Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.02.2012, 16:54   #1
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Hallo zusammen,

nun hat es mich also auch einmal erwischt, nach vielen Jahren ohne Probleme mit Viren und Co. Gestern tauchte dann dieser Warnhinweis auf, Taskmanager und Co. gingen nicht mehr. Das passierte, als ein Update, für ein Spiel, installiert wurde, direkt vom Hersteller. Kein Surfen im Netz zu dem Zeitpunkt.

Wenn ich das richtig hier lese, ann braucht ihr zuerst 2 Logfiles. Die poste ich jetzt mal hier rein, wenn es noch mehr braucht, einfach sagen.

Code:
ATTFilter
OTL Extras logfile created on: 06.02.2012 17:39:33 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Andreas\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,17% Memory free
8,21 Gb Paging File | 5,84 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): i:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 7,57 Gb Free Space | 10,34% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS
Drive G: | 66,49 Gb Total Space | 16,81 Gb Free Space | 25,27% Space Free | Partition Type: NTFS
Drive H: | 98,12 Gb Total Space | 53,87 Gb Free Space | 54,91% Space Free | Partition Type: NTFS
Drive I: | 134,76 Gb Total Space | 35,54 Gb Free Space | 26,37% Space Free | Partition Type: NTFS
 
Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 73 00 61 98 9A 8B C8 01  [binary data]
"VistaSp2" = 55 7D 0A D4 F8 DE C9 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA3F193-D701-4F85-A305-34D665E85AA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{0B6477AB-596D-4298-9204-D72A16071A24}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{0C474E9D-768E-4331-8D58-EBB0F7E7E447}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{168D96D3-8891-47B7-A2A3-FAE7C4D4D9F5}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{1A941407-0BFF-43E8-AF1C-E086E4F70C12}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{1B42FFFD-D259-4FD5-8AEC-E6E8BCBAF255}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{1C829E48-51A7-4238-9C90-376E0552C6B7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{1FC06B37-6FBA-4FB1-97F0-8E352E8141F9}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{2510D59B-3B98-4034-B65D-D7D7FB386CED}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{2B0EC09B-B2C3-4FDC-A4CA-4BB48B2DB1AD}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{2F0F0511-7F33-4639-B5F0-6A47025DEDF3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{31BA2E3D-5967-41FE-BBFE-2ED8BCF8E7F9}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{341BD94C-1047-440C-8385-7D8C11469495}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 
"{3786176A-916F-4DF9-9B63-0E96B0801F2A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{39495BC2-7065-41EA-B94D-B128A3D568DA}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{43A1D7F8-A559-4AD4-9108-F71F179915A2}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{46962477-4940-4657-8E54-F2B324DB4F03}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{50F50612-F212-4EAD-A44B-3EFA9AC6A8FB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{676B5CE3-E1E2-4884-80B1-F6E8E57BDEF6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{6835225E-F5EF-4EF7-B931-8542AD8C65AC}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6BF56210-A8BD-481B-8010-B0B643F2BCBA}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{76CCD1D1-BE93-46AB-BFD2-C9140B638BCE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{77E17B6B-7402-4369-B91F-AFDB56B86973}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{82F970B7-3D55-4908-A55D-17EFACC9FEBE}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{850E4B18-DBB5-4C98-9209-AE84EC6B1B4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A5BE2A71-3794-4F3F-9FAB-8CFD95E44E75}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{A7043835-60AB-4124-9986-356F0D8115EB}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 
"{BC9191C1-5FF7-4558-80B6-DD8142B817C8}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{BEAFCA57-DC28-42A2-A6EF-BE203DBD54DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe | 
"{C6B5C0CE-D343-4933-BF60-D3E6A9C15F3A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D5B6C1E6-1491-41CF-A74C-DBBA3B23C7D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{052BE1F4-B4CA-41F9-9C92-AEF6C8607A40}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{0ACBB0BD-F33C-43CE-957E-26921A539180}" = protocol=17 | dir=in | app=g:\games\curse-update\curse\curseclient.exe | 
"{0C941F73-46BC-4BF2-8FA4-B4984960C45E}" = protocol=6 | dir=in | app=i:\games\anno2070\anno5.exe | 
"{0D3A1401-1B57-4CD5-9C97-C48C53C9C7C8}" = protocol=6 | dir=in | app=g:\games\wow\wow.exe | 
"{18FF1AA2-958D-4D38-9F02-408AB3232AA1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1A6C1426-C972-4B73-88B3-50946EEAB307}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{1E9F0540-A661-4CE9-A964-E4E36ACE070F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{1F3F491B-DA44-4A46-87FD-DC78478DC5AD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{2281D7DF-8732-4DF4-851F-85667548D6D6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{25AABB5C-1D3A-4BEE-B93A-DEEE11C8D431}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe | 
"{2A302ACA-37C2-43B9-B673-4A9D0E9BC48D}" = protocol=17 | dir=in | app=g:\programme\curse\curseclient.exe | 
"{2BE49371-284D-4A14-B237-DFE6FE5BDD90}" = protocol=6 | dir=in | app=i:\games\wow\launcher.exe | 
"{2CAD0F3C-2D7F-4859-A52B-339DE9B98197}" = protocol=6 | dir=in | app=g:\games\wic\wic_online.exe | 
"{30B63419-0CCA-40B1-8D21-A4D6CAB112E7}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe | 
"{3F00F963-CED6-4038-8E78-BA3CD80E2C9A}" = protocol=17 | dir=in | app=g:\games\wic\wic_ds.exe | 
"{3FC34FF8-4975-486F-900A-6E9CEEA764F3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | 
"{3FC96849-F369-4141-BFDB-BAE1EC0DC1A5}" = protocol=6 | dir=in | app=i:\games\anno2070\initengine.exe | 
"{41E389D7-81EC-4BD6-B7FE-3569ACE02689}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{4B69359E-42E9-4568-8CE9-DDD5D5F90281}" = protocol=17 | dir=in | app=i:\games\wow\launcher.exe | 
"{4BD65A27-79D3-4B53-9531-A971029DB4AA}" = protocol=6 | dir=in | app=g:\games\wow\launcher.patch.exe | 
"{5101860A-6F7B-4DFE-8850-BCD4EDD264DF}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{5227FC86-605C-41C0-A5F4-5792F216FE9A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{53C1B67E-ED56-4DD6-91B8-CB668668BF6F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{54569CAF-D323-489F-ACB7-1BE43D77CF54}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{545EB6D1-B90D-4860-A828-B2F819E75274}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{5478C98C-2A6C-4D81-AAEB-DE0CA86AB553}" = protocol=6 | dir=in | app=g:\games\cry-beta-3\crysis mp beta\bin32\crysis.exe | 
"{54CE7B81-4C7F-43D4-85A7-F2E278B1E453}" = protocol=17 | dir=in | app=i:\games\wow\launcher.patch.exe | 
"{5729A6F2-CD0D-4CBD-AEEB-F27777FEFA60}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe | 
"{58D72CD0-A5CA-4A67-AAB7-2DCD46BC2AE8}" = protocol=6 | dir=in | app=i:\games\anno2070\autopatcher.exe | 
"{5E7FC184-6D04-4A84-8EF4-EA393BCF5474}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{5F5D0F35-831B-4E0C-B18E-74A2F49932B0}" = protocol=6 | dir=in | app=h:\star wars-the old republic\launcher.exe | 
"{5F9A8E49-6AC6-43B0-AC5B-D12C43EAD577}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{63A71835-9A76-48E8-B332-DFA1E17BCB2A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe | 
"{659B5904-F19D-4607-8B38-9FD9BA2E5603}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{68037AC9-4F22-47D7-AB90-909806DB0893}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{68F11528-0728-4F44-B187-739D755EF83F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6B36935A-49D1-44AE-8C41-9A5ED0B20C1D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{6E126CB9-0ED0-48B0-BEB2-6D268CB3DAC8}" = protocol=6 | dir=in | app=g:\games\wow\launcher.exe | 
"{77484F17-ADF2-4D76-BFD7-1EE4D953826B}" = protocol=17 | dir=in | app=i:\games\anno2070\anno5.exe | 
"{7C9AF305-051D-4AC8-81F7-2B591115A33B}" = protocol=17 | dir=in | app=h:\star wars-the old republic\launcher.exe | 
"{7CFE74E0-75D6-4A88-A5D4-31920EC39309}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{7EA96289-1994-4AA6-9959-6617485C367E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{80B3D677-4830-497F-8CF0-3FDCAE776D0F}" = protocol=17 | dir=in | app=g:\games\wow\wow.exe | 
"{8346B1F6-12A9-431F-9568-CC6B2EEBE311}" = protocol=17 | dir=in | app=g:\games\wic\wic_online.exe | 
"{866D3242-12A8-4FC0-80D6-00685AA48CE2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{8CC8FAEE-2D2F-4E61-B788-2CB290140C18}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe | 
"{8CE15293-095E-4A88-9FB8-834CEFCDD452}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{8FBC715A-DA00-428F-8CF8-2BD9C6D1ED10}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{90524EF1-DC64-4548-A882-78D1997155A1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{94AD29BA-D745-46DF-8919-8026531B715A}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe | 
"{95BEBB85-FB73-4106-B094-3E2907CFC94A}" = protocol=6 | dir=in | app=i:\games\wow\launcher.patch.exe | 
"{97D6FC91-BF87-4011-AE55-C151774C1321}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | 
"{982D08A7-2634-41AD-BD59-9EA98F112689}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{9FBA2C4F-0B43-4BEF-B152-C5EEAEEC7B98}" = protocol=17 | dir=in | app=g:\games\wow\launcher.patch.exe | 
"{A4C5DC85-2AD4-4718-8599-B3789D09043D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A517D883-2D35-40E4-A745-5542B6E9D351}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{A774104E-5007-4D33-A0B4-2DA0C8634E08}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{A9E40D99-CA3F-43AC-9BF4-ED6B5F38E0A4}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe | 
"{AA01B764-A74B-473A-963A-6A34F7F34D75}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | 
"{AB0CC0EA-90FD-4115-A787-C64E843ADEAA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"{AE3F5F0F-04E3-4685-99F3-23A9394B9C23}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe | 
"{B0D5CC6C-1952-4F81-999B-01B10FEE86C5}" = protocol=17 | dir=in | app=g:\games\wic\wic.exe | 
"{B1C3A08C-B6F9-4347-B20E-BCCC2A81C830}" = protocol=17 | dir=in | app=g:\games\cry-beta-3\crysis mp beta\bin32\crysis.exe | 
"{B686FF9F-F732-4F8A-A447-1C21DCAF4CDD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe | 
"{B953ACA5-75B0-49DA-AF03-53FB1E7C71E6}" = protocol=17 | dir=in | app=i:\games\wow\blizzard downloader.exe | 
"{BA357AF2-BB10-415B-9D8D-2F8342B91ABA}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{BC5D9CB1-A212-4C74-AACB-A58A95879484}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{BE87105B-5014-4EA4-97D7-0F9733F66DA1}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe | 
"{C3464EFA-D9E4-48A3-B7D9-7325AE001BA8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe | 
"{C6AD9BDC-32DE-4639-98AD-A1F3E9C57DE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{C845F0CE-45B4-48E1-BC2A-88AE7BED07ED}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{CDA177F1-AB08-446B-B57F-30E5ED50F264}" = protocol=17 | dir=in | app=h:\star wars-the old republic\launcher.exe | 
"{D3F320C8-B80B-4E78-9D75-25673467A044}" = protocol=17 | dir=in | app=i:\games\anno2070\initengine.exe | 
"{D5B5296D-1FE8-4DA0-8F93-491330D20351}" = protocol=6 | dir=in | app=h:\star wars-the old republic\launcher.exe | 
"{D5F6E41B-2ECA-4016-BF98-1B0D5DA3DFC5}" = protocol=17 | dir=in | app=i:\games\anno2070\autopatcher.exe | 
"{D78D8474-3932-4D43-890B-139D911ECC40}" = protocol=6 | dir=in | app=g:\games\wic\wic_ds.exe | 
"{D821C05E-5CEF-4EA1-9477-74575DA63A6A}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe | 
"{DEB66874-8001-47DD-B934-4DF63F0FD4EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{E1543EC3-BC2F-4FFA-828E-E3BE0B8E428C}" = protocol=6 | dir=in | app=g:\games\wic\wic.exe | 
"{E4E34D2F-2C19-483A-A50B-F0944C136651}" = protocol=6 | dir=in | app=i:\games\wow\blizzard downloader.exe | 
"{E83E2AE8-DA1E-46AE-B4F6-56ABCA56E322}" = protocol=17 | dir=in | app=g:\games\wow\launcher.exe | 
"{E86DDBDF-0F76-4315-82FF-24C6F0E249FD}" = protocol=6 | dir=in | app=g:\games\curse-update\curse\curseclient.exe | 
"{E94D8F60-07B3-4E96-ADDA-9DA288C0F893}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 
"{EE7B6452-F538-442B-BC55-29821B39682D}" = protocol=6 | dir=in | app=g:\programme\curse\curseclient.exe | 
"{EF949FAD-9773-4C61-8D4B-C038F22BC4B6}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe | 
"{F037F140-FE70-41BC-A6DA-05D7AEA5E214}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{F26D9838-0095-473B-897E-1E067D5757E3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{F9E2E550-227A-45B5-B8CD-5F4D2D2D3788}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe | 
