12.24.05

Windows Vista x86 NTFS
Internet Explorer 7.0.6000.17037
Toshiba :: TOSHIBA-PC [Administrator]

Schutz: Aktiviert

28.12.2011 23:41:42
mbam-log-2011-12-28 (23-41-42).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 315381
Laufzeit: 1 Stunde(n), 13 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Toshiba\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WROAXN1N\7[1].exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
ausserdem kamen heute noch folgende Meldungen von AVG und ich bn jedesmal verunsichert.

Code:
ATTFilter
Residenten Schutz
Infektion;"Objekt";"Ergebnis";"Erkennungszeit";"Objekttyp";"Vorgang"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\c1e15[1].pdf";"Infiziert";"28.12.2011, 20:31:40";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\15934[1].pdf";"Infiziert";"28.12.2011, 20:31:29";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\c1e15[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 20:13:50";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\15934[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 20:13:39";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\c1e15[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 18:17:42";"Datei";"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\15934[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 18:17:30";"Datei";"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\c1e15[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 03:43:48";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\15934[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 03:43:38";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\c1e15[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 03:23:37";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQO0XCC9\15934[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 03:23:30";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Script/PDF.Exploit;"c:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0316LNRR\73da8[1].pdf";"Objekt ist nicht verfügbar.";"28.12.2011, 03:21:43";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Trojaner: Generic26.ANKJ;"c:\Users\Toshiba\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\57\5cfba879-573edf19";"In Virenquarantäne verschoben";"28.12.2011, 03:12:31";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Trojaner: SHeur4.KYI;"c:\Users\Toshiba\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\28\32324edc-2995a7f1";"In Virenquarantäne verschoben";"28.12.2011, 03:11:30";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Virus gefunden: Win32/Heur;"c:\Program Files\Pinnacle\InstantCDDVD\InstantCopy\ICopy.exe";"Objekt ist nicht verfügbar.";"28.12.2011, 02:52:16";"Datei";"C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe"
Trojaner: Generic26.AOPH;"c:\Windows\Temp\lojtlu\setup.exe";"In Virenquarantäne verschoben";"28.12.2011, 01:08:24";"Datei";"C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe"
         

ich bin echt dankbar für die Hilfe!

Alt 29.12.2011, 00:14   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.12.2011, 00:44   #11
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Neue OTL Log:

Code:
ATTFilter
OTL logfile created on: 29.12.2011 01:21:14 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Toshiba\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.17037)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
1,87 Gb Total Physical Memory | 0,76 Gb Available Physical Memory | 40,63% Memory free
3,96 Gb Paging File | 2,41 Gb Available in Paging File | 60,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 92,77 Gb Total Space | 37,08 Gb Free Space | 39,96% Space Free | Partition Type: NTFS
Drive E: | 92,07 Gb Total Space | 63,90 Gb Free Space | 69,40% Space Free | Partition Type: NTFS
 
Computer Name: TOSHIBA-PC | User Name: Toshiba | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011.12.28 01:04:43 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Downloads\OTL.exe
PRC - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.12.24 17:50:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011.12.03 01:22:12 | 002,415,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgtray.exe
PRC - [2011.11.28 01:19:04 | 001,229,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgnsx.exe
PRC - [2011.11.23 22:15:52 | 000,140,616 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\openvpntray.exe
PRC - [2011.11.23 22:14:26 | 000,330,072 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\openvpnas.exe
PRC - [2011.11.23 21:45:48 | 000,329,544 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\hsswd.exe
PRC - [2011.11.23 21:45:44 | 000,363,336 | ---- | M] (AnchorFree Inc.) -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe
PRC - [2011.10.14 22:41:00 | 000,137,536 | ---- | M] (Facebook Inc.) -- C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe
PRC - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011.09.29 08:19:26 | 000,020,880 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011.09.29 08:19:16 | 003,508,112 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe
PRC - [2011.09.08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgrsx.exe
PRC - [2011.08.15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgcsrvx.exe
PRC - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Programme\AVG\AVG2012\avgwdsvc.exe
PRC - [2011.06.28 17:16:49 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011.04.28 18:07:12 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2011.03.04 14:36:11 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.02.13 09:50:57 | 001,232,896 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Sidebar\sidebar.exe
PRC - [2010.02.13 04:08:14 | 002,923,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2007.08.15 14:31:50 | 000,102,400 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynTPStart.exe
PRC - [2007.08.15 13:58:02 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Programme\Synaptics\SynTP\SynToshiba.exe
PRC - [2007.08.09 18:26:42 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2007.07.20 19:45:16 | 001,372,160 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\NDSTray.exe
PRC - [2007.07.10 08:24:10 | 000,581,632 | ---- | M] (TOSHIBA) -- C:\Programme\TOSHIBA\Toshiba Online Product Information\TOPI.exe
PRC - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
PRC - [2007.06.19 14:28:32 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSwMgr.exe
PRC - [2007.05.22 16:32:52 | 000,538,744 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe
PRC - [2007.04.03 16:52:22 | 000,509,496 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\SmoothView\SmoothView.exe
PRC - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TosCoSrv.exe
PRC - [2007.03.29 10:39:00 | 000,411,192 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe
PRC - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe
PRC - [2006.11.02 13:36:04 | 000,895,488 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2006.11.02 13:36:04 | 000,201,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2006.11.02 10:44:59 | 000,068,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2011.12.29 01:11:06 | 000,115,137 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
MOD - [2011.11.23 22:16:00 | 000,009,544 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\lang\gui-eng.dll
MOD - [2011.11.23 22:15:52 | 000,140,616 | ---- | M] () -- C:\Programme\Hotspot Shield\bin\openvpntray.exe
MOD - [2011.09.29 08:19:26 | 000,020,880 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2011.09.16 03:55:38 | 000,621,480 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\CommonModule.dll
MOD - [2011.09.16 03:55:38 | 000,463,784 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\FirmwareUpdateAgent.Common.dll
MOD - [2011.09.16 03:55:38 | 000,007,168 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\IPCServer.dll
MOD - [2011.09.16 03:55:38 | 000,003,584 | ---- | M] () -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\ISharedIPCInterface.dll
MOD - [2010.02.14 14:36:02 | 000,519,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\ccbce195617d03b0d63d5afd4855e556\TCrdMain.ni.exe
MOD - [2010.02.14 14:35:53 | 000,998,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\22e348e7fee20fcb2013d3dfe016ae8e\System.Management.ni.dll
MOD - [2010.02.14 14:35:04 | 011,796,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\03858406f9a9514402888707e8b93abe\System.Web.ni.dll
MOD - [2010.02.14 14:34:53 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\23281812ddf7a1fab881b5322e577ac4\System.Runtime.Remoting.ni.dll
MOD - [2010.02.14 12:15:25 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\a0522cb280c09b3441e1889502ca145a\System.Core.ni.dll
MOD - [2010.02.14 12:15:17 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\a122c56b60812fb5cbc2e941d4875a87\PresentationFramework.Aero.ni.dll
MOD - [2010.02.14 12:15:16 | 014,327,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\29eb51a21ce62ed759b162307bd65e32\PresentationFramework.ni.dll
MOD - [2010.02.14 12:14:52 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2010.02.14 12:14:42 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2010.02.14 12:14:32 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2010.02.14 12:14:23 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\e6001d416f7c468334934a2c6a41c631\System.Configuration.ni.dll
MOD - [2010.02.14 12:14:20 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\dc8dccca85718096c895b74094e09e5a\PresentationCore.ni.dll
MOD - [2010.02.14 12:14:00 | 003,313,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c049bc39cb33f7459936a689484285d6\WindowsBase.ni.dll
MOD - [2010.02.14 12:13:55 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2010.02.14 12:13:31 | 011,486,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2010.02.14 11:37:29 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2010.02.13 03:25:55 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.02.13 03:24:08 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009.09.04 07:19:30 | 000,644,096 | ---- | M] () -- C:\Programme\IZArc\IZArcCM.dll
MOD - [2007.09.14 08:39:37 | 001,675,264 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2764.39489__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:37 | 000,237,568 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2764.39446__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:37 | 000,184,320 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2764.39503__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:37 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2764.39480__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Runtime\2.0.2764.39502__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:37 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2764.39466__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:36 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2764.39718__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
MOD - [2007.09.14 08:39:36 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2764.39709__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:36 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2764.39668__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:36 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2764.39601__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2007.09.14 08:39:35 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2764.39745__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:55 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2764.39676__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:55 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2764.39752__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:55 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2764.39682__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:55 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2764.39459__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:55 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2764.39675__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:55 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2764.39738__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:54 | 000,790,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2764.39611__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,589,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2764.39516__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2764.39467__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2764.39695__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:54 | 000,208,896 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2764.39509__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2764.39634__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:54 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2764.39609__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:54 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2764.39521__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:54 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2764.39633__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,897,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2764.39711__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:53 | 000,475,136 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2764.39603__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:53 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2764.39655__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2007.09.14 08:38:53 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2764.39522__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2007.09.14 08:38:53 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2764.39601__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2764.39609__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2764.39654__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2007.09.14 08:38:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2729.30202__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2729.30197__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2729.30224__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2729.30212__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2007.09.14 08:38:53 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2729.30222__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2729.30178__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2007.09.14 08:38:52 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2729.30264__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2729.30174__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2729.30313__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2007.09.14 08:38:52 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2729.30184__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2729.30259__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2729.30211__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2729.30199__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2729.30185__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2729.30207__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2729.30242__90ba9c70f846762e\DEM.OS.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2729.30256__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2729.30203__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2729.30241__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2007.09.14 08:38:52 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2007.09.14 08:38:51 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2729.30226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2729.30231__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2729.30227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2729.30225__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2729.30230__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2729.30213__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2729.30219__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2729.30259__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2729.30262__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2729.30228__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2729.30212__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2729.30216__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2007.09.14 08:38:51 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2729.30208__90ba9c70f846762e\APM.Foundation.dll
MOD - [2007.09.14 08:38:50 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2729.30176__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2007.09.14 08:38:50 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2007.09.14 08:38:50 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2729.30201__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2007.09.14 08:38:36 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2764.39723_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
MOD - [2007.09.14 08:38:35 | 000,471,040 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2764.39475__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2007.09.14 08:38:35 | 000,446,464 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2764.39723__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2007.09.14 08:38:35 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2764.39730__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2007.09.14 08:38:35 | 000,069,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2764.39438__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2007.09.14 08:38:35 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2764.39729__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2007.09.14 08:38:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2729.30193__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2007.09.14 08:38:35 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2729.30209__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2007.09.14 08:38:35 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2764.39776__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2007.09.14 08:38:35 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2729.30188__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2007.09.14 08:38:35 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2729.30258__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2007.09.14 08:38:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2729.30211__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2007.09.14 08:38:35 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2729.30214__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2007.09.14 08:38:35 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2764.39436__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2007.09.14 08:38:34 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2764.39454__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2007.09.14 08:38:34 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2764.39438__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2007.09.14 08:38:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2764.39437__90ba9c70f846762e\APM.Server.dll
MOD - [2007.09.14 08:38:34 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2764.39436__90ba9c70f846762e\AEM.Server.dll
MOD - [2007.09.14 08:38:34 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2729.30205__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2007.09.14 08:38:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2764.39730__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2007.09.14 08:38:34 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2007.09.14 08:38:34 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2729.30243__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2007.08.29 15:11:16 | 000,958,464 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\de\TCrdMain.resources.dll
MOD - [2007.07.27 22:26:30 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2007.06.27 11:28:40 | 000,436,088 | ---- | M] () -- C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
MOD - [2007.05.31 09:12:32 | 000,016,384 | R--- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2007.03.02 10:44:34 | 000,073,728 | ---- | M] () -- C:\Programme\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
MOD - [2006.11.09 18:27:00 | 000,090,112 | ---- | M] () -- C:\Programme\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
MOD - [2006.11.08 19:08:30 | 000,009,216 | ---- | M] () -- C:\Programme\TOSHIBA\PCDiag\NotifyPCD.dll
MOD - [2006.10.10 10:44:16 | 000,009,728 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Assist\NotifyX.dll
MOD - [2006.10.07 11:57:04 | 000,053,248 | ---- | M] () -- C:\Programme\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] --  -- (TOSHIBA Bluetooth Service)
SRV - File not found [Auto | Stopped] --  -- (MOBCleanup)
SRV - File not found [Auto | Stopped] --  -- (0260821278877219mcinstcleanup) McAfee Application Installer Cleanup (0260821278877219)
SRV - [2011.12.24 17:50:18 | 000,652,872 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.11.23 22:16:54 | 000,077,520 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Hotspot Shield\bin\HssTrayService.exe -- (HssTrayService)
SRV - [2011.11.23 22:14:26 | 000,330,072 | ---- | M] () [Auto | Running] -- C:\Programme\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2011.11.23 21:45:48 | 000,329,544 | ---- | M] () [Auto | Running] -- C:\Program Files\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2011.11.23 21:45:44 | 000,363,336 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Programme\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2011.10.12 06:25:22 | 004,433,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011.08.02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011.06.28 17:16:49 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.28 18:07:12 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2007.09.14 07:44:02 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007.08.01 13:39:18 | 000,077,824 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2007.03.29 10:39:00 | 000,427,576 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2006.11.14 19:33:10 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Programme\TOSHIBA\ConfigFree\CFSvcs.exe -- (CFSvcs)
SRV - [2006.10.05 11:10:12 | 000,009,216 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2006.08.23 15:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2006.05.25 18:30:16 | 000,114,688 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2005.11.17 13:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2011.12.28 23:30:44 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.10.07 06:23:48 | 000,230,608 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011.10.04 06:21:16 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011.09.13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011.08.08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011.07.20 08:46:02 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2011.07.20 08:46:02 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV - [2011.07.20 08:46:02 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2011.07.20 08:45:52 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011.07.20 08:45:52 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV - [2011.07.20 08:45:52 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV - [2011.07.20 08:45:52 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2011.07.20 08:45:52 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV - [2011.07.11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011.07.11 01:14:02 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011.07.11 01:14:00 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011.07.11 01:13:58 | 000,134,736 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011.06.28 17:16:50 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 17:16:50 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.21 08:45:18 | 000,025,216 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2010.10.21 08:45:16 | 000,020,864 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2010.10.21 08:45:16 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2010.09.22 20:19:02 | 000,037,376 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HssDrv.sys -- (HssDrv)
DRV - [2010.09.22 20:19:02 | 000,032,768 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\taphss.sys -- (taphss)
DRV - [2010.06.23 08:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.06.17 14:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.09.29 07:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 07:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 07:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2007.07.27 22:36:40 | 002,929,664 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2007.07.26 15:18:04 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2007.06.01 12:07:48 | 000,252,416 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8187B.sys -- (RTL8187B)
DRV - [2007.03.21 21:02:04 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.02.24 13:42:22 | 000,039,936 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2007.01.23 15:40:20 | 000,042,496 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10n.sys -- (KR10N)
DRV - [2007.01.18 15:40:56 | 000,219,392 | ---- | M] (TOSHIBA CORPORATION) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\kr10i.sys -- (KR10I)
DRV - [2006.11.28 14:11:00 | 001,161,888 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2006.11.20 13:11:14 | 000,007,168 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\FwLnk.sys -- (FwLnk)
DRV - [2006.10.30 10:23:12 | 000,007,680 | ---- | M] (ATI Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AtiPcie.sys -- (AtiPcie) ATI PCI Express (3GIO)
DRV - [2006.10.23 15:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.05 22:22:14 | 000,016,768 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2006.05.03 21:40:42 | 000,390,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snpstd.sys -- (snpstd)
DRV - [2003.08.01 13:47:24 | 000,029,239 | ---- | M] (Pinnacle Systems) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vobid.sys -- (VOBID)
DRV - [2002.04.17 19:27:02 | 000,011,264 | ---- | M] (VOB Computersysteme GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\asapiW2k.sys -- (ASAPIW2K)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20100908
FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.0.7
FF - prefs.js..extensions.enabledItems: SkipScreen@SkipScreen:0.5.21amo
FF - prefs.js..extensions.enabledItems: {195A3098-0BD5-4e90-AE22-BA1C540AFD1E}:2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: afurladvisor@anchorfree.com:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.2.0.7165
FF - prefs.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=UTF-8&sourceid=navclient&gfns=1&q="
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Toshiba\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.9: C:\Program Files\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Toshiba\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Toshiba\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011.12.28 01:00:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.12.29 01:17:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.06.25 11:20:43 | 000,000,000 | ---D | M]
 
