Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC hängt immer wieder

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 02.01.2012, 21:19   #1
eule1992
 
PC hängt immer wieder - Ausrufezeichen

PC hängt immer wieder



Hallo erst einmal,

Ich habe einen HP dv 7 mit :
Prozessor: intel(R) Core(TM) i 3 CPU,M350, @ 2,27GHz
Installierter Arbeitsspeicher: 4,00GB (3,80GB verwendbar), Systemtyp: 64 Bit-Betriebssystem.


Beim Suchen nach einer Lösung, die mein PC-Problem beheben könnte, bin ich auf dieses Forum geraten. Nun zu meinem Problem:
Seit ca. einer Woche hängt mein PC immer mal wieder. Öffne ich während dieser Phasen ( wenn der Pc hängt) den Taskmanager, so liegt meist eine Computer Auslastung von 50-100% vor. Die Computer Auslastung verändert sich dabei immer sehr schnell, das heisst, das es in dem einen Moment bei 55% liegt und kurz darauf schon wieder bei 98 %. Anfangs, also bevor mein PC anfing zu hängen, stockten meist nur filme, die ich mir auf der Seite Kinox.to anschaute. Doch nach kurzer Zeit fing mein Pc an Komplett zu hängen.Habe auch schon ein Anti-Viren Programm durchlaufen lassen, 3 infizierte Dateien wurden gefunden und gelöscht, doch das Problem blieb. Dann habe ich meine Festplatte, mit einem schon vorinstallierten Programm von HP, defragmentiert. Doch nichts half. Als ich mir selber nicht mehr zu helfen wusste, stieß ich auf diese Seite und habe dann logfiles erstellt. Bitte helft mir, ich kann so mit meinem pc nichts anfangen


Die Logfiles ( OTL Logfile und OTL EXtRAs Logfile) befinden sich unter diesem Beitrag)

Bitte um schnelle Antwort:S

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.01.2012 15:46:11 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\xx.xx-PC\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 2,36 Gb Available Physical Memory | 62,08% Memory free
7,60 Gb Paging File | 5,65 Gb Available in Paging File | 74,35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 274,34 Gb Total Space | 214,62 Gb Free Space | 78,23% Space Free | Partition Type: NTFS
Drive D: | 23,46 Gb Total Space | 3,43 Gb Free Space | 14,60% Space Free | Partition Type: NTFS
Drive E: | 99,34 Mb Total Space | 88,70 Mb Free Space | 89,29% Space Free | Partition Type: FAT32
 
Computer Name: xx-PC | User Name: xx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\xx.xx-PC\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.EXE (Intel Corporation)
PRC - C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS)
PRC - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\07cdef1a740151932dcf161f3306bd9c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\70e2ca33ffa52c743285dc5b4910a229\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7c94a121334aeca7553c7f01290740f0\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll ()
MOD - C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll ()
MOD - C:\Program Files (x86)\Multimedia Mouse Driver\MouseDrv.exe ()
MOD - C:\Program Files (x86)\Multimedia Mouse Driver\MouseHook.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (hpsrv) -- C:\Windows\SysNative\hpservice.exe (Hewlett-Packard Company)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (STacSV) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\stacsv64.exe (IDT, Inc.)
SRV:64bit: - (vcsFPService) -- C:\Windows\SysNative\vcsFPService.exe (Validity Sensors, Inc.)
SRV:64bit: - (HP Wireless Assistant Service) -- C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe (Hewlett-Packard)
SRV:64bit: - (AESTFilters) -- C:\Windows\SysNative\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_1c0e2d1db9f5b08e\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (vToolbarUpdater) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\9.0.1\ToolbarUpdater.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (TeamViewer6) -- C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (HPDrvMntSvc.exe) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe (Hewlett-Packard Company)
SRV - (HP Support Assistant Service) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe (Hewlett-Packard Company)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (SeaPort) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (DvmMDES) -- C:\SwSetup\QuickWeb\QW.SYS\config\DVMExportService.exe (DeviceVM, Inc.)
SRV - (HPWMISVC) -- C:\Programme\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe ()
SRV - (vcsFPService) -- C:\Windows\SysWOW64\vcsFPService.exe (Validity Sensors, Inc.)
SRV - (DpHost) Biometric Authentication Service (Biometrischer Authentifizierungsservice) -- C:\Programme\DigitalPersona\Bin\DpHostW.exe (DigitalPersona, Inc.)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (hpdskflt) -- C:\Windows\SysNative\drivers\hpdskflt.sys (Hewlett-Packard Company)
DRV:64bit: - (Accelerometer) -- C:\Windows\SysNative\drivers\Accelerometer.sys (Hewlett-Packard Company)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (DVMIO) -- C:\Windows\SysNative\drivers\dvmio.sys (DeviceVM, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (SrvHsfV92) -- C:\Windows\SysNative\drivers\VSTDPV6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfWinac) -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (SrvHsfHDA) -- C:\Windows\SysNative\drivers\VSTAZL6.SYS (Conexant Systems, Inc.)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (StarOpen) -- C:\Windows\SysWow64\drivers\StarOpen.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = HP | MSN
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..network.proxy.type: 0
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\otis@digitalpersona.com: C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ [2010.05.18 02:12:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.25 21:02:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.29 23:29:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.17 14:51:34 | 000,000,000 | ---D | M]
 