"TCP Query User{002FF392-4EA9-458C-9326-FC57F2C54989}C:\program files (x86)\motorola\software update\mumapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\software update\mumapp.exe | 
"TCP Query User{0D9FEC77-D221-4FB0-921C-DF8F521B5FB0}I:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe | 
"TCP Query User{18D64428-EC98-4BC4-A295-42A40C3F703A}G:\games\xfire\xfire.exe" = protocol=6 | dir=in | app=g:\games\xfire\xfire.exe | 
"TCP Query User{1C1A8E54-4DFE-4024-8BD7-787D9AC85FCA}G:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=g:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | 
"TCP Query User{1D88AB4C-D457-4AF2-804C-463D3A1072FE}I:\games\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\launcher.exe | 
"TCP Query User{1D987B5F-E0FC-477D-95FC-0E806B5A239D}I:\games\nfsdata\data\nfsw.exe" = protocol=6 | dir=in | app=i:\games\nfsdata\data\nfsw.exe | 
"TCP Query User{2B547AAB-8CD0-4B59-9429-5058CF4FEF3E}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | 
"TCP Query User{35AA4809-6E8A-42B9-A1C3-D86195A9A3D0}I:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe | 
"TCP Query User{3DDB9888-39D5-4404-8908-49082D460278}I:\progr\winamp\winamp.exe" = protocol=6 | dir=in | app=i:\progr\winamp\winamp.exe | 
"TCP Query User{44655A35-5F51-4E4A-832F-3815D098ECB9}G:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe | 
"TCP Query User{4D4085EB-4564-481F-A9CC-3FEF99B2F61C}I:\games\blood\binary\bloodlinechampionsloader.exe" = protocol=6 | dir=in | app=i:\games\blood\binary\bloodlinechampionsloader.exe | 
"TCP Query User{5024B43E-7377-4529-AF79-99B071F25A0A}I:\progr\winamp\winamp.exe" = protocol=6 | dir=in | app=i:\progr\winamp\winamp.exe | 
"TCP Query User{55BB76A4-B5E9-4002-AEB3-2CEED9F38145}G:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe | 
"TCP Query User{5814365D-1C2D-4986-9614-5FFD3FABBFED}C:\users\andreas\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\andreas\appdata\local\google\chrome\application\chrome.exe | 
"TCP Query User{5AE677A0-6FDD-41E8-A26D-AE6A9160228D}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"TCP Query User{5F843565-50AF-4DB7-945B-AD862742B378}I:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=i:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe | 
"TCP Query User{5FE1D7A5-B8F7-475C-AE51-7701A9DC95E6}I:\progr\flashfxp\flashfxp.exe" = protocol=6 | dir=in | app=i:\progr\flashfxp\flashfxp.exe | 
"TCP Query User{771F8A17-0C1F-4F9C-AEFE-3DF28A582DD1}G:\programme\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=g:\programme\totalcmd\totalcmd.exe | 
"TCP Query User{7B22848F-0FB3-4AF9-AF1A-88F390FCFCB0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{89F81AF9-3D97-40FB-9209-1590B5B2CEB3}G:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe | 
"TCP Query User{8AE0ACC8-46B9-4847-BF9D-E290F9DC45B4}G:\games\wow\launcher.exe" = protocol=6 | dir=in | app=g:\games\wow\launcher.exe | 
"TCP Query User{930266F9-88D7-45C9-887B-C3F3ABE74B07}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"TCP Query User{A17282FB-B4BF-40D4-BC42-C3AEEAC8C33F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"TCP Query User{B2D97FFA-3FD3-4CDE-BA8B-1329ED8E1B9D}G:\programme\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=g:\programme\totalcmd\totalcmd.exe | 
"TCP Query User{B7585B8B-2A19-4C23-944B-8E912D28075E}I:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe" = protocol=6 | dir=in | app=i:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe | 
"TCP Query User{CF633BC3-1F30-4903-9B99-157DEFDB282F}C:\program files (x86)\yello strom\yellometer\yellometer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yello strom\yellometer\yellometer.exe | 
"TCP Query User{DC4E0EA1-8598-4523-80D4-4509089DBACC}C:\program files (x86)\motorola\software update\msu.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\software update\msu.exe | 
"TCP Query User{DD2A3CF6-8BCE-4F91-9F51-1EAE4F86EA02}G:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=g:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe | 
"TCP Query User{DEF59468-82FA-4945-9563-AB96163FA13E}H:\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=h:\star wars-the old republic\betatest\retailclient\swtor.exe | 
"TCP Query User{DF2EA308-E863-48ED-89E8-B49D2EC5734C}I:\games\wow\backgrounddownloader.exe" = protocol=6 | dir=in | app=i:\games\wow\backgrounddownloader.exe | 
"TCP Query User{E3B68C0A-DD3A-47BE-8B7C-465D726F7C8D}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe | 
"TCP Query User{ECEB4E5A-5141-421E-8281-B4C092DB8ED0}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"TCP Query User{ED706206-0183-4957-8CAA-D19397657864}G:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe | 
"TCP Query User{EF9ED909-429D-407D-91E2-F6B90A201FAB}G:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=g:\programme\mozilla firefox\firefox.exe | 
"TCP Query User{F5BA07E2-3145-4207-891D-4D40A126C92E}G:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=g:\programme\mozilla firefox\firefox.exe | 
"TCP Query User{F84C74B8-4D6D-43BC-8380-EFF5F6F1AC3C}I:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=i:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | 
"UDP Query User{00638281-18E7-4C1E-9C7F-D565D3093DFF}I:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe" = protocol=17 | dir=in | app=i:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe | 
"UDP Query User{0442A47B-6151-4537-B10F-112EBA7BCE32}I:\games\nfsdata\data\nfsw.exe" = protocol=17 | dir=in | app=i:\games\nfsdata\data\nfsw.exe | 
"UDP Query User{0968541E-56B4-4B4F-ABC7-D88480CA8B45}G:\games\wow\launcher.exe" = protocol=17 | dir=in | app=g:\games\wow\launcher.exe | 
"UDP Query User{0AC935C4-339F-44A1-B626-5741CA0C5AE9}C:\users\andreas\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\andreas\appdata\local\google\chrome\application\chrome.exe | 
"UDP Query User{1258D574-5DAC-47D0-88A5-95445FEA32CB}G:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe | 
"UDP Query User{27893D58-C36F-47EA-A9F7-F510017D6978}I:\games\blood\binary\bloodlinechampionsloader.exe" = protocol=17 | dir=in | app=i:\games\blood\binary\bloodlinechampionsloader.exe | 
"UDP Query User{2AD61E50-1526-4C6E-8973-5A37A15D6BDF}G:\games\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=g:\games\tdu\testdriveunlimited.exe | 
"UDP Query User{34CAE53B-9CF3-4617-8C0A-A55F938620E4}I:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe | 
"UDP Query User{36B8ECAA-D49C-4CE2-8264-6A68708A5ED4}H:\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=h:\star wars-the old republic\betatest\retailclient\swtor.exe | 
"UDP Query User{42E1019A-94C8-4242-95F0-7BD3BD0FEE25}G:\programme\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=g:\programme\totalcmd\totalcmd.exe | 
"UDP Query User{5050BB1A-4B4E-4355-9DA1-927B0B5902F7}I:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe | 
"UDP Query User{6A001F8D-9A9A-479A-BF41-AF8C68E33F8C}I:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=i:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{73AB5A04-3953-4BC9-B290-88518381E748}G:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe | 
"UDP Query User{77ED7EB2-A07F-4800-817D-73CF6B4CC3F3}C:\program files (x86)\motorola\software update\msu.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\software update\msu.exe | 
"UDP Query User{786C8032-7510-474F-B98C-7EA7544965BD}G:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=g:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe | 
"UDP Query User{7C0DFF2E-8A31-48A5-ABC6-30C3D2CF47B4}I:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=i:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe | 
"UDP Query User{7DF54149-770B-45BE-992B-107A594AAEE4}G:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe | 
"UDP Query User{7E41A449-645C-4A50-A48F-A5E25D359A84}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | 
"UDP Query User{8B5EFDE4-F015-4A7C-A0EB-A9BF08BA2FB3}I:\progr\winamp\winamp.exe" = protocol=17 | dir=in | app=i:\progr\winamp\winamp.exe | 
"UDP Query User{987F2123-CFAF-4DCF-9194-2DAFAF8B5DEE}G:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=g:\programme\mozilla firefox\firefox.exe | 
"UDP Query User{9946437E-CE04-49F5-B9FA-DABD51DC4C58}C:\program files (x86)\yello strom\yellometer\yellometer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yello strom\yellometer\yellometer.exe | 
"UDP Query User{9FFB0D38-55D6-40BE-8A3A-1D0F47130C21}C:\program files (x86)\motorola\software update\mumapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\software update\mumapp.exe | 
"UDP Query User{AAFD2325-E884-48CE-AD33-70490214AF78}G:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=g:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | 
"UDP Query User{B6A4CF4A-5BF3-4162-B2A9-63C92DAE61FC}I:\progr\flashfxp\flashfxp.exe" = protocol=17 | dir=in | app=i:\progr\flashfxp\flashfxp.exe | 
"UDP Query User{B8210782-4A29-477B-92A9-62069224F21F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe | 
"UDP Query User{B96FD913-CDC6-4DE8-A2DB-160C3E81AF18}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"UDP Query User{BB3CC26D-5C56-47BB-A8C4-6E2D0C971729}G:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe | 
"UDP Query User{C1FFBE2A-204D-4FEE-B8DD-98539FBF3281}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe | 
"UDP Query User{C6A77DD8-AE37-44DC-886E-4431DA11A007}G:\programme\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=g:\programme\totalcmd\totalcmd.exe | 
"UDP Query User{C854B65C-5FE9-4E1A-8A98-C2137C9C48BE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{C8DCFB5E-08E6-4846-830E-E1D56E98700F}I:\progr\winamp\winamp.exe" = protocol=17 | dir=in | app=i:\progr\winamp\winamp.exe | 
"UDP Query User{C9E61D69-7580-464F-B38E-9B91BD6A2992}I:\games\wow\backgrounddownloader.exe" = protocol=17 | dir=in | app=i:\games\wow\backgrounddownloader.exe | 
"UDP Query User{CBE516B9-1A09-4D87-B221-BC212B8B7B54}G:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=g:\programme\mozilla firefox\firefox.exe | 
"UDP Query User{D8D1AD99-1249-4E9C-8794-F1076B73EB89}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe | 
"UDP Query User{E17D8665-80BD-4CDA-BB81-EEE3CF07F91C}G:\games\xfire\xfire.exe" = protocol=17 | dir=in | app=g:\games\xfire\xfire.exe | 
"UDP Query User{EC24BC8F-57B6-41DC-A9DE-1BF5D9CFACFD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe | 
"UDP Query User{FD129E22-291D-4D34-A372-AA56F63AA9BD}I:\games\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\launcher.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25 (64-bit)
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C776F23B-8ACA-4287-9F65-461B2B1B29B4}" = Debugging Tools for Windows 64-bit
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.8.0.224
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis*True*Image*Home
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{7D386596-0E80-4808-8AAE-C1DDA8212F7F}" = Adobe Setup
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{901A0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Outlook 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C53CFB2A-B76B-4C8E-842F-9961EFE760EB}" = RSDLite
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE246151-F0E8-ABC8-AEB2-7F3E188EFBF5}" = TweetDeck
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_25db75244653b42cb93dc27939d1c0e" = Adobe Dreamweaver CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CamStudio" = CamStudio
"CCleaner" = CCleaner (remove only)
"CurseClient" = Curse Client
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"doubleTwist" = doubleTwist
"Driver Sweeper_is1" = Driver Sweeper 1.0
"ElsterFormular 11.5.1.4843" = ElsterFormular
"ESN Sonar-0.70.0" = ESN Sonar
"Exact Audio Copy" = Exact Audio Copy 0.99pb3
"FileZilla Client" = FileZilla Client 3.5.2
"FLVPlayer" = FLV Player 1.3.3
"GnuPG" = GNU Privacy Guard
"GPG4Win" = GnuPG For Windows
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.13
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.1.5 Standard
"Loki Browser Plugin" = Loki Browser Plugin
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"MPE" = MyPhoneExplorer
"NetLimiter 2 Pro" = NetLimiter 2 Pro (remove only)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 6.0" = RealPlayer
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Veetle TV" = Veetle TV 0.9.16
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6h
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"XMedia Recode" = XMedia Recode 3.0.0.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.02.2012 09:37:54 | Computer Name = Boss-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = 
 