[2010.02.12 15:31:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Extensions
[2011.12.29 00:51:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions
[2011.08.26 10:03:13 | 000,000,000 | ---D | M] (Garmin Communicator) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2011.12.22 23:29:23 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.12.22 23:29:23 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2011.12.22 23:29:23 | 000,000,000 | ---D | M] (RapidShare DownloadHelper) -- C:\Users\Toshiba\AppData\Roaming\mozilla\Firefox\Profiles\07vv0j4h.default\extensions\rsDownloadHelper@yevgenyandrov.net
[2011.12.19 22:03:21 | 000,000,933 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\11-suche.xml
[2011.12.19 22:03:21 | 000,002,419 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\englische-ergebnisse.xml
[2011.12.19 22:03:21 | 000,010,525 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\gmx-suche.xml
[2011.12.19 22:03:21 | 000,002,457 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\lastminute.xml
[2011.12.19 22:03:21 | 000,005,508 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\07vv0j4h.default\searchplugins\webde-suche.xml
[2011.11.11 19:09:20 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.09.11 20:45:04 | 000,000,000 | ---D | M] (Click to call with Skype) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2011.02.12 14:27:48 | 000,000,000 | ---D | M] (afurladvisor) -- C:\Programme\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\{4176DFF4-4698-11DE-BEEB-45DA55D89593}.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\AMZNUWL2@AMAZON.COM.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\TOOLBAR@WEB.DE.XPI
() (No name found) -- C:\USERS\TOSHIBA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\07VV0J4H.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2011.12.29 01:17:23 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.10.07 00:03:40 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.10.07 00:03:40 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.10.07 00:03:40 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.07 00:03:40 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.07 00:03:40 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.07 00:03:40 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programme\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Programme\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NDSTray.exe] NDSTray.exe File not found
O4 - HKLM..\Run: [PinnacleDriverCheck] C:\Windows\System32\PSDrvCheck.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SmoothView] C:\Programme\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [snpstd] C:\Windows\vsnpstd.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [SynTPStart] C:\Programme\Synaptics\SynTP\SynTPStart.exe (Synaptics, Inc.)
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\TOSHIBA\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [EPSON Stylus DX4400 Series] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE (SEIKO EPSON CORPORATION)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Toshiba\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKCU..\Run: [TOSCDSPD] C:\Programme\TOSHIBA\TOSCDSPD\TOSCDSPD.exe ()
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - hxxp://rover.ebay.com/rover/1/707-44556-9400-3/4 File not found
O9 - Extra Button: Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Click to call with Skype - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - hxxp://www.amazon.de/exec/obidos/redirect-home?tag=Toshibadebholink-21&site=home File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Java Plug-in 1.6.0_02)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8440FB01-9569-4B78-8B58-06AA31C0FEA6}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95C7DACE-22B6-45C0-A39E-96CC6E45EDE6}: NameServer = 10.7.16.1
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programme\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\Shell\AutoRun\command - "" = D:\USBAutoRun.exe
O33 - MountPoints2\{842ceb84-02b3-11e0-847f-00a0d19da3c8}\Shell\AutoRun\command - "" = D:\SamsungSoftware\APPInst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: NTDS -  File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: McMPFSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS -  File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WinDefend - C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
 