[2011.12.25 21:35:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xx.xx-PC\AppData\Roaming\mozilla\Extensions
[2011.12.26 21:59:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xx.xx-PC\AppData\Roaming\mozilla\Firefox\Profiles\zq6z62ld.default\extensions
[2011.12.25 22:38:24 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\Users\xx.xx-PC\AppData\Roaming\mozilla\Firefox\Profiles\zq6z62ld.default\extensions\avg@toolbar
[2011.12.29 23:29:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2011.12.21 08:42:29 | 000,121,816 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.11.10 05:54:13 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011.12.21 06:08:50 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.26 22:06:15 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2011.12.21 06:02:40 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.12.21 06:08:50 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.12.21 06:08:50 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.12.21 06:08:50 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.12.21 06:08:50 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP SimplePass Identity Protection Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Programme\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (HP SimplePass Identity Protection Extension) - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files (x86)\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\9.0.0.22\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Programme\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)
O4:64bit: - HKLM..\Run: [HPToneControl] C:\Programme\Hewlett-Packard\HPToneControl\HPToneCtl.exe (Hewlett-Packard )
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WireLessMouse] C:\Program Files (x86)\Multimedia Mouse Driver\StartAutorun.exe MouseDrv.exe File not found
O4 - HKCU..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{40249132-A89E-4866-B130-5EC10F7409CE}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\9.0.1\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe) - C:\Program Files (x86)\DigitalPersona\Bin\DPAgent.exe (DigitalPersona, Inc.)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O28 - HKLM ShellExecuteHooks: UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.01.01 15:17:32 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{078F4804-E124-4407-A033-A9459254C7C2}
[2012.01.01 15:17:19 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{4ABC35B2-8AD2-4A6A-8B00-BE01B0C8B605}
[2012.01.01 01:56:47 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{119585D7-0113-49B7-B163-580ADBA15583}
[2012.01.01 01:56:37 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{1596065F-2B15-494B-93D1-881B412559B3}
[2011.12.30 22:56:10 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\Documents\Webcam
[2011.12.30 22:56:09 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\CyberLink
[2011.12.30 13:33:29 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{FC23DFE9-2C21-42B7-8B2B-57BD58AE2906}
[2011.12.30 13:33:19 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{8E5C2734-BBAF-4EF7-A8C9-FB6B29C3F109}
[2011.12.30 01:06:47 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{23CF6349-91C6-4B64-8A1A-DE205A616A6B}
[2011.12.30 01:06:36 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{D6902C0F-3F6D-4A98-BA30-A007F3D575DB}
[2011.12.29 13:43:21 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Apple
[2011.12.29 13:06:03 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{F8C93F87-BE69-4BA9-A830-77115C125E50}
[2011.12.29 13:05:53 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{8A7EFADE-6F42-4995-8C17-8CF6DCACAB88}
[2011.12.28 13:22:07 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{351B29F0-BCE5-4294-89B2-984CA3B5C6A9}
[2011.12.28 13:21:56 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{817CA017-48B9-4E12-96B9-FA1F0989B455}
[2011.12.27 15:47:23 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{CB8A3BAF-1566-427E-8EC8-C92799516FB9}
[2011.12.27 15:47:12 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{C9CCC018-A659-4E6D-A96C-495BAC718D76}
[2011.12.26 23:48:49 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Adobe
[2011.12.26 22:06:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG Secure Search
[2011.12.26 21:31:17 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\_MDLogs
[2011.12.26 21:10:37 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Avira