Error - 05.02.2012 09:38:34 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.02.2012 09:38:43 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.02.2012 09:38:45 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.02.2012 09:39:52 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.02.2012 09:41:02 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.02.2012 09:46:23 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.02.2012 09:49:10 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 05.02.2012 09:50:15 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description = 
 
Error - 06.02.2012 11:44:14 | Computer Name = Boss-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 10.0.0.4411 arbeitet nicht mehr mit 
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet 
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
 das Problem zu suchen.  Prozess-ID: 3f0  Anfangszeit: 01cce4e58fc76bcb  Zeitpunkt der
 Beendigung: 64
 
[ NetLimiter Events ]
Error - 08.08.2008 05:27:52 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 10.08.2008 07:10:49 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 10.08.2008 18:06:59 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 11.08.2008 06:32:55 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 12.08.2008 06:28:17 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 12.08.2008 18:07:27 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 13.08.2008 06:50:49 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 13.08.2008 08:30:00 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 14.08.2008 06:32:18 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
Error - 28.09.2009 08:36:05 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description = 
 
[ System Events ]
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7026
Description = 
 
 
< End of report >
         
und hier das 2te File.

Code:
ATTFilter
OTL logfile created on: 06.02.2012 17:39:33 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Andreas\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,17% Memory free
8,21 Gb Paging File | 5,84 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): i:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 7,57 Gb Free Space | 10,34% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS
Drive G: | 66,49 Gb Total Space | 16,81 Gb Free Space | 25,27% Space Free | Partition Type: NTFS
Drive H: | 98,12 Gb Total Space | 53,87 Gb Free Space | 54,91% Space Free | Partition Type: NTFS
Drive I: | 134,76 Gb Total Space | 35,54 Gb Free Space | 26,37% Space Free | Partition Type: NTFS
 
Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Andreas\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (Viewpoint Manager Service) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\DRIVERS\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\DRIVERS\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (PSSDK42) -- C:\Windows\SysNative\Drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MotDev) -- C:\Windows\SysNative\DRIVERS\motodrv.sys (Motorola Inc)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (lgmcunic) LGE Mobile USB WMC Ethernet ELDA (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcunic.sys (MCCI Corporation)
DRV:64bit: - (lgmcobex) -- C:\Windows\SysNative\DRIVERS\lgmcobex.sys (MCCI Corporation)
DRV:64bit: - (lgmcnd5) LGE Mobile USB WMC Ethernet ELDA (NDIS) -- C:\Windows\SysNative\DRIVERS\lgmcnd5.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdm) -- C:\Windows\SysNative\DRIVERS\lgmcmdm.sys (MCCI Corporation)
DRV:64bit: - (lgmcmgmt) LGE Mobile USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcmgmt.sys (MCCI Corporation)
DRV:64bit: - (lgmcbus) LGE Mobile driver (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcbus.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdfl) -- C:\Windows\SysNative\DRIVERS\lgmcmdfl.sys (MCCI Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV:64bit: - (SI3132) -- C:\Windows\SysNative\DRIVERS\SI3132.sys (Silicon Image, Inc)
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: I:\progr\jr6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\programme\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin: C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: I:\progr\vf-web\Optimization Client\addon\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: G:\programme\Mozilla Firefox\components [2012.02.01 21:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: G:\programme\Mozilla Firefox\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.09 15:49:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2007.01.30 10:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boss\AppData\Roaming\mozilla\Firefox\Profiles\yf0p6cos.default\extensions
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\INSPECTOR@MOZILLA.ORG
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\TALKBACK@MOZILLA.ORG
 
O1 HOSTS File: ([2008.10.10 19:43:51 | 000,000,759 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\progr\jr6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKCU..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.burj-al-arab.com/flashcab/ipix/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA225B3F-D7B3-44A3-9371-D4387BB0076E}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.05 16:21:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.02.05 15:14:02 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2012.02.05 14:36:57 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Deployment
[2012.02.05 14:34:15 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Logitech
[2012.02.05 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Salling_Software_AB
[2012.02.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Apple Computer
[2012.01.22 23:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012.01.22 23:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012.01.12 11:26:16 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.12 11:26:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.11 13:03:27 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 13:03:26 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 13:03:26 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 13:03:26 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 13:03:16 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 13:03:15 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2012.01.11 13:03:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
[2012.01.11 13:03:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
[2012.01.11 13:03:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
[2012.01.11 13:03:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
[2012.01.11 13:03:12 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.01.11 13:03:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 13:03:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.06 17:25:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.06 17:11:08 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.06 17:11:08 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.06 17:02:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001UA.job
[2012.02.06 16:58:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.06 16:58:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.06 16:25:16 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2012.02.06 16:13:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.06 16:12:57 | 4293,451,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.05 15:17:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.05 02:36:37 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001Core.job
[2012.01.23 01:40:02 | 001,487,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.23 01:40:02 | 000,644,348 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.23 01:40:02 | 000,609,368 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.23 01:40:02 | 000,132,718 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.23 01:40:02 | 000,109,644 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.22 23:43:25 | 000,000,596 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.01.21 13:41:13 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini
[2012.01.16 02:06:21 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.06 16:20:09 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.06 16:20:09 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2012.02.06 16:12:57 | 4293,451,776 | -HS- | C] () -- C:\hiberfil.sys
[2012.01.22 23:43:25 | 000,000,596 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.01.16 02:06:21 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.09.30 00:20:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2010.12.31 11:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010.10.05 19:21:06 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.05 19:21:06 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.09.26 18:18:22 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.04.30 13:14:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.30 13:12:56 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.13 16:03:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.04 15:17:51 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.27 15:53:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.05.27 15:52:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.05.27 15:52:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.07.23 12:40:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.05.26 00:24:04 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.05.26 00:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.05.01 18:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI
[2008.03.21 20:17:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.05 14:10:32 | 000,005,824 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.10.22 23:31:57 | 000,000,284 | ---- | C] () -- C:\Windows\game.ini
[2007.09.20 21:27:44 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2007.07.06 17:53:51 | 001,510,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2007.07.05 14:05:49 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.06.17 15:03:11 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI
[2007.06.13 19:53:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2007.06.13 19:53:19 | 000,013,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2007.06.11 20:35:56 | 000,003,584 | ---- | C] () -- C:\Users\Boss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.04.06 14:50:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini
[2007.04.01 01:35:26 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini
[2007.03.28 16:45:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.03.21 16:10:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CSDLGE1LIB.dll
[2007.03.15 19:00:10 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Sony.dll
[2007.01.27 16:17:56 | 000,003,332 | ---- | C] () -- C:\Windows\mozver.dat
[2007.01.27 12:20:52 | 000,001,460 | ---- | C] () -- C:\Users\Boss\AppData\Local\d3d9caps64.dat
[2006.11.02 16:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2001.11.19 20:05:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
 
========== LOP Check ==========
 
[2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus
[2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro
[2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync
[2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime
[2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP
[2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia
[2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite
[2012.02.05 15:17:09 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >
         

Alt 06.02.2012, 19:34   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Funktioniert noch der abgesicherte Modus mit Netzwerktreibern?




Abgesicherter Modus zur Bereinigung
  • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
  • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

    Windows im abgesicherten Modusstarten
__________________

__________________

Alt 06.02.2012, 21:20   #3
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Hallo,

ja, der geht noch.
__________________

Alt 07.02.2012, 08:03   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



na wenn der Modus geht wirst du erstmal MBAM/ESET probieren können:

Bitte nun routinemäßig einen Vollscan mit Malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.02.2012, 13:51   #5
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Hallo,

hier das erste Log. Der Scan dauerte recht lange.

Code:
ATTFilter
Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.01.13.04

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Andreas :: BOSS-PC [limited]

07.02.2012 12:36:49
mbam-log-2012-02-07 (12-36-49).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 785935
Time elapsed: 2 hour(s), 12 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         


Alt 07.02.2012, 15:19   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.
__________________
--> Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)

Alt 07.02.2012, 17:26   #7
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Ne, das wurde zum ersten Mal ausgefuehrt. Keine weiteren Logs.