Drivers32: msacm.dvacm - C:\Programme\Common Files\Ulead Systems\vio\DVACM.acm (Ulead Systems, Inc.)
Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\System32\DivX.dll (DivX, Inc.)
Drivers32: vidc.XVID - C:\Windows\System32\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\System32\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011.12.29 01:12:48 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\LogDateien
[2011.12.28 23:30:44 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.12.28 21:48:25 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\AVG
[2011.12.28 21:47:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC Tuneup 2011
[2011.12.28 02:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2011.12.28 01:08:51 | 000,000,000 | ---D | C] -- C:\$AVG
[2011.12.28 01:02:14 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\AVG2012
[2011.12.28 01:01:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Common Files
[2011.12.28 01:00:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2012
[2011.12.28 00:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2012
[2011.12.28 00:57:54 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\AVG
[2011.12.28 00:55:55 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011.12.28 00:55:35 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Malwarebytes
[2011.12.28 00:50:21 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2011.12.28 00:30:29 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\Simply Super Software
[2011.12.28 00:25:47 | 000,020,464 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.12.23 00:36:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\gegl-0.0
[2011.12.22 15:48:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\sauber
[2011.12.22 15:48:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.22 15:48:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011.12.22 15:41:17 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Opera
[2011.12.22 15:17:27 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\NPE
[2011.12.18 22:48:47 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\{c0cf964c-bdff-41a5-950f-9bdfa4c6a7ce}
[2011.12.03 13:32:08 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Christoph Maria Herbst - Ein Traum von einem Schiff
[2010.10.30 15:12:07 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\Toshiba\AppData\Roaming\pcouffin.sys
[2005.04.20 23:16:28 | 000,036,864 | ---- | C] ( ) -- C:\Windows\System32\vsnpstd.dll
[2004.02.16 19:59:50 | 000,061,440 | ---- | C] ( ) -- C:\Windows\System32\csnpstd.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011.12.29 01:17:17 | 000,641,344 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.12.29 01:17:17 | 000,610,142 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.12.29 01:17:17 | 000,116,706 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.12.29 01:17:17 | 000,103,924 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.12.29 01:11:48 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.12.29 01:10:39 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 01:10:39 | 000,003,456 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011.12.29 01:10:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.12.29 01:10:27 | 2011,217,920 | -HS- | M] () -- C:\hiberfil.sys
[2011.12.29 00:33:01 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.12.28 23:46:03 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000UA.job
[2011.12.28 23:46:02 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000Core.job
[2011.12.28 23:30:44 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.12.28 23:01:49 | 000,008,771 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011.12.28 22:14:45 | 000,069,632 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.28 20:53:11 | 000,307,487 | ---- | M] () -- C:\Users\Toshiba\Documents\Geschaeftsbedingungen vtb.pdf
[2011.12.28 20:52:20 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{54B6077B-E065-414B-9A7F-0656851B3A2B}.job
[2011.12.28 19:01:09 | 085,392,929 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.12.28 01:04:03 | 000,000,000 | ---- | M] () -- C:\Users\Toshiba\defogger_reenable
[2011.12.22 15:26:24 | 000,000,000 | ---- | M] () -- C:\ProgramData\1rOGra2.dat
[2011.12.22 15:22:53 | 009,730,308 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\SMRBackup210.dat
[2011.12.22 15:04:43 | 000,000,448 | ---- | M] () -- C:\ProgramData\bd2IHMHea4yma0
[2011.12.22 15:01:44 | 000,000,296 | ---- | M] () -- C:\ProgramData\~bd2IHMHea4yma0
[2011.12.22 15:01:44 | 000,000,208 | ---- | M] () -- C:\ProgramData\~bd2IHMHea4yma0r
[2011.12.10 15:24:06 | 000,020,464 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.28 23:01:49 | 000,008,771 | ---- | C] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2011.12.28 20:53:11 | 000,307,487 | ---- | C] () -- C:\Users\Toshiba\Documents\Geschaeftsbedingungen vtb.pdf
[2011.12.28 19:01:09 | 085,392,929 | ---- | C] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2011.12.28 01:04:03 | 000,000,000 | ---- | C] () -- C:\Users\Toshiba\defogger_reenable
[2011.12.22 22:33:15 | 2011,217,920 | -HS- | C] () -- C:\hiberfil.sys
[2011.12.22 15:26:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\1rOGra2.dat
[2011.12.22 15:21:04 | 009,730,308 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\SMRBackup210.dat
[2011.12.22 15:01:44 | 000,000,296 | ---- | C] () -- C:\ProgramData\~bd2IHMHea4yma0
[2011.12.22 15:01:44 | 000,000,208 | ---- | C] () -- C:\ProgramData\~bd2IHMHea4yma0r
[2011.12.22 14:52:25 | 000,000,448 | ---- | C] () -- C:\ProgramData\bd2IHMHea4yma0
[2011.10.17 11:40:57 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.10.17 11:40:56 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.07.26 16:26:48 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.07.26 16:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011.07.26 16:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011.07.26 16:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011.07.26 16:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011.03.16 23:17:05 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.12.31 01:19:07 | 000,197,120 | ---- | C] () -- C:\Windows\patchw32.dll
[2010.10.30 15:12:07 | 000,087,608 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\inst.exe
[2010.10.30 15:12:07 | 000,007,887 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\pcouffin.cat
[2010.10.30 15:12:07 | 000,001,144 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\pcouffin.inf
[2010.09.09 12:23:18 | 000,000,570 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\AutoGK.ini
[2010.05.21 17:28:30 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.05.21 17:28:30 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.05.21 17:28:30 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.05.21 17:28:30 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.05.21 17:28:30 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.05.21 17:28:30 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.05.21 17:28:30 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.05.21 17:28:29 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.05.21 17:28:29 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.05.21 17:28:29 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.05.21 17:28:29 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.05.21 17:28:29 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.05.21 17:28:29 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.05.21 17:28:29 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.05.21 17:28:29 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.05.21 17:28:29 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.05.21 17:28:29 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.05.21 17:28:29 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.05.21 17:28:29 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.05.04 21:30:11 | 000,000,000 | ---- | C] () -- C:\Windows\WinInit.ini
[2010.04.08 12:04:33 | 000,000,680 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\d3d9caps.dat
[2010.02.28 21:50:54 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.02.25 19:10:17 | 000,000,016 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\mxfilerelatedcache.mxc2
[2010.02.25 19:10:17 | 000,000,016 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\mxfilerelatedcache.mxc2
[2010.02.12 15:29:28 | 000,069,632 | ---- | C] () -- C:\Users\Toshiba\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.12.03 08:27:30 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2009.01.25 22:10:48 | 000,179,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2009.01.09 00:01:22 | 000,629,760 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2007.09.14 09:27:05 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2007.09.14 09:12:14 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2007.09.14 09:00:46 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2007.09.14 09:00:46 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2007.09.14 09:00:46 | 000,010,146 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2007.09.14 09:00:46 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2007.09.14 08:59:38 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2007.09.14 08:59:38 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2007.09.14 08:59:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2007.09.14 08:59:38 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2007.09.14 08:59:38 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2007.09.14 08:59:38 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2007.09.14 08:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ1.dat
[2007.09.14 08:44:13 | 000,000,176 | ---- | C] () -- C:\Windows\System32\drivers\RTHDAEQ0.dat
[2007.09.14 08:40:24 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll
[2007.09.14 07:25:36 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2007.09.14 07:24:00 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2007.09.14 07:24:00 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2007.09.14 07:23:59 | 000,144,773 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2006.12.05 12:05:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 16:33:31 | 000,641,344 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2006.11.02 16:33:31 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2006.11.02 16:33:31 | 000,116,706 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2006.11.02 16:33:31 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2006.11.02 13:57:28 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:47:37 | 000,416,912 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:33:01 | 000,610,142 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2006.11.02 11:33:01 | 000,287,440 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2006.11.02 11:33:01 | 000,103,924 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2006.11.02 11:33:01 | 000,030,674 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2006.11.02 11:23:21 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2006.11.02 09:58:30 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2006.11.02 09:19:00 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2006.11.02 08:25:31 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2006.11.02 08:22:43 | 000,099,999 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2006.11.02 08:22:43 | 000,018,271 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2006.05.03 21:40:42 | 000,390,784 | ---- | C] () -- C:\Windows\System32\drivers\snpstd.sys
[2005.10.11 19:54:48 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd.exe
[2005.07.22 20:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[2005.02.02 01:29:12 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd.exe
[2003.09.19 14:02:26 | 000,406,016 | ---- | C] () -- C:\Windows\System32\PSDrvCheck.exe
[2003.01.17 23:34:40 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
[2002.10.15 23:54:04 | 000,153,088 | ---- | C] () -- C:\Windows\System32\unrar.dll
 
========== LOP Check ==========
 
[2010.04.16 21:40:18 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AnvSoft
[2010.12.17 15:09:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Ashampoo
[2010.12.31 01:19:33 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Atari
[2011.12.28 21:49:12 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AVG
[2011.12.28 01:02:14 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AVG2012
[2011.10.08 16:30:10 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\calibre
[2011.12.29 01:16:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Dropbox
[2011.12.22 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\FreeFLVConverter
[2010.08.14 19:21:21 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\GARMIN
[2011.12.22 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\gtk-2.0
[2010.11.15 12:49:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\ICQ
[2011.06.18 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\LG Electronics
[2011.01.23 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\NCH Swift Sound
[2010.02.15 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\OpenOffice.org
[2011.12.22 15:41:17 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Opera
[2011.08.21 22:57:51 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Samsung
[2011.12.22 15:48:28 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\sauber
[2010.02.12 15:33:26 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2010.10.30 15:12:30 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Vso
[2011.12.28 23:46:02 | 000,000,914 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000Core.job
[2011.12.28 23:46:03 | 000,000,936 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2404372160-4221846748-428584739-1000UA.job
[2011.12.29 01:09:11 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2011.12.28 20:52:20 | 000,000,422 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{54B6077B-E065-414B-9A7F-0656851B3A2B}.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.02.12 15:36:08 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Adobe
[2010.04.16 21:40:18 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AnvSoft
[2010.12.17 15:09:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Ashampoo
[2010.12.31 01:19:33 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Atari
[2010.02.10 12:56:37 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\ATI
[2011.12.28 21:49:12 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AVG
[2011.12.28 01:02:14 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\AVG2012
[2011.08.23 13:00:34 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Avira
[2011.10.08 16:30:10 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\calibre
[2010.02.13 16:16:54 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\DivX
[2011.12.29 01:16:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Dropbox
[2011.12.22 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\dvdcss
[2011.12.22 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\FreeFLVConverter
[2010.08.14 19:21:21 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\GARMIN
[2010.03.20 09:13:05 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Google
[2011.12.22 23:29:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\gtk-2.0
[2010.11.15 12:49:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\ICQ
[2010.02.10 12:56:06 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Identities
[2010.05.21 17:28:20 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\InstallShield
[2011.06.18 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\LG Electronics
[2010.02.12 15:36:08 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Macromedia
[2011.12.28 00:55:35 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Malwarebytes
[2006.11.02 13:37:34 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Media Center Programs
[2011.10.03 18:29:15 | 000,000,000 | --SD | M] -- C:\Users\Toshiba\AppData\Roaming\Microsoft
[2011.12.22 23:29:22 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Move Networks
[2010.02.12 15:31:24 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Mozilla
[2011.01.23 17:16:48 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\NCH Software
[2011.01.23 17:15:53 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\NCH Swift Sound
[2010.04.16 18:06:19 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Nero
[2010.02.15 14:25:39 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\OpenOffice.org
[2011.12.22 15:41:17 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Opera
[2011.08.21 22:57:51 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Samsung
[2011.12.22 15:48:28 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\sauber
[2011.12.22 23:29:25 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Skype
[2011.09.11 20:43:56 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\skypePM
[2010.02.12 15:33:26 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Toshiba
[2011.12.22 23:29:25 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\vlc
[2010.10.30 15:12:30 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\Vso
[2010.02.12 23:16:40 | 000,000,000 | ---D | M] -- C:\Users\Toshiba\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2010.10.30 15:12:07 | 000,087,608 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\inst.exe
[2011.05.25 21:07:14 | 024,176,560 | ---- | M] (Dropbox, Inc.) -- C:\Users\Toshiba\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2011.05.25 21:07:18 | 000,174,784 | ---- | M] (Dropbox, Inc.) -- C:\Users\Toshiba\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2009.06.04 12:51:24 | 001,413,256 | R--- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Templates\D\USBAutoRun.exe
[2009.05.12 07:46:36 | 000,212,992 | R--- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Templates\D\tools\LGSetCDROMAutoRun.exe
[2010.04.24 11:17:04 | 000,144,053 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Move Networks\uninstall.exe
[2010.02.11 20:31:38 | 000,097,216 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Move Networks\ie_bin\MovePlayerUpgrade.exe
[2007.08.29 15:36:06 | 000,167,424 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\NCH Software\Components\aacdec\aacdec.exe
[2011.07.26 19:23:14 | 000,958,352 | ---- | M] (Samsung) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\Kies.exe
[2011.07.26 19:23:16 | 000,278,928 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesDriverInstaller.exe
[2011.07.26 16:27:50 | 000,286,720 | ---- | M] (Samsung) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesLogger.exe
[2011.07.26 19:23:16 | 003,507,088 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\KiesTrayAgent.exe
[2011.07.26 16:27:16 | 000,284,160 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceDataService.exe
[2011.07.26 16:27:18 | 000,666,112 | ---- | M] (Mobileleader Co., Ltd.) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\DeviceManager.exe
[2011.07.26 19:23:20 | 000,067,472 | ---- | M] (Samsung) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\DeviceModules\Kies_Tutorial.exe
[2011.07.26 16:27:06 | 000,106,408 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentInstaller.exe
[2011.07.26 16:27:06 | 000,101,288 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\AgentUpdate.exe
[2011.07.26 19:23:22 | 000,131,984 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\BinaryLoaderMgr.exe
[2011.07.26 19:23:24 | 000,020,880 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\FirmwareUpdate\KiesPDLR.exe
[2011.07.26 19:23:26 | 004,661,464 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\External\MediaModules\MyFreeCodecPack.exe
[2011.07.26 16:26:44 | 024,100,248 | ---- | M] (SAMSUNG Electronics Co., Ltd.) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\backup\USB Driver\SAMSUNG_USB_Driver_for_Mobile_Phones.exe
[2011.07.26 19:23:28 | 000,362,384 | ---- | M] (ml) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\temp\Kies.Update.exe
[2011.09.29 08:19:30 | 000,364,432 | ---- | M] (ml) -- C:\Users\Toshiba\AppData\Roaming\Samsung\Kies\UpdateTemp\Updater\Kies.Update.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2008.01.19 08:42:25 | 000,056,376 | ---- | M] (Microsoft Corporation) MD5=13F9E33747E6B41A3FF305C37DB0D360 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_ba12ed3bbeb0d97a\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\drivers\AGP440.sys
[2006.11.02 10:49:52 | 000,053,864 | ---- | M] (Microsoft Corporation) MD5=EF23439CDD587F64C2C1B8825CEAD7D8 -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_920a2c1f\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.01.19 08:41:30 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=2D9C903DC76A66813D350A562DE40ED9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_dd38281a2189ce9c\atapi.sys
[2006.11.02 10:49:36 | 000,019,048 | ---- | M] (Microsoft Corporation) MD5=4F4FCB8B6EA06784FB6D475B7EC7300F -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_c6c2e699\atapi.sys
[2010.02.13 04:08:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\drivers\atapi.sys
[2010.02.13 04:08:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_7de13c21\atapi.sys
[2010.02.13 04:08:59 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=B35CFCEF838382AB6490B321C87EDF17 -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_db337a442479c42c\atapi.sys
[2010.02.13 04:08:58 | 000,021,560 | ---- | M] (Microsoft Corporation) MD5=E03E8C99D15D0381E02743C36AFC7C6F -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_dbac78a93da31a8b\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\System32\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 08:42:51 | 000,235,064 | ---- | M] (Intel Corporation) MD5=54155EA1B0DF185878E0FC9EC3AC3A14 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_af11527887c7fa8f\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\drivers\iaStorV.sys
[2006.11.02 10:51:25 | 000,232,040 | ---- | M] (Intel Corporation) MD5=C957BF4B5D80B46C5017BF0101E6C906 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_37cdafa4\iaStorV.sys
 