[2011.12.26 21:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2011.12.26 21:06:42 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{CA807AD1-EE84-46D3-8AE5-C831FCEF310F}
[2011.12.26 21:06:38 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.26 21:06:38 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.12.26 21:06:38 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.26 21:06:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2011.12.26 21:06:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2011.12.26 21:06:31 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{D3B8EE5E-BDD7-4870-9E28-DE9558D5E0CF}
[2011.12.26 20:39:02 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{E595D89F-931D-4FF6-834E-EBF3AF71E54C}
[2011.12.26 20:38:52 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\{0A5D4644-2679-4B99-B3E0-30EB44325943}
[2011.12.26 20:38:38 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\Tracing
[2011.12.26 17:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2011.12.26 17:30:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2011.12.26 17:26:10 | 000,000,000 | ---D | C] -- C:\Windows\de
[2011.12.26 17:18:58 | 000,048,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fssfltr.sys
[2011.12.26 17:17:40 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_5.dll
[2011.12.26 17:17:40 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAPOFX1_3.dll
[2011.12.26 17:17:39 | 000,523,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3dx10_42.dll
[2011.12.26 17:17:39 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx10_42.dll
[2011.12.26 17:16:30 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Windows Live
[2011.12.26 17:15:32 | 001,292,136 | ---- | C] (Microsoft Corporation) -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\wlsetup-web_Live Messenger.exe
[2011.12.26 17:12:13 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Macrovision
[2011.12.26 16:59:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2011.12.26 13:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1}
[2011.12.25 23:10:36 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Malwarebytes
[2011.12.25 23:10:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011.12.25 23:09:33 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011.12.25 22:39:46 | 000,034,624 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.12.25 22:39:27 | 000,025,920 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.12.25 22:39:26 | 000,021,312 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.12.25 22:38:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012
[2011.12.25 22:37:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\AVG Secure Search
[2011.12.25 22:37:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2011.12.25 22:37:24 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2011.12.25 22:35:51 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\TuneUp Software
[2011.12.25 22:35:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2012
[2011.12.25 22:26:43 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2011.12.25 22:26:13 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2011.12.25 22:23:40 | 002,861,613 | ---- | C] (InstallShield Software Corporation) -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EClea2.0.6.380.exe
[2011.12.25 21:47:28 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\PackageAware
[2011.12.25 21:36:44 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Macromedia
[2011.12.25 21:36:44 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Adobe
[2011.12.25 21:34:03 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Mozilla
[2011.12.25 21:34:03 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Mozilla
[2011.12.25 21:17:44 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\AskToolbar
[2011.12.25 21:17:17 | 000,000,000 | ---D | C] -- C:\Firefox
[2011.12.25 21:17:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2011.12.25 21:16:12 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\hpqlog
[2011.12.25 21:16:04 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Hewlett-Packard
[2011.12.25 21:12:21 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\ATI
[2011.12.25 21:12:21 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\ATI
[2011.12.25 21:11:12 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Apple Computer
[2011.12.25 21:11:11 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Apple Computer