Und hier jetzt von diesem anderen Progr.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0dd3d32856394942a79ce366e3778251
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-07 05:22:32
# local_time=2012-02-07 06:22:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 56 38459299 166147048 0 0
# compatibility_mode=8192 67108863 100 0 14629 14629 0 0
# scanned=661786
# found=8
# cleaned=0
# scan_time=12304
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\43b9174a-4401181f	a variant of Java/Agent.DW trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7212ea8f-14480d28	multiple threats (unable to clean)	00000000000000000000000000000000	I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49cfaf11-10591ffe	multiple threats (unable to clean)	00000000000000000000000000000000	I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\75176865-4f0f9ea5	a variant of Java/Agent.DM trojan (unable to clean)	00000000000000000000000000000000	I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\73216bbe-5d421260	a variant of Java/Exploit.Agent.NAC trojan (unable to clean)	00000000000000000000000000000000	I
I:\backup-telefon\sdcard-03-08-2011\download\PayPal.zip	a variant of Win32/Injector.HCR trojan (unable to clean)	00000000000000000000000000000000	I
I:\downloads\GingerBreak-v1.20.apk	Linux/Exploit.Lotoor.AH trojan (unable to clean)	00000000000000000000000000000000	I
I:\temp\android-sd\download\PayPal.zip	a variant of Win32/Injector.HCR trojan (unable to clean)	00000000000000000000000000000000	I
         

Alt 07.02.2012, 19:36   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Da sind aber keine typischen Funde dieser Ransomware!
Funktioniert der normale Modus? Hast du irgendeinen anderen Benutzer (mit Adminrechten) für das Log genommen, der nicht das Problem hat oder hatte?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.02.2012, 19:44   #9
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Nein, ich habe den Benutzer genommen.

Der Warnhinweis kommt jetzt auch sofort, nachdem der User angemeldet ist. Man sieht ganz kurz mein Desktophintergrundbild und schon ist die Warnmeldung da.

Als das gestern zum ersten Mal auftauchte, sprang auch keien Schutzsoftware an, am Abend dann teilte mir Microsoft Security Essentials das mit. Keine Ahnung wie man da das Log rausbekommt, ich tippe es ab:

Trojan:Win32/Ransom.EJ. Warnstufe Schwerwiegend.

Elemente:
containerfile:C:\Users\Andreas\AppData\Local\Temp\ms0cfg32.exe
file:C:\Users\Andreas\AppData\Local\Temp\ms0cfg32.exe->(UPX)

Ausgefuehrt (Entfernt). Irgendwo ist das Teil noch, da es jetzt sofort kommt.

Alt 07.02.2012, 21:06   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
ATTFilter
 hier steht das Log
         
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet
Code:
ATTFilter
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.02.2012, 22:32   #11
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Hi,

hier wie gewuenscht.

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 07.02.2012 23:10:37 - Run 2
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Virus\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 48,87% Memory free
8,21 Gb Paging File | 6,25 Gb Available in Paging File | 76,12% Paging File free
Paging file location(s): i:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 10,39 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS
Drive G: | 66,49 Gb Total Space | 15,75 Gb Free Space | 23,68% Space Free | Partition Type: NTFS
Drive H: | 98,12 Gb Total Space | 53,78 Gb Free Space | 54,81% Space Free | Partition Type: NTFS
Drive I: | 134,76 Gb Total Space | 37,23 Gb Free Space | 27,63% Space Free | Partition Type: NTFS
 
Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Virus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (Viewpoint Manager Service) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\DRIVERS\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\DRIVERS\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (PSSDK42) -- C:\Windows\SysNative\Drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MotDev) -- C:\Windows\SysNative\DRIVERS\motodrv.sys (Motorola Inc)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (lgmcunic) LGE Mobile USB WMC Ethernet ELDA (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcunic.sys (MCCI Corporation)
DRV:64bit: - (lgmcobex) -- C:\Windows\SysNative\DRIVERS\lgmcobex.sys (MCCI Corporation)
DRV:64bit: - (lgmcnd5) LGE Mobile USB WMC Ethernet ELDA (NDIS) -- C:\Windows\SysNative\DRIVERS\lgmcnd5.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdm) -- C:\Windows\SysNative\DRIVERS\lgmcmdm.sys (MCCI Corporation)
DRV:64bit: - (lgmcmgmt) LGE Mobile USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcmgmt.sys (MCCI Corporation)
DRV:64bit: - (lgmcbus) LGE Mobile driver (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcbus.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdfl) -- C:\Windows\SysNative\DRIVERS\lgmcmdfl.sys (MCCI Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV:64bit: - (SI3132) -- C:\Windows\SysNative\DRIVERS\SI3132.sys (Silicon Image, Inc)
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B 08 0B B0 E2 E4 CC 01  [binary data]
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: I:\progr\jr6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\programme\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin: C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: I:\progr\vf-web\Optimization Client\addon\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: G:\programme\Mozilla Firefox\components [2012.02.01 21:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: G:\programme\Mozilla Firefox\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.09 15:49:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2007.01.30 10:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boss\AppData\Roaming\mozilla\Firefox\Profiles\yf0p6cos.default\extensions
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\INSPECTOR@MOZILLA.ORG
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\TALKBACK@MOZILLA.ORG
 
O1 HOSTS File: ([2008.10.10 19:43:51 | 000,000,759 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\progr\jr6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1004..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.burj-al-arab.com/flashcab/ipix/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA225B3F-D7B3-44A3-9371-D4387BB0076E}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start++.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Andreas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.1.lnk -  - File not found
MsConfig:64bit - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig:64bit - StartUpReg: AcronisTimounterMonitor - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: KeePass 2 PreLoad - hkey= - key= - I:\progr\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
MsConfig:64bit - StartUpReg: MobileBroadband - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
MsConfig:64bit - StartUpReg: Nokia.PCSync - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: OODefragTray - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: PC Suite Tray - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: PCSuiteTrayApplication - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RivaTunerStartupDaemon - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: TrueImageMonitor.exe - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
MsConfig:64bit - StartUpReg: TVgenial - hkey= - key= -  File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%\system32\soundschemes2.exe /AddRegistration
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4CF30EEE-A775-4B09-020A-97471021493D} - Internet Explorer
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {BA4F0990-B822-A685-E10D-A40B2B462565} - Viewpoint Media Player
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EE5B8873-4930-0295-D83A-F45EAFE2F9A1} - Internet Explorer
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.07 11:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.07 11:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.07 11:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.07 11:53:12 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.07 11:53:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.05 16:21:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.02.05 15:14:02 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2012.02.05 14:36:57 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Deployment
[2012.02.05 14:34:15 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Logitech
[2012.02.05 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Salling_Software_AB
[2012.02.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Apple Computer
[2012.01.22 23:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012.01.22 23:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.07 23:02:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001UA.job
[2012.02.07 22:58:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.07 22:29:58 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 22:29:58 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 22:25:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.07 22:02:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001Core.job
[2012.02.07 19:54:46 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.07 18:29:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.07 18:29:31 | 4293,451,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.07 11:55:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.06 16:25:16 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2012.01.23 01:40:02 | 001,487,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.23 01:40:02 | 000,644,348 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.23 01:40:02 | 000,609,368 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.23 01:40:02 | 000,132,718 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.23 01:40:02 | 000,109,644 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.21 13:41:13 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.07 18:29:31 | 4293,451,776 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.06 16:20:09 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.06 16:20:09 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2011.09.30 00:20:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2010.12.31 11:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010.10.05 19:21:06 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.05 19:21:06 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.09.26 18:18:22 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.04.30 13:14:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.30 13:12:56 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.13 16:03:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.04 15:17:51 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.27 15:53:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.05.27 15:52:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.05.27 15:52:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.07.23 12:40:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.05.26 00:24:04 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.05.26 00:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.05.01 18:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI
[2008.03.21 20:17:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.05 14:10:32 | 000,005,824 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.10.22 23:31:57 | 000,000,284 | ---- | C] () -- C:\Windows\game.ini
[2007.09.20 21:27:44 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2007.07.06 17:53:51 | 001,510,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2007.07.05 14:05:49 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.06.17 15:03:11 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI
[2007.06.13 19:53:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2007.06.13 19:53:19 | 000,013,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2007.06.11 20:35:56 | 000,003,584 | ---- | C] () -- C:\Users\Boss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.04.06 14:50:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini
[2007.04.01 01:35:26 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini
[2007.03.28 16:45:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.03.21 16:10:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CSDLGE1LIB.dll
[2007.03.15 19:00:10 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Sony.dll
[2007.01.27 16:17:56 | 000,003,332 | ---- | C] () -- C:\Windows\mozver.dat
[2007.01.27 12:20:52 | 000,001,460 | ---- | C] () -- C:\Users\Boss\AppData\Local\d3d9caps64.dat
[2006.11.02 16:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2001.11.19 20:05:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
 
========== LOP Check ==========
 
[2008.10.16 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acreon
[2008.01.06 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acronis
[2011.01.10 15:16:52 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Amazon
[2011.01.07 16:22:01 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\AnvSoft
[2008.11.03 23:05:11 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ashampoo
[2008.04.29 11:57:04 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Azureus
[2012.01.23 18:01:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\BigHugeEngine
[2008.01.04 22:22:00 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Codemasters
[2009.06.23 15:23:56 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DAEMON Tools Pro
[2007.06.16 15:02:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DeepBurner
[2011.05.19 11:35:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.16 02:14:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\elsterformular
[2011.11.22 13:08:51 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\FileZilla
[2009.07.19 23:10:48 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\FUEL Demo
[2009.08.15 18:10:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\GetRightToGo
[2007.03.04 13:44:09 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\GHISLER
[2010.11.24 03:12:20 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gnupg
[2008.11.03 22:38:22 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gtk-2.0
[2011.05.28 17:42:43 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\HTC
[2011.05.28 17:42:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2007.03.04 15:15:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\IE7pro
[2008.01.02 19:40:29 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\InfraRecorder
[2011.08.07 12:31:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\IrfanView
[2009.09.17 14:43:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ivacy
[2010.12.19 17:18:16 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\KeePass
[2010.09.03 14:54:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Keynote Systems
[2010.01.01 17:54:23 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Leadertech
[2008.06.07 10:44:33 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\LG Electronics
[2008.05.10 14:15:50 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Locktime
[2008.07.23 19:35:02 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Miranda
[2007.03.22 12:38:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Mobile Master
[2007.03.15 11:19:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MusicIP
[2011.06.08 18:50:31 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MyPhoneExplorer
[2010.09.12 23:33:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Need for Speed World
[2010.06.08 14:10:39 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\NVD
[2009.01.09 17:42:52 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\OpenOffice.org
[2009.08.07 20:20:22 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Opera
[2012.01.22 23:43:56 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Origin
[2011.12.11 12:59:44 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PC Suite
[2007.01.30 03:25:17 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PeerNetworking
[2008.10.16 20:10:36 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Prabang
[2011.04.27 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\SoftGrid Client
[2008.07.14 23:38:25 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Teleca
[2010.07.24 15:25:28 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Thunderbird
[2011.04.27 16:04:20 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TP
[2007.09.19 19:51:24 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TrueCrypt
[2011.05.18 15:27:59 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TVgenial
[2009.04.04 15:35:16 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2009.12.03 18:15:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011.11.16 15:05:59 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ubisoft
[2011.03.19 15:01:54 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\uTorrent
[2011.04.22 16:37:45 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Vodafone
[2009.05.13 15:41:19 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\winpt
[2007.07.27 23:08:58 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\WowAceUpdater
[2011.06.15 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\XMedia Recode
[2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus
[2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro
[2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync
[2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime
[2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP
[2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia
[2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite
[2012.02.07 11:55:37 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.02.05 14:38:51 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Adobe
[2012.02.05 14:33:41 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Apple Computer
[2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus
[2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2007.01.27 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Identities
[2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro
[2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync
[2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime
[2012.02.05 14:34:15 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Logitech
[2007.02.08 02:12:04 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Macromedia
[2006.11.02 16:06:33 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Media Center Programs
[2012.02.05 14:36:46 | 000,000,000 | --SD | M] -- C:\Users\Boss\AppData\Roaming\Microsoft
[2007.01.30 10:59:33 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Mozilla
[2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP
[2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia
[2007.03.30 15:54:48 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\OpenOffice.org2
[2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite
[2007.05.09 14:06:08 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Real
[2007.04.06 15:15:53 | 000,000,000 | RH-D | M] -- C:\Users\Boss\AppData\Roaming\SecuROM
[2007.03.15 19:10:34 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Sony Corporation
[2007.01.30 10:59:41 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Talkback
[2007.01.31 23:41:17 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\teamspeak2
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2006.11.02 13:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008.01.19 09:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.19 09:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.02.15 14:13:23 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=05001E1FACCE49DB895B8526B05C7302 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_37cb142cf6008bc1\atapi.sys
[2008.01.19 09:07:46 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2008.02.15 14:13:23 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=BB55C79E0595D8CFBE4A80A3C9EB77EA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 09:11:31 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
[2006.11.02 12:51:48 | 000,280,680 | ---- | M] (Intel Corporation) MD5=72C3EE7EA3CD75A772E62AE0E5DF8B8C -- C:\Windows\SysNative\drivers\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.01.19 09:03:01 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
[2006.11.02 12:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 13:02:51 | 000,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows\SysNative\drivers\nvstor.sys
[2008.01.19 09:08:50 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2006.11.02 12:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2008.01.19 09:03:55 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006.11.02 10:44:25 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=00B53DCA0408CCD8F6BAF13994F6E3A0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_3174f01b5d2fa18f\user32.dll
[2007.04.05 22:37:41 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=296BA70E2A302E639CBD9E2A32DC65C4 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_31ad02315d0545af\user32.dll
[2008.01.19 09:04:23 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[2008.01.19 08:32:19 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2007.04.05 22:37:41 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=437C1C0CB2A42EA20083F21E9CAEF461 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_32359eb27623cc22\user32.dll
[2007.04.05 22:37:41 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=707CD582A4F93DB789336A5CE9527970 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_275857df28a483b4\user32.dll
[2006.11.02 12:19:10 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=95D5555CC7BD8F520996E35D36491EEF -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_272045c928cedf94\user32.dll
[2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2007.04.05 22:37:41 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=E4E3ED1E0D1D8C33A9C94ABEA1C8BC96 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_27e0f46041c30a27\user32.dll
[2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll
[2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 12:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe
[2008.01.19 09:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.19 09:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2008.01.19 09:00:45 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe
[2008.01.19 09:00:45 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
[2006.11.02 12:16:20 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=6F92CE5B50283B0C0A7A539ED552039A -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_8ada9256bfc30704\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.19 09:00:45 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 12:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.19 07:37:47 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2008.01.19 07:37:47 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
[2006.11.02 10:47:52 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=C4EE49DB7EADC812DBC0ECCF2E7FB929 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_a96e7a5c834006a3\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.13 16:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >
         
