Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Browser funktionieren nicht

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.07.2012, 19:39   #1
dgd2511
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



Browser funktionierten nicht. Kurz die Eieruhr, dann nichts mehr.
Vom Stick - Portable Apps ging es.
Nach Boardeinträgen gesucht - Malwarebyre heruntergeladen - ANWEISUNGEN BEFOLGT UND ES GEHT WIEDER - Danke!!!:
hIER MEIN Log VON mALwRAEBYTE:

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.01.07

Windows XP Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
dirk :: DESK [Administrator]

Schutz: Aktiviert

01.07.2012 20:08:04
mbam-log-2012-07-01 (20-21-11).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 305158
Laufzeit: 9 Minute(n), 15 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCR\CLSID\{312BFDCE-A901-4203-B4F2-ADCB957D1887} (Trojan.FakeMS) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 10
C:\ProgramData\Windows\msseedir.dll (Trojan.FakeMS) -> Keine Aktion durchgeführt.
C:\Documents and Settings\dirk\AppData\Local\Temp\233o7hmt.exe (PUP.Adware.InstallCore) -> Keine Aktion durchgeführt.
C:\Documents and Settings\dirk\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe (PUP.Adware.InstallCore) -> Keine Aktion durchgeführt.
C:\Users\dirk\AppData\Local\Temp\233o7hmt.exe (PUP.Adware.InstallCore) -> Keine Aktion durchgeführt.
C:\Users\dirk\AppData\Local\Temp\ICReinstall_DownloadManagerSetup.exe (PUP.Adware.InstallCore) -> Keine Aktion durchgeführt.
C:\Documents and Settings\dirk\Downloads\DownloadManagerSetup.exe (PUP.Adware.InstallCore) -> Keine Aktion durchgeführt.
C:\Users\dirk\Downloads\DownloadManagerSetup.exe (PUP.Adware.InstallCore) -> Keine Aktion durchgeführt.
C:\ProgramData\Windows\ccdxmmde.dat (Malware.Trace) -> Keine Aktion durchgeführt.
C:\ProgramData\Windows\drss.dat (Malware.Trace) -> Keine Aktion durchgeführt.
C:\ProgramData\Windows\xessmsxe.dat (Malware.Trace) -> Keine Aktion durchgeführt.

(Ende)

Alle gelöscht und es geht wieder.

Vielleicht hab ich was übersehen -

Schaut mal drüber und ne Info wäre nett!


Alt 01.07.2012, 19:44   #2
markusg
/// Malware-holic
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________

Alt 02.07.2012, 18:58   #3
dgd2511
 
Browser funktionieren nicht - Beitrag

Browser funktionieren nicht



Hallo markusg

Danke für die schnelle Antort. Alles erledigt. Nur.....

Zitat:
Kopiere nun den Inhalt in die
Textbox.
Wo finde ich die?
Danke.

Wer lesen kann ist klar im Vorteil

hier die scansOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 02.07.2012 20:04:26 - Run 2
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\~\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,75 Gb Total Physical Memory | 12,77 Gb Available Physical Memory | 81,08% Memory free
31,50 Gb Paging File | 28,27 Gb Available in Paging File | 89,76% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 336,51 Gb Free Space | 72,25% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 147,72 Gb Free Space | 31,72% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 13,20 Gb Free Space | 2,83% Space Free | Partition Type: NTFS
Drive F: | 3,75 Gb Total Space | 1,28 Gb Free Space | 34,23% Space Free | Partition Type: FAT32
Drive S: | 640,62 Gb Total Space | 470,91 Gb Free Space | 73,51% Space Free | Partition Type: NTFS
Drive T: | 756,64 Gb Total Space | 179,96 Gb Free Space | 23,78% Space Free | Partition Type: NTFS
Drive U: | 232,88 Gb Total Space | 105,04 Gb Free Space | 45,10% Space Free | Partition Type: NTFS
Drive Z: | 4,88 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DESK | User Name: ~ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\~\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\ProgDVB\ProgLauncher.exe ()
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Windows\TeViiRC.exe (TeVii Technology Ltd.)
PRC - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.)
PRC - C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()
PRC - C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe (Citrix Systems, Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Psion\PsiWin\Psconsv.exe (Symbian Ltd.)
PRC - C:\PROGRA~2\Psion\PsiWin\Elogerr.exe (Symbian Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\SiteSafety.dll ()
MOD - C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll ()
MOD - C:\Program Files (x86)\ProgDVB\ProgLauncher.exe ()
MOD - C:\Program Files (x86)\ProgDVB\Modules\tevii.ebda ()
MOD - C:\Program Files (x86)\ProgDVB\Modules\bda.device ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll ()
MOD - C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll ()
MOD - C:\Program Files (x86)\Tobit Radio.fx\Client\TOBITCLT.dll ()
MOD - C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client$.ger ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\SysWOW64\APOMngr.DLL ()
MOD - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\de-DE\THXAudio.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\UIAutomationTypes\3.0.0.0__31bf3856ad364e35\UIAutomationTypes.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\UIAutomationProvider\3.0.0.0__31bf3856ad364e35\UIAutomationProvider.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll ()
MOD - C:\Program Files (x86)\Psion\PsiWin\pwwpres.DLL ()
MOD - C:\Program Files (x86)\Psion\PsiWin\wprtsv.stm ()
MOD - C:\Program Files (x86)\Psion\PsiWin\PDRLIB.dll ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (vToolbarUpdater11.1.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe ()
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe (Microsoft Corporation.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (ProgDVBService) -- C:\Programme\ProgDVB\ProgDvbService.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Radio.fx) -- C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies LTD)
SRV - (IswSvc) -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe (Check Point Software Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (SAllBDA) -- C:\Windows\SysNative\drivers\TeViiS2.sys (TeVii Technology Ltd.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies LTD)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MPEVirtual) -- C:\Windows\SysNative\drivers\TeViiData64.sys (TeVii Technology, Ltd.)
DRV:64bit: - (RTLE8023x64) Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) -- C:\Windows\SysNative\drivers\Rtenic64.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (ahcix64) -- C:\Windows\SysNative\drivers\ahcix64.sys (Advanced Micro Devices, Inc)
DRV:64bit: - (ctxusbm) -- C:\Windows\SysNative\drivers\ctxusbm.sys (Citrix Systems, Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (Ph3xIB64) -- C:\Windows\SysNative\drivers\Ph3xIB64.sys (NXP Semiconductors)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH)
DRV - (a2injectiondriver) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys (Emsisoft GmbH)
DRV - (ISWKL) -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys (Check Point Software Technologies)
DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsi Software GmbH)
DRV - (a2util) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys (Emsi Software GmbH)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (CrystalSysInfo) -- C:\Programme\MediaCoder\SysInfoX64.sys ()
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 52 7F 34 52 6D F2 CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={E76B576D-539A-464C-9005-2E1104C00B69}&mid=47c49196507647d1ad65d16c6450c2c5-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=ts024&pr=sa&d=2012-02-23 23:16:53&v=10.0.0.7&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.web.de"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.1.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_32: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: d:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2012.03.10 00:32:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\11.1.0.7\ [2012.06.12 23:33:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2012.03.10 00:17:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.01 10:54:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.12 18:44:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Components: C:\Programme\Mozilla Thunderbird\components [2012.03.19 21:02:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Plugins: C:\Programme\Mozilla Thunderbird\plugins
 