[2011.12.25 21:10:39 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Hewlett-Packard
[2011.12.25 21:07:51 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2011.12.25 21:07:51 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2011.12.25 21:07:50 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Searches
[2011.12.25 21:07:30 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Identities
[2011.12.25 21:07:18 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Contacts
[2011.12.25 21:06:53 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\VirtualStore
[2011.12.25 21:06:20 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\DigitalPersona
[2011.12.25 21:06:20 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\DigitalPersona
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Vorlagen
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\AppData\Local\Verlauf
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\AppData\Local\Temporary Internet Files
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Startmenü
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\SendTo
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Recent
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Netzwerkumgebung
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Lokale Einstellungen
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Druckumgebung
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Cookies
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\AppData\Local\Anwendungsdaten
[2011.12.25 21:05:58 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Anwendungsdaten
[2011.12.25 21:05:57 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Documents\Eigene Videos
[2011.12.25 21:05:57 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Documents\Eigene Musik
[2011.12.25 21:05:57 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Eigene Dateien
[2011.12.25 21:05:57 | 000,000,000 | -HSD | C] -- C:\Users\xx.xx-PC\Documents\Eigene Bilder
[2011.12.25 21:05:55 | 000,000,000 | --SD | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Music
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Links
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Favorites
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Downloads
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Documents
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Desktop
[2011.12.25 21:05:55 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2011.12.25 21:05:55 | 000,000,000 | -H-D | C] -- C:\Users\xx.xx-PC\AppData
[2011.12.25 21:05:55 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Temp
[2011.12.25 21:05:55 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Microsoft Help
[2011.12.25 21:05:55 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Local\Microsoft
[2011.12.25 21:05:55 | 000,000,000 | ---D | C] -- C:\Users\xx.xx-PC\AppData\Roaming\Media Center Programs
[2011.12.25 21:05:54 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Videos
[2011.12.25 21:05:54 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Saved Games
[2011.12.25 21:05:54 | 000,000,000 | R--D | C] -- C:\Users\xx.xx-PC\Pictures
[2011.12.20 02:00:13 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.12.20 02:00:13 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.12.20 02:00:13 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.12.19 00:33:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GStudio7
[2011.12.18 20:49:34 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security Scan
[2011.12.18 20:49:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64
[2011.12.18 20:49:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Security Scan
[2011.12.18 20:49:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NSSx64\0305010.00A
[2011.12.18 20:49:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2011.12.18 15:50:03 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2011.12.14 20:37:09 | 000,000,000 | ---D | C] -- C:\ProgramData\EA Core
[2011.12.14 16:03:23 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2011.12.14 16:03:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2011.12.14 16:03:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2011.12.14 16:03:22 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2011.12.14 16:03:21 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2011.12.14 16:03:21 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2011.12.14 16:03:20 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2011.12.14 16:03:20 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2011.12.14 16:03:20 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2011.12.14 16:03:20 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2011.12.14 16:03:19 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2011.12.14 14:00:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.01.01 15:52:37 | 001,310,720 | -HS- | M] () -- C:\Users\xx.xx-PC\NTUSER.DAT