< MD5 for: KR10N.SYS  >
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10i\KR10N.sys
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Toshiba\Drivers\Raid\Kr10n\KR10N.sys
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\drivers\KR10N.sys
[2007.01.18 15:47:18 | 000,211,072 | ---- | M] (TOSHIBA CORPORATION) MD5=6E9922332386C2A49936B30B2B6FD298 -- C:\Windows\System32\DriverStore\FileRepository\kr10.inf_95888b8d\KR10N.sys
 
< MD5 for: NETLOGON.DLL  >
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\System32\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_fb80f5473b0ed783\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_fdb7b74337f9e857\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\drivers\nvstor.sys
[2006.11.02 10:50:13 | 000,040,040 | ---- | M] (NVIDIA Corporation) MD5=9E0BA19A28C498A6D323D065DB76DFFC -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_733654ff\nvstor.sys
[2008.01.19 08:42:09 | 000,045,112 | ---- | M] (NVIDIA Corporation) MD5=ABED0C09758D1D97DB0042DBB2688177 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_39dac327befea467\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_380de25bd91b6f12\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\System32\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_35d7205fdc305e3e\scecli.dll
 
< MD5 for: USER32.DLL  >
[2007.09.14 07:30:28 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=9D9F061EDA75425FC67F0365E3467C86 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_cbc258dc896598f1\user32.dll
[2008.01.19 08:36:46 | 000,627,200 | ---- | M] (Microsoft Corporation) MD5=B974D9F06DC7D1908E825DC201681269 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_cd386c416d5c7f32\user32.dll
[2006.11.02 10:46:13 | 000,633,856 | ---- | M] (Microsoft Corporation) MD5=E698A5437B89A285ACA3FF022356810A -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_cb01aa4570716e5e\user32.dll
[2007.09.14 07:30:27 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\System32\user32.dll
[2007.09.14 07:30:27 | 000,633,856 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_cb39bc5b7047127e\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\System32\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\System32\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\System32\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2011.12.24 17:50:20 | 000,182,856 | ---- | M] () MD5=B382935AB01B27D0E14F267DBF288896 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\System32\drivers\ws2ifsl.sys
[2006.11.02 09:58:26 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=84620AECDCFD2A7A14E6263927D8C0ED -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_4d4fded8cae2956d\ws2ifsl.sys
[2008.01.19 06:56:49 | 000,015,872 | ---- | M] (Microsoft Corporation) MD5=E3A3CB253C0EC2494D4A61F5E43A389C -- C:\Windows\SoftwareDistribution\Download\c91af43e301542f65a88d59517636d32\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_4f86a0d4c7cda641\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2007.07.27 22:26:42 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\ATIDEMGX.dll
[2010.03.09 17:49:34 | 000,347,136 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2010.03.09 17:49:34 | 000,214,528 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll
[2007.09.14 08:11:03 | 000,392,192 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\$NtUninstallKB63564$] -> Error: Cannot create file handle -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:66B13F37
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C

< End of report >
         

Alt 29.12.2011, 00:53   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
MOD - [2011.12.29 01:11:06 | 000,115,137 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\Temp\ae201572-4813-4010-9ed2-ee29ddec066a\CliSecureRT.dll
SRV - File not found [Auto | Stopped] --  -- (MOBCleanup)
SRV - File not found [Auto | Stopped] --  -- (0260821278877219mcinstcleanup) McAfee Application Installer Cleanup (0260821278877219)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\Shell - "" = AutoRun
O33 - MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\Shell\AutoRun\command - "" = D:\USBAutoRun.exe
O33 - MountPoints2\{842ceb84-02b3-11e0-847f-00a0d19da3c8}\Shell\AutoRun\command - "" = D:\SamsungSoftware\APPInst.exe
[2011.12.22 15:26:24 | 000,000,000 | ---- | C] () -- C:\ProgramData\1rOGra2.dat
[2011.12.22 15:21:04 | 009,730,308 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\SMRBackup210.dat
[2011.12.22 15:01:44 | 000,000,296 | ---- | C] () -- C:\ProgramData\~bd2IHMHea4yma0
[2011.12.22 15:01:44 | 000,000,208 | ---- | C] () -- C:\ProgramData\~bd2IHMHea4yma0r
[2011.12.22 14:52:25 | 000,000,448 | ---- | C] () -- C:\ProgramData\bd2IHMHea4yma0
@Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:0B4227B4
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:66B13F37
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C
:Files
C:\Windows\system32\consrv.dll
:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.12.2011, 01:21   #13
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Code:
ATTFilter
All processes killed
========== OTL ==========
Service MOBCleanup stopped successfully!
Service MOBCleanup deleted successfully!
Error: No service named 0260821278877219mcinstcleanup) McAfee Application Installer Cleanup (0260821278877219 was found to stop!
Service\Driver key 0260821278877219mcinstcleanup) McAfee Application Installer Cleanup (0260821278877219 not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
C:\autoexec.bat moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1379c179-99a0-11e0-a998-00a0d19da3c8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1379c179-99a0-11e0-a998-00a0d19da3c8}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1379c179-99a0-11e0-a998-00a0d19da3c8}\ not found.
File D:\USBAutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{842ceb84-02b3-11e0-847f-00a0d19da3c8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{842ceb84-02b3-11e0-847f-00a0d19da3c8}\ not found.
File D:\SamsungSoftware\APPInst.exe not found.
C:\ProgramData\1rOGra2.dat moved successfully.
C:\Users\Toshiba\AppData\Roaming\SMRBackup210.dat moved successfully.
C:\ProgramData\~bd2IHMHea4yma0 moved successfully.
C:\ProgramData\~bd2IHMHea4yma0r moved successfully.
C:\ProgramData\bd2IHMHea4yma0 moved successfully.
ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.
ADS C:\ProgramData\TEMP:66B13F37 deleted successfully.
ADS C:\ProgramData\TEMP:6152D44C deleted successfully.
========== FILES ==========
File\Folder C:\Windows\system32\consrv.dll not found.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Gast
->Temp folder emptied: 136185 bytes
->Temporary Internet Files folder emptied: 70551867 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 2425 bytes
 
User: Public
 
User: Toshiba
->Temp folder emptied: 3161854 bytes
->Temporary Internet Files folder emptied: 36577503 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 102352582 bytes
->Flash cache emptied: 1278 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 26846 bytes
RecycleBin emptied: 707308158 bytes
 
Total Files Cleaned = 878,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 12292011_020559

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...
         

Alt 29.12.2011, 01:21   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.12.2011, 01:34   #15
lindagrey
 
TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Standard

TR/Trash.Gen (Systemfix, Gema, und weitere Viren)



Okay .. unhide hatte ich bereits vor meinem ersten Posting benutzt und meine Dateien sind alle sichtbar.

Hier das Log:

Code:
ATTFilter
02:28:57.0139 4264	TDSS rootkit removing tool 2.6.25.0 Dec 23 2011 14:51:16
02:28:57.0368 4264	============================================================
02:28:57.0368 4264	Current date / time: 2011/12/29 02:28:57.0368
02:28:57.0368 4264	SystemInfo:
02:28:57.0368 4264	
02:28:57.0368 4264	OS Version: 6.0.6000 ServicePack: 0.0
02:28:57.0368 4264	Product type: Workstation
02:28:57.0368 4264	ComputerName: TOSHIBA-PC
02:28:57.0368 4264	UserName: Toshiba
02:28:57.0369 4264	Windows directory: C:\Windows
02:28:57.0369 4264	System windows directory: C:\Windows
02:28:57.0369 4264	Processor architecture: Intel x86
02:28:57.0369 4264	Number of processors: 2
02:28:57.0369 4264	Page size: 0x1000
02:28:57.0369 4264	Boot type: Normal boot
02:28:57.0369 4264	============================================================
02:28:59.0057 4264	Initialize success
02:30:11.0997 4428	============================================================
02:30:11.0997 4428	Scan started
02:30:11.0997 4428	Mode: Manual; SigCheck; TDLFS; 
02:30:11.0997 4428	============================================================
02:30:14.0004 4428	ACPI            (84fc6df81212d16be5c4f441682feccc) C:\Windows\system32\drivers\acpi.sys
02:30:14.0128 4428	ACPI - ok
02:30:14.0238 4428	adp94xx         (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
02:30:14.0280 4428	adp94xx - ok
02:30:14.0411 4428	adpahci         (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
02:30:14.0494 4428	adpahci - ok
02:30:14.0620 4428	adpu160m        (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
02:30:14.0640 4428	adpu160m - ok
02:30:14.0684 4428	adpu320         (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
02:30:14.0706 4428	adpu320 - ok
02:30:14.0795 4428	AFD             (5d24caf8efd924a875698ff28384db8b) C:\Windows\system32\drivers\afd.sys
02:30:14.0893 4428	AFD - ok
02:30:15.0187 4428	AgereSoftModem  (ce91b158fa490cf4c4d487a4130f4660) C:\Windows\system32\DRIVERS\AGRSM.sys
02:30:15.0443 4428	AgereSoftModem - ok
02:30:15.0691 4428	agp440          (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
02:30:15.0762 4428	agp440 - ok
02:30:16.0035 4428	aic78xx         (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
02:30:16.0091 4428	aic78xx - ok
02:30:16.0181 4428	aliide          (90395b64600ebb4552e26e178c94b2e4) C:\Windows\system32\drivers\aliide.sys
02:30:16.0195 4428	aliide - ok
02:30:16.0410 4428	amdagp          (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
02:30:16.0435 4428	amdagp - ok
02:30:16.0485 4428	amdide          (0577df1d323fe75a739c787893d300ea) C:\Windows\system32\drivers\amdide.sys
02:30:16.0524 4428	amdide - ok
02:30:16.0643 4428	AmdK7           (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
02:30:16.0725 4428	AmdK7 - ok
02:30:16.0845 4428	AmdK8           (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\DRIVERS\amdk8.sys
02:30:16.0908 4428	AmdK8 - ok
02:30:17.0005 4428	androidusb      (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\Windows\system32\Drivers\ssadadb.sys
02:30:17.0089 4428	androidusb - ok
02:30:17.0283 4428	arc             (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
02:30:17.0302 4428	arc - ok
02:30:17.0383 4428	arcsas          (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
02:30:17.0403 4428	arcsas - ok
02:30:17.0486 4428	ASAPIW2K        (875f9079cabee679d34b49e466b61701) C:\Windows\system32\Drivers\ASAPIW2K.sys
02:30:17.0527 4428	ASAPIW2K ( UnsignedFile.Multi.Generic ) - warning
02:30:17.0527 4428	ASAPIW2K - detected UnsignedFile.Multi.Generic (1)
02:30:17.0803 4428	AsyncMac        (e86cf7ce67d5de898f27ef884dc357d8) C:\Windows\system32\DRIVERS\asyncmac.sys
02:30:17.0878 4428	AsyncMac - ok
02:30:18.0139 4428	atapi           (b35cfcef838382ab6490b321c87edf17) C:\Windows\system32\drivers\atapi.sys
02:30:18.0149 4428	atapi - ok
02:30:18.0858 4428	atikmdag        (22d300f835600c9c634860cf2912f9cf) C:\Windows\system32\DRIVERS\atikmdag.sys
02:30:19.0059 4428	atikmdag - ok
02:30:19.0578 4428	AtiPcie         (4aa1eb65481c392955939e735d27118b) C:\Windows\system32\DRIVERS\AtiPcie.sys
02:30:19.0659 4428	AtiPcie - ok
02:30:20.0084 4428	avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\Windows\system32\DRIVERS\avgntflt.sys
02:30:20.0102 4428	avgntflt - ok
02:30:20.0436 4428	avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\Windows\system32\DRIVERS\avipbb.sys
02:30:20.0457 4428	avipbb - ok
02:30:20.0876 4428	Beep            (ac3dd1708b22761ebd7cbe14dcc3b5d7) C:\Windows\system32\drivers\Beep.sys
02:30:20.0962 4428	Beep - ok
02:30:21.0476 4428	blbdrive - ok
02:30:21.0555 4428	bowser          (913cd06fbe9105ce6077e90fd4418561) C:\Windows\system32\DRIVERS\bowser.sys
02:30:21.0628 4428	bowser - ok
02:30:21.0929 4428	BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
02:30:22.0041 4428	BrFiltLo - ok
02:30:22.0099 4428	BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
02:30:22.0153 4428	BrFiltUp - ok
02:30:22.0342 4428	Brserid         (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
02:30:22.0415 4428	Brserid - ok
02:30:22.0666 4428	BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
02:30:22.0735 4428	BrSerWdm - ok
02:30:22.0779 4428	BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
02:30:22.0846 4428	BrUsbMdm - ok
02:30:23.0120 4428	BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
02:30:23.0187 4428	BrUsbSer - ok
02:30:23.0543 4428	BTHMODEM        (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
02:30:23.0632 4428	BTHMODEM - ok
02:30:23.0745 4428	cdfs            (6c3a437fc873c6f6a4fc620b6888cb86) C:\Windows\system32\DRIVERS\cdfs.sys
02:30:23.0813 4428	cdfs - ok
02:30:23.0928 4428	cdrom           (8d1866e61af096ae8b582454f5e4d303) C:\Windows\system32\DRIVERS\cdrom.sys
02:30:23.0986 4428	cdrom - ok
02:30:24.0116 4428	circlass        (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
02:30:24.0209 4428	circlass - ok
02:30:24.0435 4428	CLFS            (1b84fd0937d3b99af9ba38ddff3daf54) C:\Windows\system32\CLFS.sys
02:30:24.0449 4428	CLFS - ok
02:30:24.0846 4428	CmBatt          (ed97ad3df1b9005989eaf149bf06c821) C:\Windows\system32\DRIVERS\CmBatt.sys
02:30:24.0926 4428	CmBatt - ok
02:30:25.0268 4428	cmdide          (45201046c776ffdaf3fc8a0029c581c8) C:\Windows\system32\drivers\cmdide.sys
02:30:25.0285 4428	cmdide - ok
02:30:25.0513 4428	Compbatt        (722936afb75a7f509662b69b5632f48a) C:\Windows\system32\DRIVERS\compbatt.sys
02:30:25.0553 4428	Compbatt - ok
02:30:25.0592 4428	crcdisk         (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
02:30:25.0609 4428	crcdisk - ok
02:30:25.0632 4428	Crusoe          (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
02:30:25.0705 4428	Crusoe - ok
02:30:25.0903 4428	DfsC            (a7179de59ae269ab70345527894ccd7c) C:\Windows\system32\Drivers\dfsc.sys
02:30:25.0985 4428	DfsC - ok
02:30:26.0151 4428	disk            (841af4c4d41d3e3b2f244e976b0f7963) C:\Windows\system32\drivers\disk.sys
02:30:26.0208 4428	disk - ok
02:30:26.0427 4428	drmkaud         (ee472cd2c01f6f8e8aa1fa06ffef61b6) C:\Windows\system32\drivers\drmkaud.sys
02:30:26.0550 4428	drmkaud - ok
02:30:26.0934 4428	DXGKrnl         (334988883de69adb27e2cf9f9715bbdb) C:\Windows\System32\drivers\dxgkrnl.sys
02:30:27.0004 4428	DXGKrnl - ok
02:30:27.0168 4428	E1G60           (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
02:30:27.0253 4428	E1G60 - ok
02:30:27.0781 4428	Ecache          (0efc7531b936ee57fdb4e837664c509f) C:\Windows\system32\drivers\ecache.sys
02:30:27.0968 4428	Ecache - ok
02:30:28.0313 4428	elxstor         (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
02:30:28.0347 4428	elxstor - ok
02:30:28.0971 4428	fastfat         (84a317cb0b3954d3768cdcd018dbf670) C:\Windows\system32\drivers\fastfat.sys
02:30:29.0045 4428	fastfat - ok
02:30:29.0241 4428	fdc             (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
02:30:29.0320 4428	fdc - ok
02:30:29.0726 4428	FileInfo        (65773d6115c037ffd7ef8280ae85eb9d) C:\Windows\system32\drivers\fileinfo.sys
02:30:29.0756 4428	FileInfo - ok
02:30:30.0097 4428	Filetrace       (c226dd0de060745f3e042f58dcf78402) C:\Windows\system32\drivers\filetrace.sys
02:30:30.0166 4428	Filetrace - ok
02:30:30.0331 4428	flpydisk        (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
02:30:30.0418 4428	flpydisk - ok
02:30:30.0734 4428	FltMgr          (a6a8da7ae4d53394ab22ac3ab6d3f5d3) C:\Windows\system32\drivers\fltmgr.sys
02:30:30.0805 4428	FltMgr - ok
02:30:31.0115 4428	Fs_Rec          (66a078591208baa210c7634b11eb392c) C:\Windows\system32\drivers\Fs_Rec.sys
02:30:31.0147 4428	Fs_Rec - ok
02:30:31.0485 4428	FwLnk           (cbc22823628544735625b280665e434e) C:\Windows\system32\DRIVERS\FwLnk.sys
02:30:31.0551 4428	FwLnk - ok
02:30:31.0890 4428	gagp30kx        (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
02:30:31.0974 4428	gagp30kx - ok
02:30:32.0298 4428	HdAudAddService (cb04c744be0a61b1d648faed182c3b59) C:\Windows\system32\drivers\HdAudio.sys
02:30:32.0400 4428	HdAudAddService - ok
02:30:32.0866 4428	HDAudBus        (0db613a7e427b5663563677796fd5258) C:\Windows\system32\DRIVERS\HDAudBus.sys
02:30:32.0891 4428	HDAudBus - ok
02:30:33.0065 4428	HidBth          (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
02:30:33.0142 4428	HidBth - ok
02:30:33.0262 4428	HidIr           (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
02:30:33.0337 4428	HidIr - ok
02:30:33.0613 4428	HidUsb          (3c64042b95e583b366ba4e5d2450235e) C:\Windows\system32\DRIVERS\hidusb.sys
02:30:33.0683 4428	HidUsb - ok
02:30:33.0812 4428	HpCISSs         (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
02:30:33.0842 4428	HpCISSs - ok
02:30:33.0990 4428	HssDrv          (4f28652ec514fa1ba473bc1a695a5c98) C:\Windows\system32\DRIVERS\HssDrv.sys
02:30:34.0004 4428	HssDrv - ok
02:30:34.0312 4428	HTTP            (ea24fe637d974a8a31bc650f478e3533) C:\Windows\system32\drivers\HTTP.sys
02:30:34.0394 4428	HTTP - ok
02:30:34.0556 4428	i2omp           (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
02:30:34.0572 4428	i2omp - ok
02:30:34.0664 4428	i8042prt        (1c9ee072baa3abb460b91d7ee9152660) C:\Windows\system32\DRIVERS\i8042prt.sys
02:30:34.0704 4428	i8042prt - ok
02:30:34.0865 4428	iaStorV         (c957bf4b5d80b46c5017bf0101e6c906) C:\Windows\system32\drivers\iastorv.sys
02:30:34.0906 4428	iaStorV - ok
02:30:34.0971 4428	iirsp           (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
02:30:35.0004 4428	iirsp - ok
02:30:35.0730 4428	IntcAzAudAddService (97cac2a7e92ffcb30c15101ab002ed30) C:\Windows\system32\drivers\RTKVHDA.sys
02:30:35.0903 4428	IntcAzAudAddService - ok
02:30:36.0134 4428	intelide        (97469037714070e45194ed318d636401) C:\Windows\system32\drivers\intelide.sys
02:30:36.0223 4428	intelide - ok
02:30:36.0554 4428	intelppm        (ce44cc04262f28216dd4341e9e36a16f) C:\Windows\system32\DRIVERS\intelppm.sys
02:30:36.0662 4428	intelppm - ok
02:30:37.0325 4428	IpFilterDriver  (880c6f86cc3f551b8fea2c11141268c0) C:\Windows\system32\DRIVERS\ipfltdrv.sys
02:30:37.0493 4428	IpFilterDriver - ok
02:30:37.0723 4428	IpInIp - ok
02:30:38.0165 4428	IPMIDRV         (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
02:30:38.0281 4428	IPMIDRV - ok
02:30:38.0794 4428	IPNAT           (10077c35845101548037df04fd1a420b) C:\Windows\system32\DRIVERS\ipnat.sys
02:30:38.0870 4428	IPNAT - ok
02:30:39.0072 4428	IRENUM          (a82f328f4792304184642d6d397bb1e3) C:\Windows\system32\drivers\irenum.sys
02:30:39.0166 4428	IRENUM - ok
02:30:39.0752 4428	isapnp          (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
02:30:39.0774 4428	isapnp - ok
02:30:40.0120 4428	iScsiPrt        (4dca456d4d5723f8fa9c6760d240b0df) C:\Windows\system32\DRIVERS\msiscsi.sys
02:30:40.0152 4428	iScsiPrt - ok
02:30:40.0473 4428	iteatapi        (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
02:30:40.0489 4428	iteatapi - ok
02:30:40.0724 4428	iteraid         (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
02:30:40.0756 4428	iteraid - ok
02:30:40.0870 4428	kbdclass        (b076b2ab806b3f696dab21375389101c) C:\Windows\system32\DRIVERS\kbdclass.sys
02:30:40.0889 4428	kbdclass - ok
02:30:41.0080 4428	kbdhid          (d2600cb17b7408b4a83f231dc9a11ac3) C:\Windows\system32\drivers\kbdhid.sys