[2012.07.01 10:44:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\~\AppData\Roaming\mozilla\Extensions
[2012.07.02 19:31:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\~\AppData\Roaming\mozilla\Firefox\Profiles\e4g1jgro.default\extensions
[2012.07.01 20:28:13 | 000,000,000 | ---D | M] (WOT) -- C:\Users\~\AppData\Roaming\mozilla\Firefox\Profiles\e4g1jgro.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012.07.01 10:54:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2009.09.13 00:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009.09.13 00:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009.09.13 00:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009.09.13 00:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009.09.13 00:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2009.09.13 00:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.12 23:32:48 | 000,003,768 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm-Sicherheit Toolbar) - {FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - C:\Program Files (x86)\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [TeViiRC] C:\Windows\TeViiRC.exe (TeVii Technology Ltd.)
O4:64bit: - HKLM..\Run: [THXCfg64] C:\Windows\SysNative\THXCfg64.DLL (Creative Technology Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [THX Audio Control Panel] C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ASRockIES] C:\Program Files (x86)\ASRock Utility\IES\AsrIes.exe (ASRock Incorporation)
O4 - HKCU..\Run: [ASRockOCTuner]  File not found
O4 - HKCU..\Run: [ProgLauncher] C:\Program Files (x86)\ProgDVB\ProgLauncher.exe ()
O4 - HKCU..\Run: [rfxsrvtray] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe (Tobit.Software)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [zASRockInstantBoot] C:\Program Files (x86)\ASRock Utility\InstantBoot\InstantBoot.exe (ASRock)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E73B34FE-B19A-4740-B9E9-D8AD8190A1AE}: NameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll ()
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.02.27 18:55:53 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk F:\
O32 - AutoRun File - [2011.01.15 20:23:08 | 000,000,000 | ---- | M] () - T:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2006.02.27 18:55:53 | 000,000,000 | ---- | M] () - U:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010.04.16 14:34:04 | 000,000,468 | R--- | M] () - Z:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010.04.16 14:34:04 | 000,000,012 | R--- | M] () - Z:\autorun.tag -- [ CDFS ]
O32 - AutoRun File - [2009.02.13 11:59:52 | 000,935,768 | R--- | M] (mirabyte GmbH & Co. KG) - Z:\autostart.exe -- [ CDFS ]
O33 - MountPoints2\{f54e8fdd-5b27-11e1-8c58-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f54e8fdd-5b27-11e1-8c58-806e6f6e6963}\Shell\AutoRun\command - "" = Z:\autostart.exe -- [2009.02.13 11:59:52 | 000,935,768 | R--- | M] (mirabyte GmbH & Co. KG)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9C03BBF0-26DE-132A-1334-99FFBE1463EE} - Themes Setup
ActiveX: {AAA6EDB8-0F92-EA7D-0963-FC0B6B9E1DC4} - Internet Explorer
ActiveX: {BB94C243-583F-B3E0-1D3C-19B247ADA04C} - Microsoft Windows Media Player 12.0
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Radio.fx.LNK - C:\PROGRA~2\TOBITR~1.FX\Client\RFX-CL~1.EXE - (Tobit.Software)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.02 19:30:23 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\~\Desktop\OTL.exe
[2012.07.01 20:05:45 | 000,000,000 | ---D | C] -- C:\Users\~\AppData\Roaming\Malwarebytes
[2012.07.01 20:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.01 20:05:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.01 20:05:35 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.01 20:05:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.01 19:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.07.01 19:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012.07.01 19:53:06 | 000,000,000 | ---D | C] -- C:\Users\~\Documents\Anti-Malware
[2012.07.01 18:49:44 | 000,000,000 | ---D | C] -- C:\Users\~\AppData\Roaming\AVG Secure Search
[2012.07.01 18:49:43 | 000,000,000 | ---D | C] -- C:\Users\~\AppData\Local\ZoneAlarm-Sicherheit
[2012.07.01 10:54:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.07.01 10:52:04 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.07.01 10:51:07 | 000,000,000 | ---D | C] -- C:\Users\~\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.01 10:51:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CCleaner
[2012.07.01 10:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.07.01 10:44:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.07.01 10:44:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.07.01 10:44:12 | 000,000,000 | ---D | C] -- C:\Users\~\AppData\Roaming\Mozilla
[2012.06.26 23:31:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows
[2012.06.23 11:28:28 | 000,000,000 | ---D | C] -- C:\Users\~\AppData\Local\Macromedia
[2012.06.17 21:14:00 | 000,000,000 | ---D | C] -- C:\Users\~\Desktop\GH
[2012.06.16 19:31:59 | 000,000,000 | ---D | C] -- C:\Users\~\Desktop\Musik ~
[2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\~\AppData\Local\CDRip.dll
[2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\~\AppData\Local\No23 Recorder.exe
[2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\~\AppData\Local\basscd.dll
[2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\~\AppData\Local\bass.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.02 19:55:42 | 000,003,758 | ---- | M] () -- C:\Users\~\Desktop\otlfix.jpg
[2012.07.02 19:45:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.02 19:34:43 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 19:34:43 | 000,021,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.02 19:33:06 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.02 19:33:06 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.02 19:33:06 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.02 19:33:06 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.02 19:33:06 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.02 19:30:27 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\~\Desktop\OTL.exe
[2012.07.02 19:26:53 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2012.07.02 19:26:36 | 000,015,672 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2012.07.02 19:26:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.02 19:25:50 | 4093,042,686 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.01 20:05:37 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.01 19:53:20 | 000,001,091 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.07.01 14:12:19 | 000,026,624 | ---- | M] () -- C:\Users\~\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.01 10:54:54 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.01 10:51:07 | 000,001,885 | ---- | M] () -- C:\Users\~\Desktop\CCleaner.lnk
[2012.07.01 10:44:49 | 000,001,258 | ---- | M] () -- C:\Users\~\Desktop\Spybot - Search & Destroy.lnk
[2012.06.29 22:17:59 | 000,002,092 | ---- | M] () -- C:\Users\~\Desktop\Avira Antivirus Premium 2012 Profil Suche nach Rootkits und aktiver Malware.LNK
[2012.06.23 12:14:05 | 000,659,458 | ---- | M] () -- C:\Users\~\Desktop\bart2.jpg
[2012.06.17 11:48:54 | 000,001,477 | ---- | M] () -- C:\Users\~\AppData\Local\RecConfig.xml
[2012.06.15 06:49:56 | 000,337,824 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2012.07.02 19:55:41 | 000,003,758 | ---- | C] () -- C:\Users\~\Desktop\otlfix.jpg
[2012.07.01 20:05:37 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.01 19:53:20 | 000,001,091 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.07.01 10:54:18 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.07.01 10:54:17 | 000,001,061 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.07.01 10:51:07 | 000,001,885 | ---- | C] () -- C:\Users\~\Desktop\CCleaner.lnk
[2012.07.01 10:44:49 | 000,001,258 | ---- | C] () -- C:\Users\~\Desktop\Spybot - Search & Destroy.lnk
[2012.06.29 22:17:59 | 000,002,092 | ---- | C] () -- C:\Users\~\Desktop\Avira Antivirus Premium 2012 Profil Suche nach Rootkits und aktiver Malware.LNK
[2012.06.23 12:14:05 | 000,659,458 | ---- | C] () -- C:\Users\~\Desktop\bart2.jpg
[2012.05.20 13:40:14 | 000,001,445 | ---- | C] () -- C:\Users\~\AppData\Local\recently-used.xbel
[2012.05.19 18:54:34 | 002,648,064 | ---- | C] () -- C:\Windows\SysWow64\dvmsg.dll
[2012.05.08 16:31:53 | 000,000,023 | ---- | C] () -- C:\Windows\dvzxlt.ini
[2012.04.29 00:24:58 | 000,012,569 | ---- | C] () -- C:\ProgramData\ndhlopzv.syn
[2012.04.28 22:52:15 | 000,004,982 | ---- | C] () -- C:\ProgramData\mxnhytee.feu
[2012.04.22 04:58:51 | 000,001,477 | ---- | C] () -- C:\Users\~\AppData\Local\RecConfig.xml
[2012.03.28 12:14:17 | 000,026,624 | ---- | C] () -- C:\Users\~\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.03.28 10:35:42 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.03.28 10:29:14 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.03.12 19:35:09 | 000,339,968 | ---- | C] () -- C:\Windows\vsnpstd.exe
[2012.03.12 19:35:09 | 000,015,541 | ---- | C] () -- C:\Windows\snpstd.ini
[2012.03.12 19:35:05 | 000,390,784 | ---- | C] () -- C:\Windows\SysWow64\drivers\snpstd.sys
[2012.03.12 19:35:03 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnpstd.dll
[2012.03.12 19:35:03 | 000,061,440 | ---- | C] ( ) -- C:\Windows\SysWow64\csnpstd.dll
[2012.03.12 19:35:03 | 000,036,864 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnpstd.dll
[2012.03.12 19:35:03 | 000,020,480 | ---- | C] () -- C:\Windows\usnpstd.exe
[2012.02.23 22:20:06 | 000,019,968 | ---- | C] () -- C:\Windows\SysWow64\cpuinf32.dll
[2012.02.23 22:19:32 | 000,002,856 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2012.02.20 22:56:04 | 000,001,112 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2012.02.20 22:56:04 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2012.02.20 22:56:04 | 000,001,099 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2012.02.20 22:56:01 | 000,181,760 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2012.02.20 22:56:01 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2012.02.20 22:31:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.02.20 22:29:51 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.02.19 22:02:36 | 001,499,556 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.07.12 02:13:18 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2007.08.13 17:46:00 | 000,155,136 | ---- | C] () -- C:\Users\~\AppData\Local\lame_enc.dll
[2006.10.26 01:06:48 | 000,064,000 | ---- | C] () -- C:\Users\~\AppData\Local\vorbisenc.dll
[2006.10.26 01:06:48 | 000,019,456 | ---- | C] () -- C:\Users\~\AppData\Local\vorbisfile.dll
[2006.10.26 01:06:46 | 000,143,872 | ---- | C] () -- C:\Users\~\AppData\Local\vorbis.dll
[2006.10.26 01:06:36 | 000,015,872 | ---- | C] () -- C:\Users\~\AppData\Local\ogg.dll
[2005.08.23 22:34:06 | 000,029,184 | ---- | C] () -- C:\Users\~\AppData\Local\no23xwrapper.dll
 