--- --- ---

Alt 08.02.2012, 09:01   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
ATTFilter
:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start++.lnk -  - File not found
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF
:Commands
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.02.2012, 13:07   #13
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Moin, so, hier das Ergebnis.

Beim ersten Versuch reagierte OTL dann nicht mehr. Reboot. Noch einmal durchgefuehrt, ging, danach verlangte OTL einen Reboot. Gemacht.

Hier das Log. Ist natuerlich von einem anderen Benutzer ausgefuehrt worden, da kein Login moeglich ist beim betroffenen User.

Code:
ATTFilter
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\TVgenial not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Alles mit FlashGet laden\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Mit FlashGet laden\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Alles mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Auswahl mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Datei mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Videos mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Alles mit FlashGet laden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Mit FlashGet laden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Alles mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Auswahl mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Datei mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Videos mit FDM herunterladen\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File D:\AUTOEXEC.BAT not found.
Unable to delete ADS C:\ProgramData\TEMP:05EE1EEF .
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Andreas
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 25882642 bytes
->Java cache emptied: 76177967 bytes
->FireFox cache emptied: 244359456 bytes
->Google Chrome cache emptied: 272101057 bytes
->Apple Safari cache emptied: 4017152 bytes
->Opera cache emptied: 369270 bytes
->Flash cache emptied: 2011158 bytes
 
User: Boss
->Temp folder emptied: 5269047 bytes
->Temporary Internet Files folder emptied: 24685263 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3339016 bytes
->Google Chrome cache emptied: 13566073 bytes
->Flash cache emptied: 566 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Virus
->Temp folder emptied: 4097577 bytes
->Temporary Internet Files folder emptied: 13769794 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16626134 bytes
->Google Chrome cache emptied: 172390403 bytes
->Flash cache emptied: 58983 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 1610800 bytes
%systemroot%\System32 (64bit) .tmp files removed: 7254528 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10010698 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 856,00 mb
 
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 02082012_135818

Files\Folders moved on Reboot...
C:\Users\Boss\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\SysNative\SET24F3.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\SET271C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\SET49A0.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...
         

Alt 08.02.2012, 13:08   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!




Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.02.2012, 13:16   #15
jomei
 
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Standard

Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)



Und schon bin ich wieder da.