[2012.01.01 15:24:24 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.01.01 15:24:24 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.01.01 15:16:34 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2012.01.01 15:16:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.01.01 15:16:24 | 3062,255,616 | -HS- | M] () -- C:\hiberfil.sys
[2012.01.01 02:11:44 | 002,557,658 | -H-- | M] () -- C:\Users\xx.xx-PC\AppData\Local\IconCache.db
[2011.12.29 23:29:49 | 000,001,098 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.12.28 13:51:44 | 000,018,684 | ---- | M] () -- C:\Users\xx.xx-PC\Desktop\TU BS.pdf
[2011.12.28 13:21:03 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForxx.job
[2011.12.26 21:22:10 | 000,001,488 | ---- | M] () -- C:\Users\xx.xx-PC\Desktop\Media Player.lnk
[2011.12.26 21:07:00 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.26 20:16:48 | 000,000,454 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for xx.job
[2011.12.26 17:20:44 | 000,002,446 | ---- | M] () -- C:\Users\xx.xx-PC\Desktop\Windows Live Messenger.lnk
[2011.12.26 17:07:07 | 000,128,224 | ---- | M] () -- C:\Users\xx.xx-PC\AppData\Local\GDIPFONTCACHEV1.DAT
[2011.12.26 17:05:20 | 000,457,328 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2011.12.26 17:02:35 | 000,003,095 | ---- | M] () -- C:\Users\xx.xx-PC\Desktop\Microsoft PowerPoint 2010.lnk
[2011.12.26 17:02:35 | 000,003,029 | ---- | M] () -- C:\Users\xx.xx-PC\Desktop\Microsoft Word 2010.lnk
[2011.12.26 17:02:34 | 000,002,965 | ---- | M] () -- C:\Users\xx.xx-PC\Desktop\Microsoft Access 2010.lnk
[2011.12.26 16:54:10 | 000,000,478 | ---- | M] () -- C:\Windows\win.ini
[2011.12.25 22:53:55 | 000,524,288 | -HS- | M] () -- C:\Users\xx.xx-PC\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011.12.25 22:53:55 | 000,524,288 | -HS- | M] () -- C:\Users\xx.xx-PC\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.12.25 22:53:55 | 000,065,536 | -HS- | M] () -- C:\Users\xx.xx-PC\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.12.25 21:05:58 | 000,000,020 | -HS- | M] () -- C:\Users\xx.xx-PC\ntuser.ini
[2011.12.25 20:16:31 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011.12.25 20:16:31 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.12.25 20:16:31 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011.12.25 20:16:31 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.12.25 20:16:30 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.12.21 16:48:13 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForHanan.job
[2011.12.18 23:23:25 | 000,000,452 | -H-- | M] () -- C:\Windows\tasks\Norton Security Scan for Hanan.job
[2011.12.18 20:49:37 | 000,001,308 | ---- | M] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2011.12.15 14:59:59 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011.12.14 12:23:40 | 000,034,624 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2011.12.14 12:23:22 | 000,025,920 | ---- | M] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2011.12.14 12:23:22 | 000,021,312 | ---- | M] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2011.12.13 17:06:18 | 464,320,105 | ---- | M] () -- C:\Windows\MEMORY.DMP
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011.12.29 23:29:49 | 000,001,098 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2011.12.29 23:29:48 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2011.12.28 13:51:43 | 000,018,684 | ---- | C] () -- C:\Users\xx.xx-PC\Desktop\TU BS.pdf
[2011.12.27 20:34:53 | 000,000,336 | ---- | C] () -- C:\Windows\tasks\HPCeeScheduleForxx.job
[2011.12.26 21:22:10 | 000,001,488 | ---- | C] () -- C:\Users\xx.xx-PC\Desktop\Media Player.lnk
[2011.12.26 21:07:00 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2011.12.26 17:30:58 | 000,000,454 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for xx.job
[2011.12.26 17:23:10 | 000,001,265 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[2011.12.26 17:22:41 | 000,001,334 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[2011.12.26 17:21:42 | 000,001,418 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[2011.12.26 17:20:44 | 000,002,446 | ---- | C] () -- C:\Users\xx.xx-PC\Desktop\Windows Live Messenger.lnk