========== LOP Check ==========
 
[2012.05.08 19:00:15 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\Audacity
[2012.07.01 18:49:44 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\AVG Secure Search
[2012.03.28 10:59:10 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\Broad Intelligence
[2012.05.15 09:23:32 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\Canneverbe Limited
[2012.03.10 00:17:49 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\CheckPoint
[2012.04.29 00:16:34 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\DBC2F6FD-3140-41E0-A2A1-D6BAB77D5E21__F893F7CA-8278-41DF-A76F-CAF0437A90CD__
[2012.05.15 09:22:03 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\DeepBurner
[2012.05.07 12:03:30 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\FreePDF
[2012.03.06 03:56:29 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\ICAClient
[2012.06.29 22:09:15 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\IrfanView
[2012.03.19 21:02:20 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\Thunderbird
[2012.05.19 18:54:50 | 000,000,000 | ---D | M] -- C:\Users\~\AppData\Roaming\Tobit
[2012.05.08 16:15:25 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.02 19:26:53 | 000,000,408 | ---- | M] () -- C:\Windows\Tasks\SlimDrivers Startup.job
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.07.01 19:15:16 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.05.08 16:13:32 | 000,000,000 | ---D | M] -- C:\b669fa5aa6591a158d57d4fc3bf61d
[2012.02.19 20:30:43 | 000,000,000 | -HSD | M] -- C:\Boot
[2012.02.23 23:01:48 | 000,000,000 | ---D | M] -- C:\c3d927d4ee62956ece548762
[2012.06.13 23:34:17 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.02.19 20:39:54 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.05.23 22:10:24 | 000,000,000 | ---D | M] -- C:\EPOC
[2012.02.27 00:17:12 | 000,000,000 | ---D | M] -- C:\Kaspersky Rescue Disk 10.0
[2012.02.23 22:21:13 | 000,000,000 | ---D | M] -- C:\MAGIX
[2012.03.11 15:47:53 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2012.06.29 22:09:15 | 000,000,000 | ---D | M] -- C:\myTeVii
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.03.28 14:14:48 | 000,000,000 | ---D | M] -- C:\perseus
[2012.05.20 13:30:35 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.07.01 20:05:35 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.07.01 20:05:36 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.02.19 20:39:54 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.02.19 20:39:54 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.07.02 20:09:44 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.05.13 11:22:27 | 000,000,000 | R--D | M] -- C:\Users
[2012.07.01 18:22:53 | 000,000,000 | ---D | M] -- C:\Windows
[2012.02.19 20:19:34 | 000,000,000 | ---D | M] -- C:\Windows.old
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
[2007.01.18 21:09:54 | 000,623,616 | ---- | M] (Ivan Bischof ©2003 - 2005) -- C:\Users\~\AppData\Local\No23 Recorder.exe
 
< %systemroot%\*. /mp /s >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Documents and Settings\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120223T223002345078\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Documents and Settings\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120223T223002345078\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Documents and Settings\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T120023112705\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Documents and Settings\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T120023112705\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Documents and Settings\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T131619500767\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Documents and Settings\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T131619500767\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120223T223002345078\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120223T223002345078\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T120023112705\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T120023112705\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T131619500767\internal_ide_channel\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Users\~\AppData\Local\SlimWare Utilities Inc\SlimDrivers\Backups\20120225T131619500767\pci\cc_0101\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows.old\Windows\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows.old\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
 
< MD5 for: IASTORV.SYS  >
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
< %USERPROFILE%\*.* >
[2012.07.02 20:11:56 | 001,835,008 | -HS- | M] () -- C:\Users\~\ntuser.dat
[2012.07.02 20:11:56 | 000,262,144 | -HS- | M] () -- C:\Users\~\ntuser.dat.LOG1
[2012.02.19 20:40:00 | 000,000,000 | -HS- | M] () -- C:\Users\~\ntuser.dat.LOG2
[2012.02.19 20:57:13 | 000,065,536 | -HS- | M] () -- C:\Users\~\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf
[2012.02.19 20:57:13 | 000,524,288 | -HS- | M] () -- C:\Users\~\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms
[2012.02.19 20:57:13 | 000,524,288 | -HS- | M] () -- C:\Users\~\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms
[2012.04.23 00:29:46 | 000,065,536 | -HS- | M] () -- C:\Users\~\ntuser.dat{26f06e53-8c1e-11e1-92a3-002522b42b36}.TM.blf
[2012.04.23 00:29:46 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{26f06e53-8c1e-11e1-92a3-002522b42b36}.TMContainer00000000000000000001.regtrans-ms
[2012.04.23 00:29:46 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{26f06e53-8c1e-11e1-92a3-002522b42b36}.TMContainer00000000000000000002.regtrans-ms
[2012.02.29 00:02:51 | 000,065,536 | -HS- | M] () -- C:\Users\~\ntuser.dat{523097bc-624f-11e1-be25-8ce86f7edbdc}.TM.blf
[2012.02.29 00:02:51 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{523097bc-624f-11e1-be25-8ce86f7edbdc}.TMContainer00000000000000000001.regtrans-ms
[2012.02.29 00:02:51 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{523097bc-624f-11e1-be25-8ce86f7edbdc}.TMContainer00000000000000000002.regtrans-ms
[2012.02.19 22:31:36 | 000,065,536 | -HS- | M] () -- C:\Users\~\ntuser.dat{53a2719b-5b33-11e1-8690-002522b42b36}.TM.blf
[2012.02.19 22:31:36 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{53a2719b-5b33-11e1-8690-002522b42b36}.TMContainer00000000000000000001.regtrans-ms
[2012.02.19 22:31:36 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{53a2719b-5b33-11e1-8690-002522b42b36}.TMContainer00000000000000000002.regtrans-ms
[2012.02.28 20:02:26 | 000,065,536 | -HS- | M] () -- C:\Users\~\ntuser.dat{c1e35db8-6230-11e1-9092-002522b42b36}.TM.blf
[2012.02.28 20:02:26 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{c1e35db8-6230-11e1-9092-002522b42b36}.TMContainer00000000000000000001.regtrans-ms
[2012.02.28 20:02:26 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{c1e35db8-6230-11e1-9092-002522b42b36}.TMContainer00000000000000000002.regtrans-ms
[2012.07.01 18:09:32 | 000,065,536 | -HS- | M] () -- C:\Users\~\ntuser.dat{e3ae7e5e-c390-11e1-9788-002522b42b36}.TM.blf
[2012.07.01 18:09:32 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{e3ae7e5e-c390-11e1-9788-002522b42b36}.TMContainer00000000000000000001.regtrans-ms
[2012.07.01 18:09:32 | 000,524,288 | -HS- | M] () -- C:\Users\~\ntuser.dat{e3ae7e5e-c390-11e1-9788-002522b42b36}.TMContainer00000000000000000002.regtrans-ms
[2012.02.19 20:40:00 | 000,000,020 | -HS- | M] () -- C:\Users\~\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 971 bytes -> C:\ProgramData:$SS_DESCRIPTOR_LBP6VPVFLVGVVFB84LTSUTB92PFNPC7BPV4XFJDMNGTFB5V5NBJ5TBBJMT9Y0N96GMP3V0GRUEF39X8XHH0TCFUL44FTBX4MLSWPBXRTF6VEKLFEJK35PNX0WHNGT9LSVEVF1VTVVTVXVVD