Code:
ATTFilter
14:14:21.0699 5908	TDSS rootkit removing tool 2.7.10.0 Feb  7 2012 15:14:46
14:14:21.0878 5908	============================================================
14:14:21.0878 5908	Current date / time: 2012/02/08 14:14:21.0878
14:14:21.0879 5908	SystemInfo:
14:14:21.0879 5908	
14:14:21.0879 5908	OS Version: 6.0.6002 ServicePack: 2.0
14:14:21.0879 5908	Product type: Workstation
14:14:21.0879 5908	ComputerName: BOSS-PC
14:14:21.0879 5908	UserName: Boss
14:14:21.0879 5908	Windows directory: C:\Windows
14:14:21.0879 5908	System windows directory: C:\Windows
14:14:21.0879 5908	Running under WOW64
14:14:21.0879 5908	Processor architecture: Intel x64
14:14:21.0879 5908	Number of processors: 2
14:14:21.0879 5908	Page size: 0x1000
14:14:21.0879 5908	Boot type: Normal boot
14:14:21.0879 5908	============================================================
14:14:22.0261 5908	Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0264 5908	Drive \Device\Harddisk1\DR1 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0280 5908	Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0286 5908	\Device\Harddisk0\DR0:
14:14:22.0295 5908	MBR used
14:14:22.0295 5908	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
14:14:22.0309 5908	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0xC86D25B
14:14:22.0309 5908	\Device\Harddisk1\DR1:
14:14:22.0309 5908	MBR used
14:14:22.0309 5908	\Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x927C000
14:14:22.0309 5908	\Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x927C800, BlocksNum 0x84FB800
14:14:22.0309 5908	\Device\Harddisk2\DR2:
14:14:22.0309 5908	MBR used
14:14:22.0309 5908	\Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC43D800
14:14:22.0309 5908	\Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0xC43E000, BlocksNum 0x10D86800
14:14:22.0486 5908	Initialize success
14:14:22.0486 5908	============================================================
14:14:42.0961 5936	============================================================
14:14:42.0961 5936	Scan started
14:14:42.0961 5936	Mode: Manual; SigCheck; TDLFS; 
14:14:42.0961 5936	============================================================
14:14:43.0168 5936	ACPI            (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
14:14:43.0276 5936	ACPI - ok
14:14:43.0337 5936	ADIHdAudAddService (9c2430847d0d7df0cb60eface1aa453a) C:\Windows\system32\drivers\ADIHdAud.sys
14:14:43.0384 5936	ADIHdAudAddService - ok
14:14:43.0469 5936	adp94xx         (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys
14:14:43.0518 5936	adp94xx - ok
14:14:43.0550 5936	adpahci         (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys
14:14:43.0594 5936	adpahci - ok
14:14:43.0618 5936	adpu160m        (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys
14:14:43.0638 5936	adpu160m - ok
14:14:43.0668 5936	adpu320         (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys
14:14:43.0688 5936	adpu320 - ok
14:14:43.0763 5936	AFD             (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
14:14:43.0818 5936	AFD - ok
14:14:43.0836 5936	agp440          (5ccdd13bc602ae33cd8b62d33c29ab72) C:\Windows\system32\drivers\agp440.sys
14:14:43.0853 5936	agp440 - ok
14:14:43.0872 5936	aic78xx         (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
14:14:43.0889 5936	aic78xx - ok
14:14:43.0910 5936	aliide          (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
14:14:43.0925 5936	aliide - ok
14:14:43.0953 5936	amdide          (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
14:14:43.0969 5936	amdide - ok
14:14:43.0993 5936	AmdK8           (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys
14:14:44.0222 5936	AmdK8 - ok
14:14:44.0372 5936	amdkmdag        (1147f8816d4ddc9fc43a40df52f40500) C:\Windows\system32\DRIVERS\atipmdag.sys
14:14:44.0621 5936	amdkmdag - ok
14:14:44.0653 5936	amdkmdap        (ebc963d8f5b04c98f5ef597aae79cddd) C:\Windows\system32\DRIVERS\atikmpag.sys
14:14:44.0681 5936	amdkmdap - ok
14:14:44.0732 5936	arc             (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys
14:14:44.0749 5936	arc - ok
14:14:44.0768 5936	arcsas          (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys
14:14:44.0785 5936	arcsas - ok
14:14:44.0795 5936	AsIO - ok
14:14:44.0831 5936	AsyncMac        (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
14:14:44.0949 5936	AsyncMac - ok
14:14:44.0973 5936	atapi           (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
14:14:44.0991 5936	atapi - ok
14:14:45.0020 5936	AtiHdmiService  (19aaa5fa3a9804b8722f7b95649fb6c9) C:\Windows\system32\drivers\AtiHdmi.sys
14:14:45.0055 5936	AtiHdmiService - ok
14:14:45.0096 5936	blbdrive - ok
14:14:45.0130 5936	bowser          (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
14:14:45.0161 5936	bowser - ok
14:14:45.0175 5936	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
14:14:45.0210 5936	BrFiltLo - ok
14:14:45.0230 5936	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
14:14:45.0268 5936	BrFiltUp - ok
14:14:45.0292 5936	Brserid         (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
14:14:45.0353 5936	Brserid - ok
14:14:45.0372 5936	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
14:14:45.0429 5936	BrSerWdm - ok
14:14:45.0451 5936	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
14:14:45.0515 5936	BrUsbMdm - ok
14:14:45.0547 5936	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
14:14:45.0612 5936	BrUsbSer - ok
14:14:45.0643 5936	BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
14:14:45.0673 5936	BTCFilterService - ok
14:14:45.0714 5936	BthEnum         (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
14:14:45.0738 5936	BthEnum - ok
14:14:45.0757 5936	BTHMODEM        (72f70a38bb15252eb7c4da7ba3bd4ed1) C:\Windows\system32\DRIVERS\bthmodem.sys
14:14:45.0787 5936	BTHMODEM - ok
14:14:45.0819 5936	BthPan          (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
14:14:45.0856 5936	BthPan - ok
14:14:45.0907 5936	BTHPORT         (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
14:14:45.0958 5936	BTHPORT - ok
14:14:46.0000 5936	BTHUSB          (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
14:14:46.0031 5936	BTHUSB - ok
14:14:46.0068 5936	btusbflt        (143f130d53cf9c6971c5404b92dd8d4b) C:\Windows\system32\drivers\btusbflt.sys
14:14:46.0101 5936	btusbflt - ok
14:14:46.0112 5936	btwaudio - ok
14:14:46.0141 5936	btwrchid - ok
14:14:46.0166 5936	cdfs            (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
14:14:46.0207 5936	cdfs - ok
14:14:46.0233 5936	cdrom           (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
14:14:46.0264 5936	cdrom - ok
14:14:46.0288 5936	circlass        (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys
14:14:46.0347 5936	circlass - ok
14:14:46.0372 5936	CLFS            (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
14:14:46.0403 5936	CLFS - ok
14:14:46.0436 5936	cmdide          (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
14:14:46.0451 5936	cmdide - ok
14:14:46.0471 5936	Compbatt        (0e77a445640bf310817f60941c50560c) C:\Windows\system32\drivers\compbatt.sys
14:14:46.0489 5936	Compbatt - ok
14:14:46.0511 5936	crcdisk         (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys
14:14:46.0536 5936	crcdisk - ok
14:14:46.0582 5936	CSC             (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
14:14:46.0651 5936	CSC - ok
14:14:46.0686 5936	DfsC            (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
14:14:46.0723 5936	DfsC - ok
14:14:46.0754 5936	disk            (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
14:14:46.0773 5936	disk - ok
14:14:46.0797 5936	drmkaud         (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
14:14:46.0825 5936	drmkaud - ok
14:14:46.0851 5936	dump_wmimmc - ok
14:14:46.0900 5936	DXGKrnl         (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
14:14:46.0948 5936	DXGKrnl - ok
14:14:46.0970 5936	E1G60           (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys
14:14:47.0029 5936	E1G60 - ok
14:14:47.0052 5936	Ecache          (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
14:14:47.0076 5936	Ecache - ok
14:14:47.0118 5936	elxstor         (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys
14:14:47.0155 5936	elxstor - ok
14:14:47.0203 5936	ewusbnet        (0b8880f8d9a781670557307e2bca6bd6) C:\Windows\system32\DRIVERS\ewusbnet.sys
14:14:47.0236 5936	ewusbnet - ok
14:14:47.0273 5936	ew_hwusbdev     (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:14:47.0299 5936	ew_hwusbdev - ok
14:14:47.0346 5936	exfat           (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
14:14:47.0388 5936	exfat - ok
14:14:47.0420 5936	fastfat         (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
14:14:47.0457 5936	fastfat - ok
14:14:47.0483 5936	fdc             (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
14:14:47.0521 5936	fdc - ok
14:14:47.0555 5936	FileInfo        (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
14:14:47.0575 5936	FileInfo - ok
14:14:47.0603 5936	Filetrace       (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
14:14:47.0641 5936	Filetrace - ok
14:14:47.0693 5936	flpydisk        (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:14:47.0729 5936	flpydisk - ok
14:14:47.0760 5936	FltMgr          (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
14:14:47.0789 5936	FltMgr - ok
14:14:47.0841 5936	Fs_Rec          (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
14:14:47.0870 5936	Fs_Rec - ok
14:14:47.0906 5936	FTDIBUS         (0f210048c6bfbfbc0f50816bce40b575) C:\Windows\system32\drivers\ftdibus.sys
14:14:47.0923 5936	FTDIBUS - ok
14:14:47.0946 5936	FTSER2K         (814f098b02095814a8bebbf86d13fc90) C:\Windows\system32\drivers\ftser2k.sys
14:14:47.0961 5936	FTSER2K - ok
14:14:47.0992 5936	fvevol          (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
14:14:48.0015 5936	fvevol - ok
14:14:48.0043 5936	gagp30kx        (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys
14:14:48.0061 5936	gagp30kx - ok
14:14:48.0100 5936	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:14:48.0118 5936	GEARAspiWDM - ok
14:14:48.0204 5936	HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
14:14:48.0241 5936	HdAudAddService - ok
14:14:48.0292 5936	HDAudBus        (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:14:48.0371 5936	HDAudBus - ok
14:14:48.0390 5936	HidBth          (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
14:14:48.0447 5936	HidBth - ok
14:14:48.0464 5936	HidIr           (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
14:14:48.0530 5936	HidIr - ok
14:14:48.0573 5936	HidUsb          (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
14:14:48.0606 5936	HidUsb - ok
14:14:48.0631 5936	HpCISSs         (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys
14:14:48.0661 5936	HpCISSs - ok
14:14:48.0699 5936	HTCAND64        (894a75a3d6bfd97d73bf60d3022b567a) C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:14:48.0726 5936	HTCAND64 - ok
14:14:48.0761 5936	htcnprot        (4f6c3122817049997cd696d4a38bfacb) C:\Windows\system32\DRIVERS\htcnprot.sys
14:14:48.0778 5936	htcnprot - ok
14:14:48.0819 5936	HTTP            (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
14:14:48.0874 5936	HTTP - ok
14:14:48.0905 5936	huawei_enumerator (2342e7fecca0d4e31bea5ff6a4e20885) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:14:48.0943 5936	huawei_enumerator - ok
14:14:48.0974 5936	hwdatacard      (f47f112dc883f7a9e4618a006cc6de1b) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:14:49.0013 5936	hwdatacard - ok
14:14:49.0039 5936	hwusbfake       (b45b3647ba32749b94fa689175ec8c26) C:\Windows\system32\DRIVERS\ewusbfake.sys
14:14:49.0071 5936	hwusbfake - ok
14:14:49.0093 5936	i2omp           (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys
14:14:49.0110 5936	i2omp - ok
14:14:49.0143 5936	i8042prt        (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
14:14:49.0176 5936	i8042prt - ok
14:14:49.0200 5936	iaStorV         (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys
14:14:49.0228 5936	iaStorV - ok
14:14:49.0256 5936	iirsp           (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
14:14:49.0274 5936	iirsp - ok
14:14:49.0301 5936	intelide        (36a266c673812878996f72b200203fbb) C:\Windows\system32\drivers\intelide.sys
14:14:49.0318 5936	intelide - ok
14:14:49.0348 5936	intelppm        (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
14:14:49.0387 5936	intelppm - ok
14:14:49.0428 5936	IpFilterDriver  (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:49.0462 5936	IpFilterDriver - ok
14:14:49.0478 5936	IpInIp - ok
14:14:49.0500 5936	IPMIDRV         (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys
14:14:49.0560 5936	IPMIDRV - ok
14:14:49.0591 5936	IPNAT           (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
14:14:49.0639 5936	IPNAT - ok
14:14:49.0681 5936	iPodDrv         (02def37ab75e0032c50724646f708de8) C:\Windows\system32\drivers\iPodDrv.sys
14:14:49.0709 5936	iPodDrv - ok
14:14:49.0731 5936	IRENUM          (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
14:14:49.0771 5936	IRENUM - ok
14:14:49.0787 5936	isapnp          (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys
14:14:49.0804 5936	isapnp - ok
14:14:49.0834 5936	iScsiPrt        (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
14:14:49.0860 5936	iScsiPrt - ok
14:14:49.0882 5936	iteatapi        (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
14:14:49.0899 5936	iteatapi - ok
14:14:49.0916 5936	iteraid         (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
14:14:49.0933 5936	iteraid - ok
14:14:49.0953 5936	kbdclass        (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
14:14:49.0971 5936	kbdclass - ok
14:14:49.0996 5936	kbdhid          (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
14:14:50.0027 5936	kbdhid - ok
14:14:50.0081 5936	KSecDD          (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
14:14:50.0129 5936	KSecDD - ok
14:14:50.0169 5936	ksthunk         (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
14:14:50.0209 5936	ksthunk - ok
14:14:50.0266 5936	LGBusEnum       (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
14:14:50.0284 5936	LGBusEnum - ok
14:14:50.0328 5936	lgmcbus         (13424eaf5c4cb5bab7a2d283cb4904fd) C:\Windows\system32\DRIVERS\lgmcbus.sys
14:14:50.0350 5936	lgmcbus - ok
14:14:50.0394 5936	lgmcmdfl        (d4bba6bd8d44baffe8b6ee4036e79248) C:\Windows\system32\DRIVERS\lgmcmdfl.sys
14:14:50.0419 5936	lgmcmdfl - ok
14:14:50.0444 5936	lgmcmdm         (2241984e3c04fd7c43d57d89d379a6d8) C:\Windows\system32\DRIVERS\lgmcmdm.sys
14:14:50.0465 5936	lgmcmdm - ok
14:14:50.0492 5936	lgmcmgmt        (44b32ad57019853a86faaf310b58c818) C:\Windows\system32\DRIVERS\lgmcmgmt.sys
14:14:50.0512 5936	lgmcmgmt - ok
14:14:50.0544 5936	lgmcnd5         (a6c32671fe8d2a34c9cb136765a57d51) C:\Windows\system32\DRIVERS\lgmcnd5.sys
14:14:50.0559 5936	lgmcnd5 - ok
14:14:50.0585 5936	lgmcobex        (a12586fad733a117faeee17081d267bb) C:\Windows\system32\DRIVERS\lgmcobex.sys
14:14:50.0604 5936	lgmcobex - ok
14:14:50.0634 5936	lgmcunic        (0adf858b34be72daf81d9a2cc46f7fdb) C:\Windows\system32\DRIVERS\lgmcunic.sys
14:14:50.0653 5936	lgmcunic - ok
14:14:50.0677 5936	LGVirHid        (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
14:14:50.0692 5936	LGVirHid - ok
14:14:50.0728 5936	LHidFilt        (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:14:50.0744 5936	LHidFilt - ok
14:14:50.0771 5936	lltdio          (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
14:14:50.0810 5936	lltdio - ok
14:14:50.0831 5936	LMouFilt        (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:14:50.0849 5936	LMouFilt - ok
14:14:50.0879 5936	LSI_FC          (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys
14:14:50.0896 5936	LSI_FC - ok
14:14:50.0932 5936	LSI_SAS         (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys
14:14:50.0949 5936	LSI_SAS - ok
14:14:50.0965 5936	LSI_SCSI        (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys
14:14:50.0983 5936	LSI_SCSI - ok
14:14:51.0015 5936	luafv           (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
14:14:51.0059 5936	luafv - ok
14:14:51.0091 5936	megasas         (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys
14:14:51.0107 5936	megasas - ok
14:14:51.0134 5936	Modem           (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
14:14:51.0172 5936	Modem - ok
14:14:51.0202 5936	monitor         (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
14:14:51.0238 5936	monitor - ok
14:14:51.0269 5936	motccgp         (338ba6b7170111edc2e43b5b4eaf17df) C:\Windows\system32\DRIVERS\motccgp.sys
14:14:51.0302 5936	motccgp - ok
14:14:51.0330 5936	motccgpfl       (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
14:14:51.0358 5936	motccgpfl - ok
14:14:51.0395 5936	MotDev          (3cc500c9b0e4d476802d277353cb2c89) C:\Windows\system32\DRIVERS\motodrv.sys
14:14:51.0432 5936	MotDev - ok
14:14:51.0457 5936	motmodem        (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motmodem.sys
14:14:51.0490 5936	motmodem - ok
14:14:51.0522 5936	MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
14:14:51.0545 5936	MotoSwitchService - ok
14:14:51.0568 5936	Motousbnet      (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys
14:14:51.0591 5936	Motousbnet - ok
14:14:51.0615 5936	motusbdevice    (307727f9829fb46ff4be0e4d1dac5002) C:\Windows\system32\DRIVERS\motusbdevice.sys
14:14:51.0650 5936	motusbdevice - ok
14:14:51.0669 5936	mouclass        (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
14:14:51.0688 5936	mouclass - ok
14:14:51.0703 5936	mouhid          (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
14:14:51.0743 5936	mouhid - ok
14:14:51.0773 5936	MountMgr        (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
14:14:51.0793 5936	MountMgr - ok
14:14:51.0835 5936	MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
14:14:51.0861 5936	MpFilter - ok
14:14:51.0878 5936	mpio            (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys
14:14:51.0895 5936	mpio - ok
14:14:51.0931 5936	MpNWMon         (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
14:14:51.0951 5936	MpNWMon - ok
14:14:51.0980 5936	mpsdrv          (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
14:14:52.0013 5936	mpsdrv - ok
14:14:52.0037 5936	Mraid35x        (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
14:14:52.0053 5936	Mraid35x - ok
14:14:52.0070 5936	MRxDAV          (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
14:14:52.0106 5936	MRxDAV - ok
14:14:52.0136 5936	mrxsmb          (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:52.0164 5936	mrxsmb - ok
14:14:52.0193 5936	mrxsmb10        (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:52.0219 5936	mrxsmb10 - ok
14:14:52.0240 5936	mrxsmb20        (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:52.0272 5936	mrxsmb20 - ok
14:14:52.0291 5936	msahci          (eeadf970795148bfbb1db3abcc89c16b) C:\Windows\system32\drivers\msahci.sys