[2011.12.26 17:02:35 | 000,003,095 | ---- | C] () -- C:\Users\xx.xx-PC\Desktop\Microsoft PowerPoint 2010.lnk
[2011.12.26 17:02:35 | 000,003,029 | ---- | C] () -- C:\Users\xx.xx-PC\Desktop\Microsoft Word 2010.lnk
[2011.12.26 17:02:34 | 000,002,965 | ---- | C] () -- C:\Users\xx.xx-PC\Desktop\Microsoft Access 2010.lnk
[2011.12.25 22:53:53 | 002,557,658 | -H-- | C] () -- C:\Users\xx.xx-PC\AppData\Local\IconCache.db
[2011.12.25 22:38:34 | 000,002,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2012.lnk
[2011.12.25 21:16:02 | 000,128,224 | ---- | C] () -- C:\Users\xx.xx-PC\AppData\Local\GDIPFONTCACHEV1.DAT
[2011.12.25 21:09:26 | 000,001,399 | ---- | C] () -- C:\Users\xx.xx-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2011.12.25 21:09:25 | 000,001,405 | ---- | C] () -- C:\Users\xx.xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2011.12.25 21:05:58 | 000,000,020 | -HS- | C] () -- C:\Users\xx.xx-PC\ntuser.ini
[2011.12.25 21:05:57 | 000,524,288 | -HS- | C] () -- C:\Users\xx.xx-PC\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2011.12.25 21:05:57 | 000,524,288 | -HS- | C] () -- C:\Users\xx.xx-PC\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2011.12.25 21:05:57 | 000,065,536 | -HS- | C] () -- C:\Users\xx.xx-PC\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2011.12.25 21:05:54 | 001,310,720 | -HS- | C] () -- C:\Users\xx.xx-PC\NTUSER.DAT
[2011.12.18 20:49:38 | 000,000,452 | -H-- | C] () -- C:\Windows\tasks\Norton Security Scan for Hanan.job
[2011.12.18 20:49:37 | 000,001,308 | ---- | C] () -- C:\Users\Public\Desktop\Norton Security Scan.lnk
[2011.12.18 20:49:34 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NSSx64\0305010.00A\isolate.ini
[2010.12.17 01:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010.11.06 16:57:41 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2010.11.06 16:54:48 | 000,005,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\StarOpen.sys
[2010.09.15 19:50:30 | 000,000,243 | ---- | C] () -- C:\ProgramData\MusicStation.xml
[2010.09.15 19:10:26 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2010.09.14 17:36:40 | 000,000,403 | ---- | C] () -- C:\Windows\ODBC.INI
[2010.09.14 17:36:35 | 000,000,035 | ---- | C] () -- C:\Windows\vbaddin.ini
[2010.05.18 01:46:45 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.05.18 01:40:15 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2010.05.18 01:38:39 | 000,000,299 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog2.ini
[2010.05.18 01:38:39 | 000,000,240 | ---- | C] () -- C:\Windows\SysWow64\RStoneLog.ini
[2010.03.03 00:57:08 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2010.03.02 23:56:23 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010.01.27 17:05:52 | 000,012,800 | ---- | C] () -- C:\Windows\LPRES.DLL
[2010.01.22 17:08:32 | 000,870,544 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.01.22 17:08:32 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010.01.22 17:08:32 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010.01.22 17:08:30 | 000,051,068 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.01.22 17:08:28 | 000,127,896 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2009.12.30 10:57:04 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPFPApi.dll.hpsign
[2009.12.30 10:57:04 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPClback.dll.hpsign
[2009.12.29 22:36:24 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPPassFilter.dll.hpsign
[2009.12.29 22:36:24 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPCrProv.dll.hpsign
[2009.12.29 22:35:50 | 000,000,256 | ---- | C] () -- C:\Windows\SysWow64\DPFPApiUI.dll.hpsign
[2009.11.30 14:55:34 | 000,370,312 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2009.10.26 23:06:08 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:35:42 | 000,001,405 | ---- | C] () -- C:\Windows\msdfmap.ini
[2009.07.14 03:34:57 | 000,000,478 | ---- | C] () -- C:\Windows\win.ini
[2009.07.14 03:34:57 | 000,000,219 | ---- | C] () -- C:\Windows\system.ini
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:59:36 | 001,498,564 | ---- | C] () -- C:\Windows\SysWow64\igkrng400.bin
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.10.27 14:16:40 | 000,138,512 | ---- | C] () -- C:\Windows\SysWow64\OUTLCTL.DLL
[1999.01.22 19:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL
 