02:30:41.0155 4428	kbdhid - ok
02:30:41.0280 4428	KR10I           (a383f2cea0a8f4e76e71abc869bd5748) C:\Windows\system32\drivers\kr10i.sys
02:30:41.0342 4428	KR10I - ok
02:30:41.0638 4428	KR10N           (6e9922332386c2a49936b30b2b6fd298) C:\Windows\system32\drivers\kr10n.sys
02:30:41.0666 4428	KR10N - ok
02:30:41.0890 4428	KSecDD          (0a829977b078dea11641fc2af87ceade) C:\Windows\system32\Drivers\ksecdd.sys
02:30:41.0973 4428	KSecDD - ok
02:30:42.0168 4428	LgBttPort       (4dd47b5af0b24871ebb9efc012a7474e) C:\Windows\system32\DRIVERS\lgbtport.sys
02:30:42.0212 4428	LgBttPort - ok
02:30:42.0237 4428	lgbusenum       (1d038ca6c529203087a990e5e97887b4) C:\Windows\system32\DRIVERS\lgbtbus.sys
02:30:42.0262 4428	lgbusenum - ok
02:30:42.0372 4428	LGVMODEM        (26f1976a330195d62a6224c76968cf0d) C:\Windows\system32\DRIVERS\lgvmodem.sys
02:30:42.0534 4428	LGVMODEM - ok
02:30:43.0014 4428	lltdio          (fd015b4f95daa2b712f0e372a116fbad) C:\Windows\system32\DRIVERS\lltdio.sys
02:30:43.0110 4428	lltdio - ok
02:30:43.0481 4428	LSI_FC          (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
02:30:43.0498 4428	LSI_FC - ok
02:30:43.0848 4428	LSI_SAS         (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
02:30:43.0921 4428	LSI_SAS - ok
02:30:44.0153 4428	LSI_SCSI        (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
02:30:44.0179 4428	LSI_SCSI - ok
02:30:44.0206 4428	luafv           (42885bb44b6e065b8575a8dd6c430c52) C:\Windows\system32\drivers\luafv.sys
02:30:44.0274 4428	luafv - ok
02:30:44.0515 4428	MBAMProtector   (b7ca8cc3f978201856b6ab82f40953c3) C:\Windows\system32\drivers\mbam.sys
02:30:44.0532 4428	MBAMProtector - ok
02:30:44.0851 4428	MBAMSwissArmy   (0db7527db188c7d967a37bb51bbf3963) C:\Windows\system32\drivers\mbamswissarmy.sys
02:30:44.0889 4428	MBAMSwissArmy - ok
02:30:44.0978 4428	megasas         (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
02:30:45.0008 4428	megasas - ok
02:30:45.0216 4428	Modem           (21755967298a46fb6adfec9db6012211) C:\Windows\system32\drivers\modem.sys
02:30:45.0308 4428	Modem - ok
02:30:45.0374 4428	monitor         (7446e104a5fe5987ca9e4983fbac4f97) C:\Windows\system32\DRIVERS\monitor.sys
02:30:45.0399 4428	monitor - ok
02:30:45.0552 4428	mouclass        (5fba13c1a1841b0885d316ed3589489d) C:\Windows\system32\DRIVERS\mouclass.sys
02:30:45.0583 4428	mouclass - ok
02:30:45.0769 4428	mouhid          (b569b5c5d3bde545df3a6af512cccdba) C:\Windows\system32\DRIVERS\mouhid.sys
02:30:45.0814 4428	mouhid - ok
02:30:45.0977 4428	MountMgr        (01f1e5a3e4877c931cbb31613fec16a6) C:\Windows\system32\drivers\mountmgr.sys
02:30:46.0012 4428	MountMgr - ok
02:30:46.0076 4428	mpio            (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
02:30:46.0096 4428	mpio - ok
02:30:46.0340 4428	mpsdrv          (6e7a7f0c1193ee5648443fe2d4b789ec) C:\Windows\system32\drivers\mpsdrv.sys
02:30:46.0371 4428	mpsdrv - ok
02:30:46.0850 4428	Mraid35x        (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
02:30:46.0907 4428	Mraid35x - ok
02:30:47.0170 4428	MRxDAV          (1d8828b98ee309d65e006f0829e280e5) C:\Windows\system32\drivers\mrxdav.sys
02:30:47.0212 4428	MRxDAV - ok
02:30:47.0246 4428	mrxsmb          (8af705ce1bb907932157fab821170f27) C:\Windows\system32\DRIVERS\mrxsmb.sys
02:30:47.0295 4428	mrxsmb - ok
02:30:47.0487 4428	mrxsmb10        (47e13ab23371be3279eef22bbfa2c1be) C:\Windows\system32\DRIVERS\mrxsmb10.sys
02:30:47.0529 4428	mrxsmb10 - ok
02:30:47.0596 4428	mrxsmb20        (90b3fc7bd6b3d7ee7635debba2187f66) C:\Windows\system32\DRIVERS\mrxsmb20.sys
02:30:47.0654 4428	mrxsmb20 - ok
02:30:47.0687 4428	msahci          (742aed7939e734c36b7e8d6228ce26b7) C:\Windows\system32\drivers\msahci.sys
02:30:47.0702 4428	msahci - ok
02:30:48.0077 4428	msdsm           (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
02:30:48.0097 4428	msdsm - ok
02:30:48.0241 4428	Msfs            (729eafefd4e7417165f353a18dbe947d) C:\Windows\system32\drivers\Msfs.sys
02:30:48.0296 4428	Msfs - ok
02:30:48.0352 4428	msisadrv        (5f454a16a5146cd91a176d70f0cfa3ec) C:\Windows\system32\drivers\msisadrv.sys
02:30:48.0367 4428	msisadrv - ok
02:30:48.0531 4428	MSKSSRV         (892cedefa7e0ffe7be8da651b651d047) C:\Windows\system32\drivers\MSKSSRV.sys
02:30:48.0600 4428	MSKSSRV - ok
02:30:48.0713 4428	MSPCLOCK        (ae2cb1da69b2676b4cee2a501af5871c) C:\Windows\system32\drivers\MSPCLOCK.sys
02:30:48.0796 4428	MSPCLOCK - ok
02:30:48.0944 4428	MSPQM           (f910da84fa90c44a3addb7cd874463fd) C:\Windows\system32\drivers\MSPQM.sys
02:30:49.0005 4428	MSPQM - ok
02:30:49.0260 4428	MsRPC           (84571c0ae07647ba38d493f5f0015df7) C:\Windows\system32\drivers\MsRPC.sys
02:30:49.0289 4428	MsRPC - ok
02:30:49.0810 4428	mssmbios        (4385c80ede885e25492d408cad91bd6f) C:\Windows\system32\DRIVERS\mssmbios.sys
02:30:49.0818 4428	mssmbios - ok
02:30:50.0139 4428	MSTEE           (c826dd1373f38afd9ca46ec3c436a14e) C:\Windows\system32\drivers\MSTEE.sys
02:30:50.0242 4428	MSTEE - ok
02:30:50.0686 4428	Mup             (fa7aa70050cf5e2d15de00941e5665e5) C:\Windows\system32\Drivers\mup.sys
02:30:50.0726 4428	Mup - ok
02:30:50.0975 4428	NativeWifiP     (6da4a0fc7c0e83df0cb3cfd0a514c3bc) C:\Windows\system32\DRIVERS\nwifi.sys
02:30:51.0024 4428	NativeWifiP - ok
02:30:51.0220 4428	NDIS            (fffe00134c554e113ee186eeddb0ff30) C:\Windows\system32\drivers\ndis.sys
02:30:51.0258 4428	NDIS - ok
02:30:51.0588 4428	NdisTapi        (81659cdcbd0f9a9e07e6878ad8c78d3f) C:\Windows\system32\DRIVERS\ndistapi.sys
02:30:51.0644 4428	NdisTapi - ok
02:30:51.0831 4428	Ndisuio         (5de5ee546bf40838ebe0e01cb629df64) C:\Windows\system32\DRIVERS\ndisuio.sys
02:30:51.0942 4428	Ndisuio - ok
02:30:52.0189 4428	NdisWan         (397402adcbb8946223a1950101f6cd94) C:\Windows\system32\DRIVERS\ndiswan.sys
02:30:52.0253 4428	NdisWan - ok
02:30:52.0353 4428	NDProxy         (1b24fa907af283199a81b3bb37e5e526) C:\Windows\system32\drivers\NDProxy.sys
02:30:52.0379 4428	NDProxy - ok
02:30:52.0665 4428	NetBIOS         (356dbb9f98e8dc1028dd3092fceeb877) C:\Windows\system32\DRIVERS\netbios.sys
02:30:52.0740 4428	NetBIOS - ok
02:30:52.0821 4428	netbt           (e3a168912e7eefc3bd3b814720d68b41) C:\Windows\system32\DRIVERS\netbt.sys
02:30:52.0912 4428	netbt - ok
02:30:53.0064 4428	nfrd960         (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
02:30:53.0095 4428	nfrd960 - ok
02:30:53.0198 4428	Npfs            (4f9832beb9fafd8ceb0e541f1323b26e) C:\Windows\system32\drivers\Npfs.sys
02:30:53.0291 4428	Npfs - ok
02:30:53.0641 4428	nsiproxy        (b488dfec274de1fc9d653870ef2587be) C:\Windows\system32\drivers\nsiproxy.sys
02:30:53.0737 4428	nsiproxy - ok
02:30:54.0013 4428	Ntfs            (37430aa7a66d7a63407adc2c0d05e9f6) C:\Windows\system32\drivers\Ntfs.sys
02:30:54.0089 4428	Ntfs - ok
02:30:54.0412 4428	ntrigdigi       (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
02:30:54.0486 4428	ntrigdigi - ok
02:30:54.0681 4428	Null            (ec5efb3c60f1b624648344a328bce596) C:\Windows\system32\drivers\Null.sys
02:30:54.0750 4428	Null - ok
02:30:54.0787 4428	nvraid          (e69e946f80c1c31c53003bfbf50cbb7c) C:\Windows\system32\drivers\nvraid.sys
02:30:54.0806 4428	nvraid - ok
02:30:54.0837 4428	nvstor          (9e0ba19a28c498a6d323d065db76dffc) C:\Windows\system32\drivers\nvstor.sys
02:30:54.0852 4428	nvstor - ok
02:30:54.0874 4428	nv_agp          (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
02:30:54.0895 4428	nv_agp - ok
02:30:54.0972 4428	NwlnkFlt - ok
02:30:55.0092 4428	NwlnkFwd - ok
02:30:55.0152 4428	ohci1394        (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\DRIVERS\ohci1394.sys
02:30:55.0216 4428	ohci1394 - ok
02:30:55.0445 4428	Parport         (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
02:30:55.0524 4428	Parport - ok
02:30:55.0614 4428	partmgr         (555a5b2c8022983bc7467bc925b222ee) C:\Windows\system32\drivers\partmgr.sys
02:30:55.0652 4428	partmgr - ok
02:30:55.0791 4428	Parvdm          (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
02:30:55.0856 4428	Parvdm - ok
02:30:56.0060 4428	pci             (1085d75657807e0e8b32f9e19a1647c3) C:\Windows\system32\drivers\pci.sys
02:30:56.0073 4428	pci - ok
02:30:56.0313 4428	pciide          (caba65e9c41cd2900d4c92d4f825c5f8) C:\Windows\system32\drivers\pciide.sys
02:30:56.0331 4428	pciide - ok
02:30:56.0386 4428	pcmcia          (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
02:30:56.0410 4428	pcmcia - ok
02:30:56.0723 4428	pcouffin        (5b6c11de7e839c05248ced8825470fef) C:\Windows\system32\Drivers\pcouffin.sys
02:30:56.0784 4428	pcouffin - ok
02:30:56.0969 4428	PEAUTH          (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
02:30:57.0135 4428	PEAUTH - ok
02:30:57.0723 4428	PptpMiniport    (6c359ac71d7b550a0d41f9db4563ce05) C:\Windows\system32\DRIVERS\raspptp.sys
02:30:57.0855 4428	PptpMiniport - ok
02:30:58.0121 4428	Processor       (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
02:30:58.0210 4428	Processor - ok
02:30:58.0383 4428	PSched          (2c8bae55247c4e09352e870292e4d1ab) C:\Windows\system32\DRIVERS\pacer.sys
02:30:58.0435 4428	PSched - ok
02:30:58.0706 4428	ql2300          (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
02:30:58.0777 4428	ql2300 - ok
02:30:58.0993 4428	ql40xx          (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
02:30:59.0023 4428	ql40xx - ok
02:30:59.0097 4428	QWAVEdrv        (d2b3e2b7426dc23e185fbc73c8936c12) C:\Windows\system32\drivers\qwavedrv.sys
02:30:59.0167 4428	QWAVEdrv - ok
02:30:59.0321 4428	RasAcd          (bd7b30f55b3649506dd8b3d38f571d2a) C:\Windows\system32\DRIVERS\rasacd.sys
02:30:59.0402 4428	RasAcd - ok
02:30:59.0497 4428	Rasl2tp         (88587dd843e2059848995b407b67f6cf) C:\Windows\system32\DRIVERS\rasl2tp.sys
02:30:59.0595 4428	Rasl2tp - ok
02:30:59.0661 4428	RasPppoe        (ccf4e9c6cbbac81437f88cb2ae0b6c96) C:\Windows\system32\DRIVERS\raspppoe.sys
02:30:59.0748 4428	RasPppoe - ok
02:31:00.0225 4428	rdbss           (54129c5d9581bbec8bd1ebd3ba813f47) C:\Windows\system32\DRIVERS\rdbss.sys
02:31:00.0322 4428	rdbss - ok
02:31:00.0928 4428	RDPCDD          (794585276b5d7fca9f3fc15543f9f0b9) C:\Windows\system32\DRIVERS\RDPCDD.sys
02:31:01.0041 4428	RDPCDD - ok
02:31:01.0520 4428	rdpdr           (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
02:31:01.0589 4428	rdpdr - ok
02:31:02.0117 4428	RDPENCDD        (980b56e2e273e19d3a9d72d5c420f008) C:\Windows\system32\drivers\rdpencdd.sys
02:31:02.0180 4428	RDPENCDD - ok
02:31:02.0294 4428	RDPWD           (8830e790a74a96605faba74f9665bb3c) C:\Windows\system32\drivers\RDPWD.sys
02:31:02.0401 4428	RDPWD - ok
02:31:02.0597 4428	rimmptsk        (355aac141b214bef1dbc1483afd9bd50) C:\Windows\system32\DRIVERS\rimmptsk.sys
02:31:02.0649 4428	rimmptsk - ok
02:31:02.0746 4428	rimsptsk        (a4216c71dd4f60b26418ccfd99cd0815) C:\Windows\system32\DRIVERS\rimsptsk.sys
02:31:02.0772 4428	rimsptsk - ok
02:31:02.0943 4428	RimUsb          (f17713d108aca124a139fde877eef68a) C:\Windows\system32\Drivers\RimUsb.sys
02:31:02.0993 4428	RimUsb - ok
02:31:03.0086 4428	rismxdp         (d231b577024aa324af13a42f3a807d10) C:\Windows\system32\DRIVERS\rixdptsk.sys
02:31:03.0114 4428	rismxdp - ok
02:31:03.0307 4428	rspndr          (97e939d2128fec5d5a3e6e79b290a2f4) C:\Windows\system32\DRIVERS\rspndr.sys
02:31:03.0404 4428	rspndr - ok
02:31:03.0504 4428	RTL8169         (2d19a7469ea19993d0c12e627f4530bc) C:\Windows\system32\DRIVERS\Rtlh86.sys
02:31:03.0534 4428	RTL8169 - ok
02:31:03.0629 4428	RTL8187B        (67e7822975985016fdce01635fbdbbf9) C:\Windows\system32\DRIVERS\RTL8187B.sys
02:31:03.0643 4428	RTL8187B - ok
02:31:03.0795 4428	sbp2port        (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
02:31:03.0814 4428	sbp2port - ok
02:31:03.0889 4428	sdbus           (7b3973cc28b8aa3e9e2e5d53e720e2c9) C:\Windows\system32\DRIVERS\sdbus.sys
02:31:03.0917 4428	sdbus - ok
02:31:03.0958 4428	secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
02:31:04.0040 4428	secdrv - ok
02:31:04.0090 4428	Serenum         (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
02:31:04.0158 4428	Serenum - ok
02:31:04.0746 4428	Serial          (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