14:14:52.0307 5936	msahci - ok
14:14:52.0345 5936	msdsm           (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys
14:14:52.0363 5936	msdsm - ok
14:14:52.0396 5936	Msfs            (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
14:14:52.0432 5936	Msfs - ok
14:14:52.0462 5936	msisadrv        (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
14:14:52.0479 5936	msisadrv - ok
14:14:52.0509 5936	MSKSSRV         (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
14:14:52.0559 5936	MSKSSRV - ok
14:14:52.0582 5936	MSPCLOCK        (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:52.0621 5936	MSPCLOCK - ok
14:14:52.0638 5936	MSPQM           (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
14:14:52.0677 5936	MSPQM - ok
14:14:52.0705 5936	MsRPC           (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
14:14:52.0736 5936	MsRPC - ok
14:14:52.0757 5936	mssmbios        (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
14:14:52.0776 5936	mssmbios - ok
14:14:52.0801 5936	MSTEE           (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
14:14:52.0839 5936	MSTEE - ok
14:14:52.0861 5936	MTsensor        (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
14:14:52.0877 5936	MTsensor - ok
14:14:52.0899 5936	Mup             (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
14:14:52.0920 5936	Mup - ok
14:14:52.0955 5936	NativeWifiP     (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
14:14:52.0981 5936	NativeWifiP - ok
14:14:53.0027 5936	NDIS            (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
14:14:53.0071 5936	NDIS - ok
14:14:53.0096 5936	NdisTapi        (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:53.0128 5936	NdisTapi - ok
14:14:53.0156 5936	Ndisuio         (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:53.0199 5936	Ndisuio - ok
14:14:53.0226 5936	NdisWan         (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:53.0260 5936	NdisWan - ok
14:14:53.0286 5936	NDProxy         (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
14:14:53.0316 5936	NDProxy - ok
14:14:53.0348 5936	Nearagonser - ok
14:14:53.0364 5936	NetBIOS         (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
14:14:53.0401 5936	NetBIOS - ok
14:14:53.0429 5936	netbt           (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
14:14:53.0474 5936	netbt - ok
14:14:53.0507 5936	nfrd960         (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
14:14:53.0525 5936	nfrd960 - ok
14:14:53.0563 5936	NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:14:53.0583 5936	NisDrv - ok
14:14:53.0628 5936	nmwcdcx64       (02c1198276c0d4f39e54eb5148af1e2a) C:\Windows\system32\drivers\ccdcmbox64.sys
14:14:53.0667 5936	nmwcdcx64 - ok
14:14:53.0697 5936	nmwcdx64        (d8f00fcc82451bdaa3db93bb62ae6ac3) C:\Windows\system32\drivers\ccdcmbx64.sys
14:14:53.0727 5936	nmwcdx64 - ok
14:14:53.0750 5936	Npfs            (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
14:14:53.0783 5936	Npfs - ok
14:14:53.0823 5936	NPPTNT2 - ok
14:14:53.0856 5936	nsiproxy        (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
14:14:53.0902 5936	nsiproxy - ok
14:14:53.0972 5936	Ntfs            (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
14:14:54.0047 5936	Ntfs - ok
14:14:54.0067 5936	Null            (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
14:14:54.0107 5936	Null - ok
14:14:54.0182 5936	NVENETFD        (99ed33f7fe39026a477893d92aea5ef0) C:\Windows\system32\DRIVERS\nvmfdx64.sys
14:14:54.0278 5936	NVENETFD - ok
14:14:54.0561 5936	nvlddmkm        (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:14:55.0734 5936	nvlddmkm - ok
14:14:55.0756 5936	nvraid          (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys
14:14:55.0777 5936	nvraid - ok
14:14:55.0795 5936	nvstor          (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys
14:14:55.0812 5936	nvstor - ok
14:14:55.0836 5936	nvstor64        (e87e17e9fd94ee9f0dbde4b6ad882f26) C:\Windows\system32\DRIVERS\nvstor64.sys
14:14:55.0853 5936	nvstor64 - ok
14:14:55.0893 5936	NwlnkFlt - ok
14:14:55.0909 5936	NwlnkFwd - ok
14:14:55.0939 5936	ohci1394        (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
14:14:55.0979 5936	ohci1394 - ok
14:14:56.0014 5936	Parport         (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
14:14:56.0068 5936	Parport - ok
14:14:56.0095 5936	partmgr         (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
14:14:56.0116 5936	partmgr - ok
14:14:56.0140 5936	PCASp50a64 - ok
14:14:56.0175 5936	pccsmcfd        (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:14:56.0201 5936	pccsmcfd - ok
14:14:56.0221 5936	pci             (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
14:14:56.0246 5936	pci - ok
14:14:56.0263 5936	pciide          (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
14:14:56.0281 5936	pciide - ok
14:14:56.0301 5936	pcmcia          (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
14:14:56.0332 5936	pcmcia - ok
14:14:56.0365 5936	PEAUTH          (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
14:14:56.0442 5936	PEAUTH - ok
14:14:56.0503 5936	PptpMiniport    (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
14:14:56.0535 5936	PptpMiniport - ok
14:14:56.0555 5936	Processor       (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys
14:14:56.0606 5936	Processor - ok
14:14:56.0639 5936	PSched          (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
14:14:56.0671 5936	PSched - ok
14:14:56.0698 5936	PSSDK42         (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys
14:14:56.0723 5936	PSSDK42 - ok
14:14:56.0765 5936	ql2300          (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys
14:14:56.0823 5936	ql2300 - ok
14:14:56.0843 5936	ql40xx          (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
14:14:56.0861 5936	ql40xx - ok
14:14:56.0889 5936	QWAVEdrv        (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
14:14:56.0928 5936	QWAVEdrv - ok
14:14:56.0971 5936	RasAcd          (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
14:14:57.0007 5936	RasAcd - ok
14:14:57.0031 5936	Rasl2tp         (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:14:57.0063 5936	Rasl2tp - ok
14:14:57.0087 5936	RasPppoe        (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
14:14:57.0116 5936	RasPppoe - ok
14:14:57.0146 5936	RasSstp         (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
14:14:57.0177 5936	RasSstp - ok
14:14:57.0211 5936	rdbss           (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
14:14:57.0248 5936	rdbss - ok
14:14:57.0276 5936	RDPCDD          (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:14:57.0312 5936	RDPCDD - ok
14:14:57.0341 5936	rdpdr           (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
14:14:57.0382 5936	rdpdr - ok
14:14:57.0393 5936	RDPENCDD        (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
14:14:57.0430 5936	RDPENCDD - ok
14:14:57.0456 5936	RDPWD           (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
14:14:57.0491 5936	RDPWD - ok
14:14:57.0528 5936	RFCOMM          (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
14:14:57.0562 5936	RFCOMM - ok
14:14:57.0592 5936	rspndr          (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
14:14:57.0631 5936	rspndr - ok
14:14:57.0654 5936	sbp2port        (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
14:14:57.0672 5936	sbp2port - ok
14:14:57.0698 5936	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:14:57.0749 5936	secdrv - ok
14:14:57.0778 5936	Serenum         (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\DRIVERS\serenum.sys
14:14:57.0828 5936	Serenum - ok
14:14:57.0852 5936	Serial          (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
14:14:57.0904 5936	Serial - ok
14:14:57.0929 5936	sermouse        (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
14:14:57.0965 5936	sermouse - ok
14:14:57.0994 5936	sffdisk         (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys
14:14:58.0044 5936	sffdisk - ok
14:14:58.0064 5936	sffp_mmc        (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys
14:14:58.0114 5936	sffp_mmc - ok
14:14:58.0135 5936	sffp_sd         (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys
14:14:58.0189 5936	sffp_sd - ok
14:14:58.0206 5936	sfloppy         (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
14:14:58.0257 5936	sfloppy - ok
14:14:58.0297 5936	SI3132          (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\DRIVERS\SI3132.sys
14:14:58.0321 5936	SI3132 - ok
14:14:58.0349 5936	SiFilter        (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:14:58.0363 5936	SiFilter - ok
14:14:58.0389 5936	SiRemFil        (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\DRIVERS\SiRemFil.sys
14:14:58.0404 5936	SiRemFil - ok
14:14:58.0424 5936	SiSRaid2        (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys
14:14:58.0440 5936	SiSRaid2 - ok
14:14:58.0459 5936	SiSRaid4        (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys
14:14:58.0476 5936	SiSRaid4 - ok
14:14:58.0513 5936	Smb             (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
14:14:58.0549 5936	Smb - ok
14:14:58.0595 5936	snapman         (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
14:14:58.0618 5936	snapman - ok
14:14:58.0642 5936	spldr           (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
14:14:58.0662 5936	spldr - ok
14:14:58.0711 5936	sptd            (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
14:14:58.0711 5936	Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
14:14:58.0712 5936	sptd ( LockedFile.Multi.Generic ) - warning
14:14:58.0713 5936	sptd - detected LockedFile.Multi.Generic (1)
14:14:58.0759 5936	srv             (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
14:14:58.0837 5936	srv - ok
14:14:58.0878 5936	srv2            (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
14:14:58.0929 5936	srv2 - ok
14:14:58.0949 5936	srvnet          (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
14:14:58.0978 5936	srvnet - ok
14:14:59.0018 5936	swenum          (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
14:14:59.0033 5936	swenum - ok
14:14:59.0054 5936	Symc8xx         (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
14:14:59.0070 5936	Symc8xx - ok
14:14:59.0088 5936	Sym_hi          (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
14:14:59.0104 5936	Sym_hi - ok
14:14:59.0120 5936	Sym_u3          (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
14:14:59.0137 5936	Sym_u3 - ok
14:14:59.0172 5936	taphss          (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
14:14:59.0188 5936	taphss - ok
14:14:59.0244 5936	tbhsd           (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
14:14:59.0262 5936	tbhsd - ok
14:14:59.0337 5936	Tcpip           (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys
14:14:59.0411 5936	Tcpip - ok
14:14:59.0457 5936	Tcpip6          (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys
14:14:59.0527 5936	Tcpip6 - ok
14:14:59.0547 5936	tcpipreg        (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys
14:14:59.0577 5936	tcpipreg - ok
14:14:59.0601 5936	TDPIPE          (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
14:14:59.0637 5936	TDPIPE - ok
14:14:59.0652 5936	TDTCP           (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
14:14:59.0700 5936	TDTCP - ok
14:14:59.0725 5936	tdx             (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
14:14:59.0756 5936	tdx - ok
14:14:59.0776 5936	TermDD          (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
14:14:59.0797 5936	TermDD - ok
14:14:59.0833 5936	tifsfilter      (fe95379561b6554611f47e29f48ee931) C:\Windows\system32\DRIVERS\tifsfilt.sys
14:14:59.0851 5936	tifsfilter - ok
14:14:59.0884 5936	timounter       (2d0dc8f1578cf9c1434fd41de46fa00a) C:\Windows\system32\DRIVERS\timntr.sys
14:14:59.0930 5936	timounter - ok
14:14:59.0949 5936	truecrypt - ok
14:14:59.0984 5936	tssecsrv        (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:15:00.0020 5936	tssecsrv - ok
14:15:00.0036 5936	tunmp           (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
14:15:00.0066 5936	tunmp - ok
14:15:00.0089 5936	tunnel          (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
14:15:00.0119 5936	tunnel - ok
14:15:00.0143 5936	uagp35          (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\drivers\uagp35.sys
14:15:00.0161 5936	uagp35 - ok
14:15:00.0192 5936	udfs            (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
14:15:00.0229 5936	udfs - ok
14:15:00.0254 5936	uliagpkx        (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys
14:15:00.0272 5936	uliagpkx - ok
14:15:00.0295 5936	uliahci         (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys
14:15:00.0317 5936	uliahci - ok
14:15:00.0338 5936	UlSata          (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
14:15:00.0357 5936	UlSata - ok
14:15:00.0384 5936	ulsata2         (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
14:15:00.0404 5936	ulsata2 - ok
14:15:00.0435 5936	umbus           (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
14:15:00.0471 5936	umbus - ok
14:15:00.0522 5936	upperdev        (9856c38ab8faacca4dd99dac7b42f838) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:15:00.0549 5936	upperdev - ok
14:15:00.0581 5936	USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:15:00.0623 5936	USBAAPL64 - ok
14:15:00.0649 5936	usbccgp         (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
14:15:00.0679 5936	usbccgp - ok
14:15:00.0701 5936	usbcir          (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
14:15:00.0755 5936	usbcir - ok
14:15:00.0771 5936	usbehci         (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
14:15:00.0801 5936	usbehci - ok
14:15:00.0826 5936	usbhub          (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
14:15:00.0864 5936	usbhub - ok
14:15:00.0880 5936	usbohci         (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
14:15:00.0916 5936	usbohci - ok
14:15:00.0936 5936	usbprint        (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
14:15:00.0972 5936	usbprint - ok
14:15:01.0006 5936	usbscan         (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
14:15:01.0036 5936	usbscan - ok
14:15:01.0067 5936	usbser          (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\drivers\usbser.sys
14:15:01.0103 5936	usbser - ok
14:15:01.0132 5936	UsbserFilt      (89123dc822ac7a708bd4c9e196a37610) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
14:15:01.0157 5936	UsbserFilt - ok
14:15:01.0176 5936	USBSTOR         (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:15:01.0208 5936	USBSTOR - ok
14:15:01.0228 5936	usbuhci         (7bf55d2538740b25936e93553e5d190d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:15:01.0277 5936	usbuhci - ok
14:15:01.0314 5936	usb_rndisx      (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
14:15:01.0342 5936	usb_rndisx - ok
14:15:01.0383 5936	VClone          (c5e70c4e64666db9d69c9f2fdae22428) C:\Windows\system32\DRIVERS\VClone.sys
14:15:01.0412 5936	VClone - ok
14:15:01.0444 5936	vga             (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
14:15:01.0480 5936	vga - ok
14:15:01.0513 5936	VgaSave         (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
14:15:01.0549 5936	VgaSave - ok
14:15:01.0578 5936	viaide          (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
14:15:01.0593 5936	viaide - ok
14:15:01.0643 5936	vodafone_K3805-z_dc_enum (107972886ec42b82d839605a726d61f1) C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
14:15:01.0673 5936	vodafone_K3805-z_dc_enum - ok
14:15:01.0700 5936	volmgr          (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
14:15:01.0721 5936	volmgr - ok
14:15:01.0752 5936	volmgrx         (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
14:15:01.0782 5936	volmgrx - ok
14:15:01.0814 5936	volsnap         (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
14:15:01.0840 5936	volsnap - ok
14:15:01.0865 5936	vsmraid         (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys
14:15:01.0883 5936	vsmraid - ok
14:15:01.0910 5936	WacomPen        (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
14:15:01.0961 5936	WacomPen - ok
14:15:01.0988 5936	Wanarp          (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:02.0029 5936	Wanarp - ok
14:15:02.0033 5936	Wanarpv6        (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:02.0067 5936	Wanarpv6 - ok
14:15:02.0104 5936	Wd              (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys
14:15:02.0120 5936	Wd - ok
14:15:02.0166 5936	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:15:02.0209 5936	Wdf01000 - ok
14:15:02.0262 5936	WmiAcpi         (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys
14:15:02.0313 5936	WmiAcpi - ok
14:15:02.0364 5936	WpdUsb          (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
14:15:02.0395 5936	WpdUsb - ok
14:15:02.0427 5936	ws2ifsl         (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
14:15:02.0470 5936	ws2ifsl - ok
14:15:02.0521 5936	WUDFRd          (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:15:02.0561 5936	WUDFRd - ok
14:15:02.0637 5936	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:15:02.0756 5936	\Device\Harddisk0\DR0 - ok
14:15:02.0768 5936	MBR (0x1B8)     (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
14:15:02.0808 5936	\Device\Harddisk1\DR1 - ok
14:15:02.0822 5936	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
14:15:02.0890 5936	\Device\Harddisk2\DR2 - ok
14:15:02.0893 5936	Boot (0x1200)   (d34a71973a4b09188f63935ff862a384) \Device\Harddisk0\DR0\Partition0
14:15:02.0895 5936	\Device\Harddisk0\DR0\Partition0 - ok
14:15:02.0935 5936	Boot (0x1200)   (98a1fe948625d6b6226fc305b756b779) \Device\Harddisk0\DR0\Partition1
14:15:02.0935 5936	\Device\Harddisk0\DR0\Partition1 - ok
14:15:02.0947 5936	Boot (0x1200)   (1c1ccee7eb9ad72dd2d60949fdc1f33c) \Device\Harddisk1\DR1\Partition0
14:15:02.0948 5936	\Device\Harddisk1\DR1\Partition0 - ok
14:15:02.0960 5936	Boot (0x1200)   (9b97f2d95e95a9eb329f22423bd07bfb) \Device\Harddisk1\DR1\Partition1
14:15:02.0960 5936	\Device\Harddisk1\DR1\Partition1 - ok
14:15:02.0991 5936	Boot (0x1200)   (3411e83fcf80683ebb361cf1188ac746) \Device\Harddisk2\DR2\Partition0
14:15:02.0991 5936	\Device\Harddisk2\DR2\Partition0 - ok
14:15:03.0013 5936	Boot (0x1200)   (6e07eae6253397aee0102363441f01d0) \Device\Harddisk2\DR2\Partition1
14:15:03.0014 5936	\Device\Harddisk2\DR2\Partition1 - ok
14:15:03.0014 5936	============================================================
14:15:03.0014 5936	Scan finished
14:15:03.0014 5936	============================================================
14:15:03.0023 5136	Detected object count: 1
14:15:03.0023 5136	Actual detected object count: 1
14:15:22.0239 5136	sptd ( LockedFile.Multi.Generic ) - skipped by user
14:15:22.0239 5136	sptd ( LockedFile.Multi.Generic ) - User select action: Skip
         