< End of report >
         
--- --- ---

undOTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 02.07.2012 19:33:00 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\~\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,75 Gb Total Physical Memory | 12,75 Gb Available Physical Memory | 80,93% Memory free
31,50 Gb Paging File | 28,31 Gb Available in Paging File | 89,87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 339,47 Gb Free Space | 72,89% Space Free | Partition Type: NTFS
Drive D: | 465,76 Gb Total Space | 147,72 Gb Free Space | 31,72% Space Free | Partition Type: NTFS
Drive E: | 465,76 Gb Total Space | 13,20 Gb Free Space | 2,83% Space Free | Partition Type: NTFS
Drive F: | 3,75 Gb Total Space | 1,28 Gb Free Space | 34,23% Space Free | Partition Type: FAT32
Drive S: | 640,62 Gb Total Space | 470,91 Gb Free Space | 73,51% Space Free | Partition Type: NTFS
Drive T: | 756,64 Gb Total Space | 179,96 Gb Free Space | 23,78% Space Free | Partition Type: NTFS
Drive U: | 232,88 Gb Total Space | 105,04 Gb Free Space | 45,10% Space Free | Partition Type: NTFS
Drive Z: | 4,88 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: DESK | User Name: ~ | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "d:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05529185-2469-4B86-9B94-C97DB6949DF7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{09AC2272-762F-4A91-A93F-51C1CA5E9E6E}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{09CE5EA1-D538-4BFB-82DC-AC8D9A1BA423}" = lport=137 | protocol=17 | dir=in | app=system | 
"{16461F59-4620-493F-9304-2EC7B373BD5A}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{1FB24EAA-4F1C-47E9-AC99-B84F68F47906}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{20D16A8A-7C96-48ED-9538-827054FE35B1}" = rport=137 | protocol=17 | dir=out | app=system | 
"{37CFCA5D-4A6A-4BF4-AA1C-6791C146D992}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{3DC02C3B-A913-423D-9661-5D30A1EF8379}" = lport=139 | protocol=6 | dir=in | app=system | 
"{3E36579C-4F79-4E33-8281-18097E080581}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{4F97A7CB-57CA-4B3C-BFBE-621F63A80435}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5A282D83-62C0-4E5F-A8C0-37C5B42ED511}" = rport=445 | protocol=6 | dir=out | app=system | 
"{935E5E71-02D7-4C40-97D4-516EF760F1E3}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{950C2238-4D33-45FB-A022-884CEB61EEFE}" = lport=445 | protocol=6 | dir=in | app=system | 
"{A177A3C3-CB99-4811-AE2A-83D7FD72DFAE}" = rport=138 | protocol=17 | dir=out | app=system | 
"{A654913B-8010-49E5-AE87-AAE7CFE9C57F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{B4A311A4-4194-4316-B871-D10B1594F3E7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{BB6A91F1-C707-4BD3-B5C3-D90017E62E79}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CF81DB1D-3969-456E-94E9-84112C7B1814}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E66EEFBC-E3FA-43C3-8C20-F887EF2BD718}" = lport=138 | protocol=17 | dir=in | app=system | 
"{F8987B27-E24E-4A98-91F1-2AB3F94479BC}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026692CE-0282-487D-9AB7-907C1E131567}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{15D56222-D567-4861-82CA-57749FEA3952}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{17556566-5DD9-49A5-BA1D-89B27A1E025F}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe | 
"{26091211-4ABC-4F94-8522-169B6EC4700B}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe | 
"{4C214BCD-C6AE-4B1E-8F47-DA553F0BF5D7}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{51388823-AB5B-4384-A939-179430552204}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe | 
"{52A4DCC4-4C8C-4177-A92C-104523E373AD}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{74A53118-B404-494D-ABDB-9C0327D7A5E8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9B1D9FF4-9E95-4223-87BA-E9F459785DA3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{A1A1BA72-B005-4256-AD5A-8CB0BE8463AD}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A69D90F4-DD66-4D57-AADB-5932605894E1}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{BA9D1450-A025-44F8-8ECC-F08D7C1C5975}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{D297D6BC-1AC3-4B09-AD26-D151DECE0F01}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{DE2E03B1-4BB5-4276-821B-E6C7EB5C5212}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{E37515C2-5D68-4361-8C88-1C584D5CF5B3}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe | 
"{F295147D-F593-421F-9599-785D179D579D}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{FB042F05-EE68-4B49-BB9C-0E929E21B5E5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"TCP Query User{9D6F4456-55CF-4154-A850-E60F82A39D14}C:6\programme\pinnacle\mediacenter\pmc.tools.recorder.exe" = protocol=6 | dir=in | app=c:6\programme\pinnacle\mediacenter\pmc.tools.recorder.exe | 
"UDP Query User{67063BBF-B570-4B27-9EF5-BFB0F0950AF3}C:6\programme\pinnacle\mediacenter\pmc.tools.recorder.exe" = protocol=17 | dir=in | app=c:6\programme\pinnacle\mediacenter\pmc.tools.recorder.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{438767B1-B5E4-0727-0BF4-A33C4096FF8A}" = AMD Fuel
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{C15B3C29-0808-24C8-180A-334492F75823}" = ATI Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E00BA4E0-AC49-F9AD-D342-F88A02E893BE}" = ccc-utility64
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"GIMP-2_is1" = GIMP 2.8.0
"GPL Ghostscript 9.04" = GPL Ghostscript
"MediaCoder x64" = MediaCoder x64 2011
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"ProgDVB" = ProgDVB
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"ZoneAlarm Toolbar" = ZoneAlarm Toolbar
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}" = VC 9.0 Runtime
"{0636DCFD-8D99-4198-BC3B-9CDF3E562BB4}" = CCC Help Danish
"{0911E53F-7532-E522-89F7-54F413395FE6}" = CCC Help Finnish
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix Online Plug-in (Web)
"{12FAF8C2-0061-429D-B7B4-FF1C9C58A99C}" = THX TruStudio Pro
"{183DFB4C-8043-A48C-E229-A9DE3BA0AFBD}" = CCC Help Turkish
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{2686B42C-2335-8421-4101-A382585F1283}" = CCC Help Chinese Standard
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java(TM) 6 Update 32
"{2D85A23D-06EF-4df2-BF09-B39AEDAE9140}_is1" = Tipard TS Converter 6.1.22
"{2D943F95-2C76-4951-9AEF-0977AF5DE11A}" = AMD Fusion Media Explorer
"{2F089826-D6F2-C6C4-ADD7-8E02B16F48B2}" = CCC Help Dutch
"{3C7F4B2F-8080-ABAF-C4A5-3E736CB79D78}" = CCC Help German
"{3EF04E5D-5F61-C426-8F80-AE691732DAF8}" = CCC Help Hungarian
"{41E340F0-0BD6-4A87-AF29-E9E584471756}" = VideoMate T, M, S Series  Driver
"{487856BC-A6A7-FEE8-20B7-EC182C3EC0F4}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE4A102-C5BA-42D9-06EC-F891D4F16938}" = CCC Help Thai
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix Online Plug-in (USB)
"{57383270-6F61-4DC8-A9B8-C1745FC29F38}" = USB PC Camera (SN9C102)
"{5D6C26B9-D9E7-4E77-A4DE-0C2B242E85FA}" = ZoneAlarm Firewall
"{67B25195-4853-222C-FE7C-543968ECAFEE}" = CCC Help Greek
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix Online Plug-in (HDX)
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{894807FE-45BC-658D-199B-141D764D536C}" = AMD VISION Engine Control Center
"{8B317436-1303-90B1-5CFC-9EEE5A256B21}" = CCC Help Japanese
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9CFD9F78-E763-F0A4-48CF-F9E9EBB814AC}" = CCC Help Chinese Traditional
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{A77123CA-AB0D-BF86-AA6D-1715E41447A2}" = CCC Help Norwegian
"{A9739666-2235-42F8-85D6-9B4005DC7951}" = Bing Bar
"{AA4B0401-9B7A-6AC1-A08B-9BA2F9402651}" = Catalyst Control Center Profiles Mobile
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{AD46EAEB-9A3B-C066-476D-2A5B8A4423BE}" = CCC Help English
"{AFEA7544-6B97-4867-A94D-1C39BA61B64F}" = Catalyst Control Center - Branding
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B84FB03A-D0CE-9B58-8AC0-F32378E60845}" = CCC Help Korean
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2012.build.50 (February 21st, 2012) Version v2012.buil
"{BABD087A-612F-A974-88B3-CFD7C2375C03}" = CCC Help Czech
"{BAFEC90C-8780-59A6-CC1D-69506D3B405D}" = Catalyst Control Center InstallProxy
"{BBE562E2-924B-49CB-A6AD-96A7D8392927}" = CCC Help Italian
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C151CE54-E7EA-4804-854B-F515368B0798}" = AMD Processor Driver
"{C4BC01F3-B7E6-49FA-8FBE-6B62FDF9CED0}" = ZoneAlarm Security
"{C7340571-7773-4A8C-9EBC-4E4243B38C76}" = Microsoft XML Parser
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix Online Plug-in (DV)
"{D6CEBC50-B787-9924-6EE9-1310199877E7}" = CCC Help French
"{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"{D8E6E0D2-4A58-DB93-968B-CFAD6CBEFAEB}" = CCC Help Polish
"{DD3E5E6A-6B6D-A766-023A-5AABC43ABEEC}" = CCC Help Spanish
"{DE598488-7511-8ABE-79A0-3100DD5C274C}" = Catalyst Control Center Localization All
"{E77481DF-F012-A163-EA97-8FC587FFD90A}" = CCC Help Swedish
"{EE3EFD3B-7A4E-C894-3029-7964541C08AC}" = Catalyst Control Center Graphics Previews Common
"{EE58B564-4B00-FBE5-9020-5E85F3DE3305}" = CCC Help Portuguese
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8116030-96CA-401C-BA85-50265E7C0A96}" = SlimDrivers
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Allzeit Atomzeit 2.00" = Allzeit Atomzeit 2.00
"ASRock IES_is1" = ASRock IES v2.0.91
"ASRock InstantBoot_is1" = ASRock InstantBoot v1.24
"ASRock OC Tuner_is1" = ASRock OC Tuner v2.4.4
"Audacity_is1" = Audacity 2.0
"AVG Secure Search" = AVG Security Toolbar
"Avira AntiVir Desktop" = Avira Antivirus Premium 2012
"CCleaner" = CCleaner
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"DVBViewer Pro Demo_is1" = DVBViewer Pro DEMO
"DVD Flick_is1" = DVD Flick 1.3.0.7
"FreePDF_XP" = FreePDF (Remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}" = NEC Electronics USB 3.0 Host Controller Driver
"IrfanView" = IrfanView (remove only)
"MAGIX Media Suite - Standard Edition D" = MAGIX Media Suite - Standard Edition (D)
"MAGIX Online Druck Service (FS)" = MAGIX Online Druck Service (FS) 
"MAGIX Video deLuxe SE D" = MAGIX Video deLuxe SE (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"McAfee Security Scan" = McAfee Security Scan Plus
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird 11.0 (x86 de)" = Mozilla Thunderbird 11.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyTeVii" = myTeVii
"ProgDVB" = ProgDVB
"PsiWin 2.3" = PsiWin 2.3
"SpeedFan" = SpeedFan (remove only)
"Tobit Radio.fx Server" = Radio.fx
"VLC media player" = VLC media player 2.0.0
"ZoneAlarm Free" = ZoneAlarm Free
"ZoneAlarm-Sicherheit Toolbar" = ZoneAlarm-Sicherheit Toolbar
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 01.07.2012 12:19:25 | Computer Name = desk | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bca28  Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325,
 Zeitstempel: 0x4df2be1e  Ausnahmecode: 0xc0000417  Fehleroffset: 0x0008af3e  ID des fehlerhaften
 Prozesses: 0x45c  Startzeit der fehlerhaften Anwendung: 0x01cd57a5472250b7  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\regsvr32.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\MSVCR100.dll  Berichtskennung: 85b5c111-c398-11e1-9a4e-002522b42b36
 