02:31:04.0819 4428	Serial - ok
02:31:05.0019 4428	sermouse        (450accd77ec5cea720c1cdb9e26b953b) C:\Windows\system32\drivers\sermouse.sys
02:31:05.0036 4428	sermouse - ok
02:31:05.0122 4428	sffdisk         (51cf56aa8bcc241f134b420b8f850406) C:\Windows\system32\DRIVERS\sffdisk.sys
02:31:05.0156 4428	sffdisk - ok
02:31:05.0354 4428	sffp_mmc        (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
02:31:05.0444 4428	sffp_mmc - ok
02:31:06.0054 4428	sffp_sd         (8b08cab1267b2c377883fc9e56981f90) C:\Windows\system32\DRIVERS\sffp_sd.sys
02:31:06.0079 4428	sffp_sd - ok
02:31:06.0378 4428	sfloppy         (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
02:31:06.0433 4428	sfloppy - ok
02:31:06.0644 4428	sisagp          (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
02:31:06.0688 4428	sisagp - ok
02:31:06.0753 4428	SiSRaid2        (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
02:31:06.0769 4428	SiSRaid2 - ok
02:31:06.0915 4428	SiSRaid4        (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
02:31:06.0948 4428	SiSRaid4 - ok
02:31:06.0997 4428	Smb             (ac0d90738adb51a6fd12ff00874a2162) C:\Windows\system32\DRIVERS\smb.sys
02:31:07.0093 4428	Smb - ok
02:31:07.0207 4428	snpstd          (d08d19ee68cb88ab1bc5da3081505847) C:\Windows\system32\DRIVERS\snpstd.sys
02:31:07.0284 4428	snpstd - ok
02:31:07.0466 4428	spldr           (426f9b029aa9162ceccf65369457d046) C:\Windows\system32\drivers\spldr.sys
02:31:07.0493 4428	spldr - ok
02:31:07.0619 4428	srv             (038579c35f7cad4a4bbf735dbf83277d) C:\Windows\system32\DRIVERS\srv.sys
02:31:07.0676 4428	srv - ok
02:31:07.0831 4428	srv2            (6971a757af8cb5e2cbcbb76cc530db6c) C:\Windows\system32\DRIVERS\srv2.sys
02:31:07.0946 4428	srv2 - ok
02:31:08.0062 4428	srvnet          (9e1a4603b874eebce0298113951abefb) C:\Windows\system32\DRIVERS\srvnet.sys
02:31:08.0085 4428	srvnet - ok
02:31:08.0198 4428	ssadbus         (64e44acd8c238fcbbb78f0ba4bdc4b05) C:\Windows\system32\DRIVERS\ssadbus.sys
02:31:08.0230 4428	ssadbus - ok
02:31:08.0294 4428	ssadmdfl        (bb2c84a15c765da89fd832b0e73f26ce) C:\Windows\system32\DRIVERS\ssadmdfl.sys
02:31:08.0307 4428	ssadmdfl - ok
02:31:08.0369 4428	ssadmdm         (6d0d132ddc6f43eda00dced6d8b1ca31) C:\Windows\system32\DRIVERS\ssadmdm.sys
02:31:08.0392 4428	ssadmdm - ok
02:31:08.0541 4428	ssadserd        (1a5a397bc459f346ab56492b61ef79f6) C:\Windows\system32\DRIVERS\ssadserd.sys
02:31:08.0590 4428	ssadserd - ok
02:31:08.0862 4428	sscdbus         (069351a1d7d291013177a90ae6edccbc) C:\Windows\system32\DRIVERS\sscdbus.sys
02:31:08.0894 4428	sscdbus - ok
02:31:09.0054 4428	sscdmdfl        (1c925be223a5c0f9f469252292a48df6) C:\Windows\system32\DRIVERS\sscdmdfl.sys
02:31:09.0067 4428	sscdmdfl - ok
02:31:09.0146 4428	sscdmdm         (ae3e77ae0fbdb07eb1ac3fed74a0695e) C:\Windows\system32\DRIVERS\sscdmdm.sys
02:31:09.0171 4428	sscdmdm - ok
02:31:09.0248 4428	ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
02:31:09.0263 4428	ssmdrv - ok
02:31:09.0453 4428	swenum          (1379bdb336f8158c176a465e30759f57) C:\Windows\system32\DRIVERS\swenum.sys
02:31:09.0492 4428	swenum - ok
02:31:09.0578 4428	Symc8xx         (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
02:31:09.0595 4428	Symc8xx - ok
02:31:09.0641 4428	Sym_hi          (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
02:31:09.0657 4428	Sym_hi - ok
02:31:09.0942 4428	Sym_u3          (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
02:31:09.0975 4428	Sym_u3 - ok
02:31:10.0121 4428	SynTP           (11f730bf0d0aa4fe7de7138a32a52422) C:\Windows\system32\DRIVERS\SynTP.sys
02:31:10.0157 4428	SynTP - ok
02:31:10.0280 4428	taphss          (0c3b2a9c4bd2dd9a6c2e4084314dd719) C:\Windows\system32\DRIVERS\taphss.sys
02:31:10.0317 4428	taphss - ok
02:31:11.0077 4428	Tcpip           (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\drivers\tcpip.sys
02:31:11.0180 4428	Tcpip - ok
02:31:11.0978 4428	Tcpip6          (4a82fa8f0df67aa354580c3faaf8bde3) C:\Windows\system32\DRIVERS\tcpip.sys
02:31:12.0016 4428	Tcpip6 - ok
02:31:12.0243 4428	tcpipreg        (5ce0c4a7b12d0067dad527d72b68c726) C:\Windows\system32\drivers\tcpipreg.sys
02:31:12.0311 4428	tcpipreg - ok
02:31:12.0538 4428	tdcmdpst        (1825bceb47bf41c5a9f0e44de82fc27a) C:\Windows\system32\DRIVERS\tdcmdpst.sys
02:31:12.0553 4428	tdcmdpst - ok
02:31:12.0623 4428	TDPIPE          (964248aef49c31fa6a93201a73ffaf50) C:\Windows\system32\drivers\tdpipe.sys
02:31:12.0708 4428	TDPIPE - ok
02:31:12.0744 4428	TDTCP           (7d2c1ae1648a60fce4aa0f7982e419d3) C:\Windows\system32\drivers\tdtcp.sys
02:31:12.0810 4428	TDTCP - ok
02:31:12.0896 4428	tdx             (ab4fde8af4a0270a46a001c08cbce1c2) C:\Windows\system32\DRIVERS\tdx.sys
02:31:12.0971 4428	tdx - ok
02:31:13.0086 4428	TermDD          (2c549bd9dd091fbfaa0a2a48e82ec2fb) C:\Windows\system32\DRIVERS\termdd.sys
02:31:13.0124 4428	TermDD - ok
02:31:13.0228 4428	Tosrfcom - ok
02:31:13.0272 4428	tosrfec         (5c4103544612e5011ef46301b93d1aa6) C:\Windows\system32\DRIVERS\tosrfec.sys
02:31:13.0314 4428	tosrfec - ok
02:31:13.0534 4428	tos_sps32       (1ea5f27c29405bf49799feca77186da9) C:\Windows\system32\DRIVERS\tos_sps32.sys
02:31:13.0600 4428	tos_sps32 - ok
02:31:14.0089 4428	tssecsrv        (29f0eca726f0d51f7e048bdb0b372f29) C:\Windows\system32\DRIVERS\tssecsrv.sys
02:31:14.0172 4428	tssecsrv - ok
02:31:14.0559 4428	tunmp           (65e953bc0084d44498b51f59784d2a82) C:\Windows\system32\DRIVERS\tunmp.sys
02:31:14.0576 4428	tunmp - ok
02:31:15.0073 4428	tunnel          (4a39bda5e0fd30bdf4884f9d33ae6105) C:\Windows\system32\DRIVERS\tunnel.sys
02:31:15.0086 4428	tunnel - ok
02:31:15.0345 4428	TVALZ           (521c5f39829875adf5466dd94c6282c7) C:\Windows\system32\DRIVERS\TVALZ_O.SYS
02:31:15.0373 4428	TVALZ - ok
02:31:15.0453 4428	uagp35          (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
02:31:15.0470 4428	uagp35 - ok
02:31:15.0625 4428	udfs            (6348da98707ceda8a0dfb05820e17732) C:\Windows\system32\DRIVERS\udfs.sys
02:31:15.0730 4428	udfs - ok
02:31:16.0070 4428	uliagpkx        (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
02:31:16.0087 4428	uliagpkx - ok
02:31:16.0790 4428	uliahci         (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
02:31:16.0813 4428	uliahci - ok
02:31:17.0006 4428	UlSata          (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
02:31:17.0036 4428	UlSata - ok
02:31:17.0093 4428	ulsata2         (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
02:31:17.0126 4428	ulsata2 - ok
02:31:17.0255 4428	umbus           (3fb78f1d1dd86d87bececd9dffa24dd9) C:\Windows\system32\DRIVERS\umbus.sys
02:31:17.0334 4428	umbus - ok
02:31:17.0549 4428	usbbus          (f2dd4159715afa801c7916f85d2e2779) C:\Windows\system32\DRIVERS\lgusbbus.sys
02:31:17.0602 4428	usbbus - ok
02:31:17.0830 4428	usbccgp         (03b01e8dbd2da2b49157b7e51912aaf2) C:\Windows\system32\DRIVERS\usbccgp.sys
02:31:17.0881 4428	usbccgp - ok
02:31:17.0936 4428	usbcir          (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
02:31:18.0057 4428	usbcir - ok
02:31:18.0135 4428	UsbDiag         (41c12f229cf403a2bb2c8f4a05993c8f) C:\Windows\system32\DRIVERS\lgusbdiag.sys
02:31:18.0164 4428	UsbDiag - ok
02:31:18.0259 4428	usbehci         (2f83363f98484f8edaf49f9b41520d14) C:\Windows\system32\DRIVERS\usbehci.sys
02:31:18.0296 4428	usbehci - ok
02:31:18.0419 4428	usbhub          (14d2a4dcd92c0b3368667aed6893463d) C:\Windows\system32\DRIVERS\usbhub.sys
02:31:18.0462 4428	usbhub - ok
02:31:18.0641 4428	USBModem        (f8e0b715ecdcc4d426d1dc8bead6e0b8) C:\Windows\system32\DRIVERS\lgusbmodem.sys
02:31:18.0684 4428	USBModem - ok
02:31:18.0812 4428	usbohci         (51dc36722172d45f2f935ce5cc18a812) C:\Windows\system32\DRIVERS\usbohci.sys
02:31:18.0853 4428	usbohci - ok
02:31:18.0990 4428	usbprint        (b51e52acf758be00ef3a58ea452fe360) C:\Windows\system32\DRIVERS\usbprint.sys
02:31:19.0076 4428	usbprint - ok
02:31:19.0153 4428	usbscan         (b1f95285c08ddfe00c0b955462637ec7) C:\Windows\system32\DRIVERS\usbscan.sys
02:31:19.0211 4428	usbscan - ok
02:31:19.0313 4428	USBSTOR         (7887ce56934e7f104e98c975f47353c5) C:\Windows\system32\DRIVERS\USBSTOR.SYS
02:31:19.0369 4428	USBSTOR - ok
02:31:19.0468 4428	usbuhci         (325dbbacb8a36af9988ccf40eac228cc) C:\Windows\system32\DRIVERS\usbuhci.sys
02:31:19.0538 4428	usbuhci - ok
02:31:19.0620 4428	usbvideo        (0a6b81f01bc86399482e27e6fda7b33b) C:\Windows\system32\Drivers\usbvideo.sys
02:31:19.0693 4428	usbvideo - ok
02:31:19.0751 4428	vga             (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
02:31:19.0823 4428	vga - ok
02:31:19.0873 4428	VgaSave         (17a8f877314e4067f8c8172cc6d9101c) C:\Windows\System32\drivers\vga.sys
02:31:19.0943 4428	VgaSave - ok
02:31:20.0012 4428	viaagp          (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
02:31:20.0030 4428	viaagp - ok
02:31:20.0098 4428	ViaC7           (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
02:31:20.0174 4428	ViaC7 - ok
02:31:20.0228 4428	viaide          (fd2e3175fcada350c7ab4521dca187ec) C:\Windows\system32\drivers\viaide.sys
02:31:20.0243 4428	viaide - ok
02:31:20.0334 4428	VOBID           (9695e4a37e61355f2eb9c7ea65502738) C:\Windows\system32\DRIVERS\vobid.sys
02:31:20.0357 4428	VOBID ( UnsignedFile.Multi.Generic ) - warning
02:31:20.0357 4428	VOBID - detected UnsignedFile.Multi.Generic (1)
02:31:20.0414 4428	volmgr          (103e84c95832d0ed93507997cc7b54e8) C:\Windows\system32\drivers\volmgr.sys
02:31:20.0431 4428	volmgr - ok
02:31:20.0486 4428	volmgrx         (294da8d3f965f6a8db934a83c7b461ff) C:\Windows\system32\drivers\volmgrx.sys
02:31:20.0518 4428	volmgrx - ok
02:31:20.0574 4428	volsnap         (80dc0c9bcb579ed9815001a4d37cbfd5) C:\Windows\system32\drivers\volsnap.sys
02:31:20.0600 4428	volsnap - ok
02:31:20.0647 4428	vsmraid         (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
02:31:20.0666 4428	vsmraid - ok
02:31:20.0746 4428	WacomPen        (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
02:31:20.0815 4428	WacomPen - ok
02:31:20.0874 4428	Wanarp          (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
02:31:20.0894 4428	Wanarp - ok
02:31:20.0910 4428	Wanarpv6        (6798c1209a53b5a0ded8d437c45145ff) C:\Windows\system32\DRIVERS\wanarp.sys
02:31:20.0923 4428	Wanarpv6 - ok
02:31:21.0017 4428	Wd              (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
02:31:21.0032 4428	Wd - ok
02:31:21.0148 4428	Wdf01000        (7b5f66e4a2219c7d9daf9e738480e534) C:\Windows\system32\drivers\Wdf01000.sys
02:31:21.0199 4428	Wdf01000 - ok
02:31:21.0433 4428	WmiAcpi         (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
02:31:21.0512 4428	WmiAcpi - ok
02:31:21.0653 4428	WpdUsb          (2d27171b16a577ef14c1273668753485) C:\Windows\system32\DRIVERS\wpdusb.sys
02:31:21.0710 4428	WpdUsb - ok
02:31:21.0801 4428	ws2ifsl         (84620aecdcfd2a7a14e6263927d8c0ed) C:\Windows\system32\drivers\ws2ifsl.sys
02:31:21.0855 4428	ws2ifsl - ok
02:31:21.0939 4428	WUDFRd          (a2aafcc8a204736296d937c7c545b53f) C:\Windows\system32\DRIVERS\WUDFRd.sys
02:31:22.0004 4428	WUDFRd - ok
02:31:22.0059 4428	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk0\DR0
02:31:22.0254 4428	\Device\Harddisk0\DR0 - ok
02:31:22.0259 4428	Boot (0x1200)   (407ed28032ea86bddbcdfad35a71d3fc) \Device\Harddisk0\DR0\Partition0
02:31:22.0263 4428	\Device\Harddisk0\DR0\Partition0 - ok
02:31:22.0309 4428	Boot (0x1200)   (f7ff6ff7732d5379a9bde014a15bd11d) \Device\Harddisk0\DR0\Partition1
02:31:22.0310 4428	\Device\Harddisk0\DR0\Partition1 - ok
02:31:22.0311 4428	============================================================
02:31:22.0311 4428	Scan finished
02:31:22.0311 4428	============================================================
02:31:22.0327 5684	Detected object count: 2
02:31:22.0327 5684	Actual detected object count: 2
02:31:33.0679 5684	ASAPIW2K ( UnsignedFile.Multi.Generic ) - skipped by user
02:31:33.0679 5684	ASAPIW2K ( UnsignedFile.Multi.Generic ) - User select action: Skip 
02:31:33.0680 5684	VOBID ( UnsignedFile.Multi.Generic ) - skipped by user
02:31:33.0680 5684	VOBID ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Antwort