Antwort

Themen zu Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)
0x00000001, 64-bit, 7-zip, alternate, bho, blockiert, bonjour, browser, downloader, error, eset nod32, euro, flash player, free download, google, google earth, hotspot, hotspot shield, iexplore.exe, install.exe, intranet, kaspersky, microsoft security, mozilla, mozilla thunderbird, myphoneexplorer, nvidia update, object, origin, picasa, registry, scan, security, software, studio, svchost.exe, system, taskmanager, teamspeak, trojaner, viren, virus, vista, vodafone, warnhinweis, wurde ihr



Ähnliche Themen: Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)


  1. Trojaner, Achtung! Aus Sicherheitsgründen wurde ihr W.-System blockiert
    Log-Analyse und Auswertung - 06.06.2012 (41)
  2. Trojaner: Achtung aus sicherheitsgründen wurde Ihr System blockiert
    Log-Analyse und Auswertung - 15.05.2012 (5)
  3. Aus Sicherheitsgründen wurde ihr Windows System blockiert: 50 Euro zahlen
    Log-Analyse und Auswertung - 21.04.2012 (11)
  4. Achtung ! Aus Sicherheitsgründen wurde ihr Windows-System blockiert-Trojaner
    Log-Analyse und Auswertung - 02.03.2012 (10)
  5. 50 € Virus - Aus Sicherheitsgründen wurde ihr Windows System blockiert
    Log-Analyse und Auswertung - 29.02.2012 (30)
  6. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert. 50 Euro-Virus.
    Log-Analyse und Auswertung - 25.02.2012 (3)
  7. 50 Euro Virus - Ihr System wurde blockiert...
    Plagegeister aller Art und deren Bekämpfung - 20.02.2012 (23)
  8. Virus/ Trojaner: Achtung, aus Sicherheitsgründen wurde ihr System wurde Blockiert!
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (15)
  9. Ihr Windows-System wurde aus Sicherheitsgründen blockiert: Trojaner
    Plagegeister aller Art und deren Bekämpfung - 13.02.2012 (29)
  10. Aus Sicherheitsgründen wurde ihr Windows System blockiert: 50 Euro zahlen
    Log-Analyse und Auswertung - 13.02.2012 (4)
  11. 50€ virus => windows system wurde aus sicherheitsgründen blockiert
    Plagegeister aller Art und deren Bekämpfung - 06.02.2012 (1)
  12. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert. 50 Euro-Virus.
    Log-Analyse und Auswertung - 04.02.2012 (21)
  13. 50 Euro Virus "Ihr Windowssystem wurde aus Sicherheitsgründen blockiert"
    Log-Analyse und Auswertung - 01.02.2012 (8)
  14. Aus Sicherheitsgründen wurde ihr Windowssystem blockiert. 50 Euro-Virus.
    Plagegeister aller Art und deren Bekämpfung - 19.01.2012 (15)
  15. Aus sicherheitsgründen wurde Ihr Windowssystem blockiert zahle 50 Euro
    Plagegeister aller Art und deren Bekämpfung - 18.01.2012 (5)
  16. Achtung ! Aus Sicherheitsgründen wurde ihr Windows-System blockiert...... 50 Euro zahlen..........
    Log-Analyse und Auswertung - 26.12.2011 (16)
  17. virus aus sicherheitsgründen wurde das system blockiert
    Plagegeister aller Art und deren Bekämpfung - 21.12.2011 (7)

Zum Thema Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) - Hallo zusammen, nun hat es mich also auch einmal erwischt, nach vielen Jahren ohne Probleme mit Viren und Co. Gestern tauchte dann dieser Warnhinweis auf, Taskmanager und Co. gingen nicht - Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)...
Archiv
Du betrachtest: Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.