Error - 01.07.2012 12:23:55 | Computer Name = desk | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bca28  Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325,
 Zeitstempel: 0x4df2be1e  Ausnahmecode: 0xc0000417  Fehleroffset: 0x0008af3e  ID des fehlerhaften
 Prozesses: 0xf9c  Startzeit der fehlerhaften Anwendung: 0x01cd57a5e8c40536  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\regsvr32.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\MSVCR100.dll  Berichtskennung: 26a28cfc-c399-11e1-9a4e-002522b42b36
 
Error - 01.07.2012 12:24:19 | Computer Name = desk | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bca28  Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325,
 Zeitstempel: 0x4df2be1e  Ausnahmecode: 0xc0000417  Fehleroffset: 0x0008af3e  ID des fehlerhaften
 Prozesses: 0x3c0  Startzeit der fehlerhaften Anwendung: 0x01cd57a5f76ddf43  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\regsvr32.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\MSVCR100.dll  Berichtskennung: 35349947-c399-11e1-9a4e-002522b42b36
 
Error - 01.07.2012 12:24:48 | Computer Name = desk | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bca28  Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325,
 Zeitstempel: 0x4df2be1e  Ausnahmecode: 0xc0000417  Fehleroffset: 0x0008af3e  ID des fehlerhaften
 Prozesses: 0xb98  Startzeit der fehlerhaften Anwendung: 0x01cd57a608a653bb  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\regsvr32.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\MSVCR100.dll  Berichtskennung: 46669583-c399-11e1-9a4e-002522b42b36
 
Error - 01.07.2012 12:29:43 | Computer Name = desk | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RootkitRevealer.exe, Version: 1.71.0.0,
 Zeitstempel: 0x44e255aa  Name des fehlerhaften Moduls: RootkitRevealer.exe, Version:
 1.71.0.0, Zeitstempel: 0x44e255aa  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000040cd
ID
 des fehlerhaften Prozesses: 0x10f8  Startzeit der fehlerhaften Anwendung: 0x01cd57a6b6cf0f8b
Pfad
 der fehlerhaften Anwendung: F:\programme\Rootkit Revealer\RootkitRevealer.exe  Pfad
 des fehlerhaften Moduls: F:\programme\Rootkit Revealer\RootkitRevealer.exe  Berichtskennung:
 f60b8199-c399-11e1-9a4e-002522b42b36
 
Error - 01.07.2012 13:08:53 | Computer Name = desk | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.8.20051.2519 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 17ec    Startzeit: 01cd57a6c5c321a5    Endzeit: 15    Anwendungspfad:
 F:\programme\PortableApps\Apps\PortableFirefox\firefox\firefox.exe    Berichts-ID: 
  
 
Error - 01.07.2012 13:08:58 | Computer Name = desk | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: regsvr32.exe, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bca28  Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325,
 Zeitstempel: 0x4df2be1e  Ausnahmecode: 0xc0000417  Fehleroffset: 0x0008af3e  ID des fehlerhaften
 Prozesses: 0x67c  Startzeit der fehlerhaften Anwendung: 0x01cd57ac33f314b2  Pfad der
 fehlerhaften Anwendung: C:\Windows\SysWOW64\regsvr32.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\system32\MSVCR100.dll  Berichtskennung: 71e708db-c39f-11e1-9a4e-002522b42b36
 
Error - 01.07.2012 13:44:12 | Computer Name = desk | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 1.8.20051.2519 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: ea0    Startzeit: 01cd57b0a1667d6a    Endzeit: 0    Anwendungspfad: F:\programme\PortableApps\Apps\PortableFirefox\firefox\firefox.exe

Berichts-ID:
   
 
Error - 01.07.2012 14:09:35 | Computer Name = desk | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 1.8.20051.2519,
 Zeitstempel: 0x435eec98  Name des fehlerhaften Moduls: AcXtrnal.DLL, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bd98a  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00008a66  ID des fehlerhaften
 Prozesses: 0xfc4  Startzeit der fehlerhaften Anwendung: 0x01cd57b1226a882f  Pfad der
 fehlerhaften Anwendung: F:\programme\PortableApps\Apps\PortableFirefox\firefox\firefox.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\AppPatch\AcXtrnal.DLL  Berichtskennung: e997e3b5-c3a7-11e1-9a4e-002522b42b36
 
Error - 01.07.2012 14:24:35 | Computer Name = desk | Source = WinMgmt | ID = 10
Description = 
 
Error - 02.07.2012 13:26:29 | Computer Name = desk | Source = WinMgmt | ID = 10
Description = 
 
[ Media Center Events ]
Error - 28.02.2012 13:18:20 | Computer Name = desk | Source = MCUpdate | ID = 0
Description = 18:18:20 - Fehler beim Herstellen der Internetverbindung.  18:18:20 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 28.02.2012 13:19:00 | Computer Name = desk | Source = MCUpdate | ID = 0
Description = 18:18:49 - Fehler beim Herstellen der Internetverbindung.  18:18:49 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 01.07.2012 08:37:49 | Computer Name = desk | Source = volsnap | ID = 393224
Description = Das Zeitlimit für den Lösch- und Speicherschreibvorgang für Volume
 "C:" wurde beim Warten auf eine Schreibvorgangfreigabe überschritten.
 