Themen zu TR/Trash.Gen (Systemfix, Gema, und weitere Viren)
adobe, alternate, antivir, autorun, avg, avira, bho, branding, c:\windows\system32\rundll32.exe, defender, desktop, device driver, druck, entfernen, error, excel.exe, firefox, format, google, home, hotspot, hotspot shield, limited.com/facebook, mp3, port, realtek, registry, required, rundll, scan, software, super, systemwiederherstellung gemacht, trojaner, trojaner systemfix gema, usb, viren, virus-meldungen, vista, wenig ahnung



Ähnliche Themen: TR/Trash.Gen (Systemfix, Gema, und weitere Viren)


  1. Fastsearchings.info und vermutlich weitere Viren
    Plagegeister aller Art und deren Bekämpfung - 15.07.2014 (15)
  2. BKA Virus und weitere Trojaner/Viren!
    Log-Analyse und Auswertung - 15.09.2013 (17)
  3. Viren auf Diskstation und PC - Adware.GamePlayLabs und weitere
    Log-Analyse und Auswertung - 28.05.2013 (13)
  4. Browserprobleme, Viren-/Malwarefunde: PSW.Delf.OCM , Black.F , Trash.Gen
    Log-Analyse und Auswertung - 13.08.2012 (12)
  5. TR/Rogue.kdv.665537 uns weitere Viren, Java
    Log-Analyse und Auswertung - 11.07.2012 (5)
  6. TR/Spy.Banker.Gen2 und TR/Offend.kdv.580984.1 und weitere Viren. Was tun ?
    Mülltonne - 01.04.2012 (2)
  7. GEMA-Trojaner mit Tool bereinigt, weitere Schritte?
    Plagegeister aller Art und deren Bekämpfung - 25.03.2012 (1)
  8. SystemFix auf meinem Laptop
    Plagegeister aller Art und deren Bekämpfung - 12.01.2012 (48)
  9. Systemfix entfernt - PC wieder sauber?
    Log-Analyse und Auswertung - 15.12.2011 (41)
  10. GEMA Virus vorerst bekämpft! Weitere Schritte?
    Plagegeister aller Art und deren Bekämpfung - 08.12.2011 (1)
  11. backdoor.gen5 und weitere Viren
    Log-Analyse und Auswertung - 08.12.2011 (55)
  12. Gema-Trojaner und weitere Funde
    Log-Analyse und Auswertung - 21.11.2011 (29)
  13. Mehrere Viren eingefangen: TR/Trash.Gen, HTML/ExpKit.Gen2, EXP/Java.aqe etc.
    Log-Analyse und Auswertung - 23.05.2011 (37)
  14. Diverse Viren auf Laptop: TR/Trash.Gen // TR/Spy.Agent.blbk // TR/Rootkit.Gen2'
    Mülltonne - 28.10.2010 (1)
  15. Viren auf Webseite & weitere Probleme
    Plagegeister aller Art und deren Bekämpfung - 08.04.2009 (1)
  16. TR/Trash.Gen und weitere
    Plagegeister aller Art und deren Bekämpfung - 31.12.2008 (1)
  17. Verdacht auf weitere Viren
    Log-Analyse und Auswertung - 03.09.2008 (7)

Zum Thema TR/Trash.Gen (Systemfix, Gema, und weitere Viren) - Hallo Ihr Lieben, erstmal ein großes Lob dass es so eine tolle Online-Hilfe gibt auf die ich durch Google gestoßen bin und meine letzte Hoffnung ist. Da ich wenig Ahnung - TR/Trash.Gen (Systemfix, Gema, und weitere Viren)...
Archiv
Du betrachtest: TR/Trash.Gen (Systemfix, Gema, und weitere Viren) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.