========== LOP Check ==========
 
[2011.12.25 21:06:20 | 000,000,000 | ---D | M] -- C:\Users\xx.xx-PC\AppData\Roaming\DigitalPersona
[2011.12.25 22:35:51 | 000,000,000 | ---D | M] -- C:\Users\xx.xx-PC\AppData\Roaming\TuneUp Software
[2011.12.26 21:31:17 | 000,000,000 | ---D | M] -- C:\Users\xx.xx-PC\AppData\Roaming\_MDLogs
[2011.11.30 20:56:41 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
< End of report >
         
--- --- ---
Angehängte Dateien
Dateityp: txt Extras.Txt (90,3 KB, 243x aufgerufen)

Alt 04.01.2012, 18:03   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder - Standard

PC hängt immer wieder



Zitat:
3 infizierte Dateien wurden gefunden und gelöscht,
Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner.
__________________

__________________

Alt 05.01.2012, 20:31   #3
eule1992
 
PC hängt immer wieder - Standard

PC hängt immer wieder



Hallo Arne,

leider habe ich den Virenscanner, den ich damals alternativ verwendet habe, da mein Avira Scanner nicht geöffnet werden konnte, frühzeitig gelöscht, und dessen Verlauf nicht gespeichert.


Neulich, als mein Pc wieder hing, öffnete ich den Taskmanager und dort fiel mir dann folgendes auf, ich hoffe das dies das Problem ist und du mir dabei helfen kannst:

Das CPU des Prozesses WmiPrvSE.exe, des Netzwerkdienstes war erhöht, jedesmal wenn dieser von beispielsweise 30 auf 35 CPU anstieg, stieg auch die Computer-Auslastung an, sank dieser , so geschah gleicheres mit WmiPrvSE.exe. Bei den Leerlaufprozessen, des Systemes liegt meist eine CPU von 30-90 vor, diese hat eine entsprechende Wirkung auf die PC Auslastung.

Falls du ein Abbild aller Prozesse während mein Pc hängt benötigst, so schreibe es in deine Antwort.

DANKE SCHONMAL
__________________

Geändert von eule1992 (05.01.2012 um 21:01 Uhr)

Alt 05.01.2012, 21:05   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC hängt immer wieder - Standard

PC hängt immer wieder



Zitat:
und dessen Verlauf nicht gespeicher
Dann hast du Spuren damit vernichtet. Fraglich ob man jetzt noch die Ursache finden kann...


Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu PC hängt immer wieder
0x00000001, 64-bit, anti-viren programm, avg secure search, avg security toolbar, avira searchfree toolbar, bingbar, document, igdpmd64.sys, infizierte dateien, launch, pc-problem, sched.exe, secure search, staropen, vtoolbarupdater, webcheck, wildtangent games



Ähnliche Themen: PC hängt immer wieder


  1. langsamer rechner, hängt sich immer wieder auf
    Plagegeister aller Art und deren Bekämpfung - 25.06.2015 (17)
  2. PC hängt sich immer wieder auf - Zwangsneustart erforderlich
    Netzwerk und Hardware - 06.05.2015 (11)
  3. Pc hängt sich für 1-2 sec immer wieder auf und cpu auslastung bei 100%
    Plagegeister aller Art und deren Bekämpfung - 03.03.2015 (5)
  4. Windows 8/ Rechner hängt sich immer wieder auf
    Log-Analyse und Auswertung - 28.08.2014 (11)
  5. Windows 8/ Rechner hängt sich immer wieder auf
    Alles rund um Windows - 02.07.2014 (1)
  6. PC hängt sich immer wieder auf
    Alles rund um Windows - 13.06.2014 (8)
  7. Win7 hängt sich immer wieder auf, Verdacht auf Trojaner
    Log-Analyse und Auswertung - 14.10.2013 (4)
  8. Superfish auf Windows XP und der PC hängt sich immer wieder auf
    Plagegeister aller Art und deren Bekämpfung - 08.10.2013 (13)
  9. PC hängt sich immer wieder auf
    Alles rund um Windows - 17.03.2013 (0)
  10. PC hängt immer wieder und stürzt im IE und FF ab...
    Log-Analyse und Auswertung - 03.12.2012 (22)
  11. Firefox hängt immer wieder kurzfristig bei Seitenaufbau
    Plagegeister aller Art und deren Bekämpfung - 03.05.2012 (32)
  12. PC hängt sich immer wieder auf?
    Plagegeister aller Art und deren Bekämpfung - 22.05.2011 (17)
  13. 100% CPU Auslastung, PC sehr langsam, hängt immer wieder minutenlang
    Log-Analyse und Auswertung - 21.06.2010 (1)
  14. Pc stürzt immer wieder ab / hängt sich auf mit Windows 7
    Alles rund um Windows - 26.01.2010 (0)
  15. Hilfe PC hängt sich beim Hochfahren immer wieder auf
    Log-Analyse und Auswertung - 04.02.2009 (0)
  16. Mein PC hängt sich immer wieder auf....
    Log-Analyse und Auswertung - 02.12.2008 (0)
  17. PC hängt immer wieder.... kann jemand bitte mal nachschauen?
    Log-Analyse und Auswertung - 11.05.2007 (8)

Zum Thema PC hängt immer wieder - Hallo erst einmal, Ich habe einen HP dv 7 mit : Prozessor: intel(R) Core(TM) i 3 CPU,M350, @ 2,27GHz Installierter Arbeitsspeicher: 4,00GB (3,80GB verwendbar), Systemtyp: 64 Bit-Betriebssystem. Beim Suchen nach - PC hängt immer wieder...
Archiv
Du betrachtest: PC hängt immer wieder auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.