Error - 01.07.2012 11:16:00 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2533552)
 
Error - 01.07.2012 11:16:06 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
 Systeme (KB2620704)
 
Error - 01.07.2012 14:25:39 | Computer Name = desk | Source = WMPNetworkSvc | ID = 866300
Description = 
 
Error - 01.07.2012 15:01:48 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2533552)
 
Error - 01.07.2012 15:02:00 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
 Systeme (KB2620704)
 
Error - 01.07.2012 15:02:49 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
 Systeme (KB2620704)
 
Error - 01.07.2012 15:03:39 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2533552)
 
Error - 01.07.2012 18:16:45 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Update für Windows 7 für x64-Systeme (KB2533552)
 
Error - 01.07.2012 18:16:52 | Computer Name = desk | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x8024200d fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte
 Systeme (KB2620704)
 
 
< End of report >
         
--- --- ---
__________________

Geändert von dgd2511 (02.07.2012 um 19:31 Uhr)

Alt 02.07.2012, 21:25   #4
markusg
/// Malware-holic
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 03.07.2012, 20:01   #5
dgd2511
 
Browser funktionieren nicht - Beitrag

Browser funktionieren nicht



Combofix Logfile:
Code:
ATTFilter
ComboFix 12-07-02.01 - ~ 03.07.2012  20:06:31.1.6 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16127.13179 [GMT 2:00]
ausgeführt von:: c:\users\~\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AV: Emsisoft Anti-Malware *Enabled/Updated* {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: ZoneAlarm Free Firewall Antivirus *Disabled/Updated* {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
FW: ZoneAlarm Free Firewall Firewall *Disabled* {E6380B7E-D4B2-19F1-083E-56486607704B}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Emsisoft Anti-Malware *Enabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: ZoneAlarm Free Firewall Anti-Spyware *Disabled/Updated* {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Windows
c:\users\~\AppData\Local\lame_enc.dll
c:\users\~\AppData\Local\no23xwrapper.dll
c:\users\~\AppData\Local\ogg.dll
c:\users\~\AppData\Local\vorbis.dll
c:\users\~\AppData\Local\vorbisenc.dll
c:\users\~\AppData\Local\vorbisfile.dll
c:\users\~\AppData\Local\lame_enc.dll
c:\users\~\AppData\Local\no23xwrapper.dll
c:\users\~\AppData\Local\ogg.dll
c:\users\~\AppData\Local\vorbis.dll
c:\users\~\AppData\Local\vorbisenc.dll
c:\users\~\AppData\Local\vorbisfile.dll
.
Infizierte Kopie von c:\windows\System32\schtasks.exe wurde gefunden und desinfiziert 
Kopie von - c:\windows\winsxs\amd64_microsoft-windows-sctasks_31bf3856ad364e35_6.1.7601.17514_none_e8657d02cbf5e4c1\schtasks.exe wurde wiederhergestellt 
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-06-03 bis 2012-07-03  ))))))))))))))))))))))))))))))
.
.
2012-07-03 18:26 . 2012-07-03 18:26	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-07-03 18:26 . 2012-07-03 18:26	--------	d-----w-	c:\users\~\AppData\Local\temp
2012-07-03 17:54 . 2012-05-31 04:04	9013136	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{40CF1AC7-B64A-4773-B121-4F6641CB75B8}\mpengine.dll
2012-07-02 18:53 . 2012-01-09 16:59	11864	----a-w-	c:\windows\system32\drivers\kl2.sys
2012-07-02 18:53 . 2012-01-09 16:59	460888	----a-w-	c:\windows\system32\drivers\kl1.sys
2012-07-01 19:11 . 2012-05-04 11:00	366592	----a-w-	c:\windows\system32\qdvd.dll
2012-07-01 19:11 . 2012-05-04 09:59	514560	----a-w-	c:\windows\SysWow64\qdvd.dll
2012-07-01 18:05 . 2012-07-01 18:05	--------	d-----w-	c:\users\~\AppData\Roaming\Malwarebytes
2012-07-01 18:05 . 2012-07-01 18:05	--------	d-----w-	c:\programdata\Malwarebytes
2012-07-01 18:05 . 2012-07-01 18:05	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-01 18:05 . 2012-04-04 13:56	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-07-01 17:53 . 2012-07-03 17:54	--------	d-----w-	c:\program files (x86)\Emsisoft Anti-Malware
2012-07-01 16:49 . 2012-07-01 16:49	--------	d-----w-	c:\users\~\AppData\Roaming\AVG Secure Search
2012-07-01 16:49 . 2012-07-01 16:49	--------	d-----w-	c:\users\~\AppData\Local\ZoneAlarm-Sicherheit
2012-07-01 08:51 . 2012-07-01 16:22	--------	d-----w-	c:\program files (x86)\CCleaner
2012-07-01 08:44 . 2012-07-01 16:22	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-07-01 08:44 . 2012-07-01 16:22	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2012-06-23 09:28 . 2012-06-23 09:28	--------	d-----w-	c:\users\~\AppData\Local\Macromedia
2012-06-22 04:34 . 2012-06-02 22:19	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-22 04:34 . 2012-06-02 22:19	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-22 04:34 . 2012-06-02 22:19	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-22 04:34 . 2012-06-02 22:15	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-22 04:34 . 2012-06-02 22:19	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-22 04:34 . 2012-06-02 22:19	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-22 04:34 . 2012-06-02 22:15	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-22 04:34 . 2012-06-02 13:19	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-22 04:34 . 2012-06-02 13:15	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-13 16:13 . 2012-04-26 05:41	77312	----a-w-	c:\windows\system32\rdpwsx.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-03 18:30 . 2012-02-23 22:15	15672	----a-w-	c:\windows\system32\drivers\SWDUMon.sys
2012-06-23 08:45 . 2012-03-30 08:52	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 08:45 . 2012-02-19 22:16	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-31 20:10 . 2012-05-31 20:10	476960	----a-w-	c:\windows\SysWow64\npdeployJava1.dll
2012-05-31 20:10 . 2012-03-06 01:37	472864	----a-w-	c:\windows\SysWow64\deployJava1.dll
2012-05-15 07:19 . 2012-03-09 23:04	98848	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2012-05-15 07:19 . 2012-03-09 23:04	132832	----a-w-	c:\windows\system32\drivers\avipbb.sys
2012-04-30 20:44 . 2012-04-30 20:44	8072784	----a-w-	c:\programdata\Microsoft\BingBar\BBSvc\7.1.382.0oemBingBarSetup-Partner.EXE
2006-05-03 09:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 10:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 12:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 21:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-06-12 21:32	2068536	----a-w-	c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.1.0.7\AVG Secure Search_toolbar.dll" [2012-06-12 2068536]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zASRockInstantBoot"="c:\program files (x86)\ASRock Utility\InstantBoot\InstantBoot.exe" [2009-11-16 3536904]
"ASRockIES"="c:\program files (x86)\ASRock Utility\IES\AsrIes.exe" [2010-07-19 8798216]
"ProgLauncher"="c:\program files (x86)\ProgDVB\ProgLauncher.exe" [2012-04-06 239040]
"rfxsrvtray"="c:\program files (x86)\Tobit Radio.fx\Client\rfx-tray.exe" [2012-01-18 2057048]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" [2010-06-11 1349632]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-06-12 1104440]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-07-11 336384]
"ConnectionCenter"="c:\program files (x86)\Citrix\ICA Client\concentr.exe" [2009-09-12 103768]
"ZoneAlarm"="c:\program files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [2012-06-21 73392]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-15 348624]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"emsisoft anti-malware"="c:\program files (x86)\emsisoft anti-malware\a2guard.exe" [2012-06-17 3367328]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]
PsiWin 2.3 Connection Server.lnk - c:\program files (x86)\Psion\PsiWin\Psconsv.exe [2012-5-8 286720]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer2"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-23 250056]
R3 ahcix64;ahcix64;c:\windows\system32\drivers\ahcix64.sys [2010-01-06 233776]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe [2012-04-16 240208]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe [2010-01-15 227232]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 MPEVirtual;TeViiData Network Adapter Driver;c:\windows\system32\DRIVERS\TeViiData64.sys [2010-06-07 20312]
R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]
R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2000-01-01 428136]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys [2012-07-03 15672]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2011-05-19 23208]
S1 a2injectiondriver;a2injectiondriver;c:\program files (x86)\Emsisoft Anti-Malware\a2dix64.sys [2012-04-30 44688]
S1 a2util;a-squared Malware-IDS utility driver;c:\program files (x86)\Emsisoft Anti-Malware\a2util64.sys [2010-05-05 14720]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-09-16 27760]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [2009-09-08 87600]
S1 kl2;kl2;c:\windows\system32\DRIVERS\kl2.sys [2012-01-09 11864]
S2 a2AntiMalware;Emsisoft Anti-Malware 6.6 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2012-06-17 3069752]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-13 202752]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-07-11 365568]
S2 AntiVirMailService;Avira Email Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc.exe [2012-05-15 375760]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-15 86224]
S2 AntiVirWebService;Avira Browser Schutz;c:\program files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [2012-05-15 465360]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe [2012-04-16 193616]
S2 ISWKL;ZoneAlarm LTD Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2012-04-30 33672]
S2 IswSvc;ZoneAlarm LTD Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2012-04-30 827520]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 ProgDVBService;ProgDVB Scheduler Service;c:\program files\ProgDVB\ProgDVBService.exe [2012-02-28 60864]
S2 Radio.fx;Radio.fx Server;c:\program files (x86)\Tobit Radio.fx\Server\rfx-server.exe [2012-01-26 3665752]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
S2 vToolbarUpdater11.1.0;vToolbarUpdater11.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe [2012-06-12 935480]
S3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2012-04-30 66320]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-01-13 6327296]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-01-13 185344]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
S3 Ph3xIB64;Philips 713x Inbox PCI TV Card;c:\windows\system32\DRIVERS\Ph3xIB64.sys [2009-06-10 1627520]
S3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;c:\windows\system32\DRIVERS\Rtenic64.sys [2010-03-08 263120]
S3 SAllBDA;TeVii DVB-S/S2 Receiver;c:\windows\system32\Drivers\TeViiS2.sys [2012-03-15 190968]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys [2000-01-01 44672]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 08:45]
.
2012-07-03 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2012-02-01 12:42]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-19 11101800]
"THXCfg64"="c:\windows\system32\RunDLL32.exe" [2009-07-14 45568]
"TeViiRC"="c:\windows\TeViiRC.exe" [2012-03-15 327160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.web.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
LSP: c:\program files (x86)\Avira\AntiVir Desktop\avsda.dll
TCP: Interfaces\{E73B34FE-B19A-4740-B9E9-D8AD8190A1AE}: NameServer = 192.168.178.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.1.0\ViProtocol.dll
FF - ProfilePath - c:\users\~\AppData\Roaming\Mozilla\Firefox\Profiles\e4g1jgro.default\
FF - prefs.js: browser.startup.homepage - www.web.de
.
.
------- Dateityp-Verknüpfung -------
.
txtfile=%SystemRoot%\SysWow64\NOTEPAD.EXE %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - (no file)
Wow6432Node-HKCU-Run-ASRockOCTuner - (no file)
WebBrowser-{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B} - (no file)
WebBrowser-{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - (no file)
HKLM-Run-ISW - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{95B7759C-8C7F-4BF1-B163-73684A933233}"=hex:51,66,7a,6c,4c,1d,38,12,f2,76,a4,
   91,4d,c2,9f,0e,ce,75,30,28,4f,cd,76,27
"{FC2B76FC-2132-4D80-A9A3-1F5C6E49066B}"=hex:51,66,7a,6c,4c,1d,38,12,92,75,38,
   f8,00,6f,ee,08,d6,b5,5c,1c,6b,17,42,7f
"{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}"=hex:51,66,7a,6c,4c,1d,38,12,8b,c7,39,
   ea,82,fe,a8,0b,f7,bf,ff,e1,a6,74,f5,13
"{8DCB7100-DF86-4384-8842-8FA844297B3F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,72,d8,
   89,b4,91,ea,06,f7,54,cc,e8,41,77,3f,2b
"{18DF081C-E8AD-4283-A596-FA578C2EBDC3}"=hex:51,66,7a,6c,4c,1d,38,12,72,0b,cc,
   1c,9f,a6,ed,07,da,80,b9,17,89,70,f9,d7
"{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}"=hex:51,66,7a,6c,4c,1d,38,12,ac,35,59,
   8e,07,4b,42,08,c2,2b,0a,2c,b2,b0,92,f7
"{D2CE3E00-F94A-4740-988E-03DC2F38C34F}"=hex:51,66,7a,6c,4c,1d,38,12,6e,3d,dd,
   d6,78,b7,2e,02,e7,98,40,9c,2a,66,87,5b
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FF059E31-CC5A-4E2E-BF3B-96E929D65503}"=hex:51,66,7a,6c,4c,1d,38,12,5f,9d,16,
   fb,68,82,40,0b,c0,2d,d5,a9,2c,88,11,17
"{BDEADE7F-C265-11D0-BCED-00A0C90AB50F}"=hex:51,66,7a,6c,4c,1d,38,12,11,dd,f9,
   b9,57,8c,be,54,c3,fb,43,e0,cc,54,f1,1b
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:63,00,b0,c7,10,27,cd,01
.
[HKEY_USERS\S-1-5-21-569867917-2879004470-963412433-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*_*b*6*2*2*8*e*e*c*1*4*d*1*a*9*5*e*3*6*a*•Üc\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-569867917-2879004470-963412433-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*c*o*m*_*c*e*7*d*4*3*3*9*e*9*e*9*b*c*c*5*a*e*2*‘•Üc\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Internet Explorer\IELowutil.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-03  20:34:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-07-03 18:34
.
Vor Suchlauf: 14 Verzeichnis(se), 378.548.674.560 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 378.560.811.008 Bytes frei
.
- - End Of File - - 59D9704AECD31B16E29C8BFCFAA9A881
         
--- --- ---


So und nun!?

Bis jetzt eigentlich keine weiteren Probleme.

Was kanns sein!?


THX


Alt 04.07.2012, 11:10   #6
markusg
/// Malware-holic
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



öffne malwarebytes, update, vollständiger scan, log posten
__________________
--> Browser funktionieren nicht

Alt 06.07.2012, 06:04   #7
dgd2511
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



Hier nochmal vollscann ....

Malwarebytes Anti-Malware (Test) 1.61.0.1400
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Datenbank Version: v2012.07.05.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
~ :: DESK [Administrator]

Schutz: Aktiviert

05.07.2012 21:04:16
mbam-log-2012-07-05 (21-04-16).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 921586
Laufzeit: 2 Stunde(n), 41 Minute(n), 19 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)



und nun

Alt 06.07.2012, 10:07   #8
markusg
/// Malware-holic
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



hi
wieso gibts bereits nen log eines vollständigen scans, falls ja, nachreichen.
das obere ist nämlich ein quick scan.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.07.2012, 21:47   #9
dgd2511
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



Hallo Markusg,
das ist ein vollständiger Suchlauf.
2, xx Stunden und ausserden steht es in Log,

Ist System nun sauber oder doch neu aufsetzen?


Geändert von dgd2511 (06.07.2012 um 22:02 Uhr)

Alt 09.07.2012, 19:19   #10
markusg
/// Malware-holic
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



sorry hast recht
sieht gut aus.

lade den CCleaner standard:
CCleaner Download - CCleaner 3.20.1750
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 10.07.2012, 21:12   #11
dgd2511
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



wie angegeben:

7-Zip 9.20 (x64 edition) Igor Pavlov 28.04.2012 9.20.00.0 notwendig
Adobe Flash Player 11 ActiveX 64-bit Adobe Systems Incorporated 18.02.2012 11.2.202.235 notwendig
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 22.06.2012 6,00MB 11.3.300.262 notwendig
Adobe Reader X (10.1.3) - Deutsch Adobe Systems Incorporated 11.04.2012 121,5MB 10.1.3 notwendig
Allzeit Atomzeit 2.00 Philipp Winterberg 20.04.2012 2.00 notwendig
AMD Fusion Media Explorer Advanced Micro Devices, Inc. 19.02.2012 9,77MB 1.0.2.0163 notwendig
AMD Processor Driver AMD 19.02.2012 1.3.2.0053 notwendig
ASRock IES v2.0.91 21.02.2012 notwendig
ASRock InstantBoot v1.24 19.02.2012 notwendig
ASRock OC Tuner v2.4.4 21.02.2012 notwendig
ATI Catalyst Install Manager ATI Technologies, Inc. 23.02.2012 3.0.829.0 notwendig
Audacity 2.0 Audacity Team 21.04.2012 42,2MB notwendig
AVG Security Toolbar AVG Technologies 08.07.2012 .1.0.12 notwendig
^^Avira Antivirus Premium 2012 Avira 11.06.2012 107,2MB 12.0.0.1145 notwendig
Bing Bar Microsoft Corporation 29.04.2012 0,45MB 7.1.382.0 notwendig
CCleaner Piriform 30.06.2012 2.27 notwendig
CDBurnerXP CDBurnerXP 14.05.2012 17,3MB 4.4.1.3099 notwendig
Citrix Online Plug-in - Web Citrix Systems, Inc. 05.03.2012 11.2.0.31560 notwendig
DVBViewer Pro DEMO CM&V 28.04.2012 9,43MB 4.8.1 unnötig
DVD Flick 1.3.0.7 Dennis Meuwissen 26.03.2012 1.3.0.7 unnötig
Emsisoft Anti-Malware Emsisoft GmbH 30.06.2012 176,2MB 6.6 notwendig
FreePDF (Remove only) 06.05.2012 notwendig
GIMP 2.8.0 The GIMP Team 20.05.2012 2.8.0 notwendig
GPL Ghostscript Artifex Software Inc. 18.02.2012 9.04 notwendig
Internet-TV für Windows Media Center Microsoft Corporation 22.02.2012 13,7MB 4.2.2.0 notwendig
IrfanView (remove only) Irfan Skiljan 27.03.2012 1,50MB 4.32 notwendig
Java(TM) 6 Update 33 Oracle 30.05.2012 95,7MB 6.0.330 notwendig
MAGIX Media Suite - Standard Edition (D) MAGIX AG 22.02.2012 1.7.1.42 notwendig
MAGIX Online Druck Service (FS) Silverwire Software AG 18.02.2012 notwendig
MAGIX Video deLuxe SE (D) MAGIX AG 22.02.2012 5.0.4.0 notwendig
Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 30.06.2012 1.61.0.1400 notwendig
McAfee Security Scan Plus McAfee, Inc. 20.02.2012 8,30MB 2.0.181.2 unnötig
MediaCoder x64 2011 Broad Intelligence 18.02.2012 2011 notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 18.02.2012 4.0.30319 notwendig
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 18.02.2012 4.0.30319 notwendig
Microsoft Office File Validation Add-In Microsoft Corporation 19.03.2012 7,92MB 14.0.5130.5003 notwendig
Microsoft Office Home and Student 2007 Microsoft Corporation 11.03.2012 12.0.6612.1000 notwendig
Microsoft Office Live Add-in 1.5 Microsoft Corporation 26.04.2012 0,50MB 2.0.4024.1 notwendig
Microsoft Visual C++ 2008 Redistributable x64 9.0.30729.4148 Microsoft Corporation 19.02.2012 9.0.30729.4148 notwendig
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 22.02.20129.0.30729.6161 notwendig
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 27.04.2012 10.0.30319 notwendig
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 10.03.2012 11,1MB 10.0.40219 notwendig
MozBackup 1.5.1 Pavel Cvrcek 18.02.2012 notwendig
Mozilla Firefox 13.0.1 (x86 de) Mozilla 30.06.2012 38,5MB 13.0.1 notwendig
Mozilla Maintenance Service Mozilla 30.06.2012 0,19MB 13.0.1 notwendig
Mozilla Thunderbird 11.0 (x86 de) Mozilla 18.03.2012 37,5MB 11.0 notwendig
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 23.02.2012 1,28MB 4.20.9870.0 notwendig
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 23.02.2012 1,33MB 4.20.9876.0 notwendig
myTeVii 05.05.2012 notwendig
NEC Electronics USB 3.0 Host Controller Driver NEC Electronics Corporation 18.02.2012 0,97MB 1.0.19.0 notwendig
No23 Recorder No23 19.05.2012 4,89MB 2.1.0.3 notwendig
PlayReady PC Runtime amd64 Microsoft Corporation 23.02.2012 1.3.0 unbekannt
ProgDVB Prog 27.04.2012 67,3MB 6.8x notwendig
PsiWin 2.3 07.05.2012 notwendig
Radio.fx Tobit.Software 18.05.2012 notwendig
Realtek Ethernet Controller Driver Realtek 24.02.2012 7.41.216.2011 notwendig
REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek 28.02.2012 1.28.0000 notwendig
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 18.02.2012 6.0.1.6167 notwendig
RedMon - Redirection Port Monitor 18.02.2012 notwendig
SlimDrivers SlimWare Utilities, Inc. 22.02.2012 26,2MB 2.2.18283 unbekannt
SpeedFan (remove only) 23.02.2012 unnötig
Spybot - Search & Destroy Safer Networking Limited 30.06.2012 1.6.2 notwendig
SUPER © v2012.build.50 (February 21st, 2012) Version v2012.buil eRightSoft 27.03.2012 51,5MB v2012.build.50 notwendig
THX TruStudio Pro Creative Technology Limited 19.02.2012 1.0 notwendig
Tipard TS Converter 6.1.22 26.03.2012 60,6MB unnötig
USB PC Camera (SN9C102) 11.03.2012 4.20.1.001 notwendig
VideoMate T, M, S Series Driver 24.02.2012 1.39.200 unbekannt
VLC media player 2.0.0 VideoLAN 03.03.2012 2.0.0 notwendig
ZoneAlarm Free Firewall Check Point 01.07.2012 307,0MB 10.2.057.000 notwendig


ein bischen durcheinander. aber vielleicht siehst du ja durch


Alt 11.07.2012, 00:24   #12
markusg
/// Malware-holic
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



deinstaliere:
Adobe Flash Player alle
Adobe - Adobe Flash Player installieren
neueste version laden
adobe reader:
Adobe - Adobe Reader herunterladen - Alle Versionen
haken bei mcafee security scan raus nehmen

bitte auch mal den adobe reader wie folgt konfigurieren:
adobe reader öffnen, bearbeiten, voreinstellungen.
allgemein:
nur zertifizierte zusatz module verwenden, anhaken.
internet:
hier sollte alles deaktiviert werden, es ist sehr unsicher pdfs automatisch zu öffnen, zu downloaden etc.
es ist immer besser diese direkt abzuspeichern da man nur so die kontrolle hat was auf dem pc vor geht.
bei javascript den haken bei java script verwenden raus nehmen
bei updater, automatisch instalieren wählen.
übernehmen /ok



deinstaliere:
AVG Security Toolbar auf so was kann man verzichten
Bing : sollte man auch weg lassen
DVBViewer
DVD Flick
Emsisoft : entweder emsisoft, oder avira, beide programme können sich behindern, teile mir mit, welches du behältst
McAfee
SpeedFan
Spybot : bringt nichts, behalte malwarebytes, update von zeit zu zeit, damit kommst du besser.
Tipard
ZoneAlarm : verzichte auf solchen unsinn, bringt nicht viel.

öffne ccleaner, analysieren, starten.
öffne otl, cleanup, pc startet neu testen wie der pc läuft
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 12.07.2012, 22:16   #13
dgd2511
 
Browser funktionieren nicht - Icon17

Browser funktionieren nicht



Hallo markusg,

alles so gemacht, Browser funktionieren wieder, eigentlich schon ab Schritt 2, aber was solls.

Aufgefallen ist mir:

Alles von Adobe installiert ungefragt Mcafee scan plus, kann man nicht abwählen.

beim CCleaner ist beim 1. durchlauf OTL vom Desktop verschwunden und musste neu downloadet werden

Avira hab ich behalten - emisoft deinstalliert

malwarebyte, das weisst du schon, ist jetzt nach Testphase fällig für schlappe ca. 30,00 Teuro

Aber Hauptproblem: 'Browser funktionieren nicht' ist erledigt

Ein wenig fahler Geschmack bleibt trotzdem - ist nun wirklich alles ok oder schlummert doch noch was im Hintergrund.

Danke für deine Tatkräftige Unterstützung.


Alt 13.07.2012, 11:08   #14
markusg
/// Malware-holic
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



naja, ne 100 %ige sicherheit gibts bei infizierten systemen natürlich nicht, wenn du dem frieden nicht traust, können wir das gerät neu aufsetzen und absichern.
malwarebytes kann trotzdem kostenlos genutzt werden.
mcafee kannst ja dann nachträglich deinstalieren.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 13.07.2012, 21:22   #15
dgd2511
 
Browser funktionieren nicht - Standard

Browser funktionieren nicht



mcafee scan plus hab ich schon deinstalliert,

Soooo wichtige Sachen hab ich ja nun auch nicht auf den PC und mit Win8 wird eh allesneu aufgesetzt.
Ich schließe hier mal den Tread und Dank an alle!


Antwort

Themen zu Browser funktionieren nicht
administrator, aktion, anti-malware, appdata, autostart, browser, bösartige, dateien, dateisystem, downloads, explorer, funktionieren, gelöscht, gesuch, gesucht, heuristiks/extra, heuristiks/shuriken, icreinstall, log, mein log, minute, nichts, pup.adware.installcore, registrierung, service, service pack 2, speicher, stick, temp, test, version



Ähnliche Themen: Browser funktionieren nicht


  1. Windows 7 Professional 64 bit: Browser funktionieren seit Entfernung Omnibox mit Malwarebytes nicht mehr
    Log-Analyse und Auswertung - 09.07.2015 (16)
  2. Alle Browser funktionieren nicht mehr
    Log-Analyse und Auswertung - 26.02.2015 (27)
  3. Browser Funktionieren nicht, Mehrfache Prozesse, Grafikfehler und Abstürze
    Log-Analyse und Auswertung - 11.12.2014 (29)
  4. Browser extrem langsam oder funktionieren nicht. PC läuft normal.
    Log-Analyse und Auswertung - 18.11.2014 (13)
  5. Gameclients crashen/browser funktionieren nicht/massive adware
    Plagegeister aller Art und deren Bekämpfung - 26.10.2014 (5)
  6. Browser funktionieren trotz Internetverbindung nicht
    Log-Analyse und Auswertung - 13.04.2014 (5)
  7. Browser funktionieren nicht mehr!
    Plagegeister aller Art und deren Bekämpfung - 07.02.2014 (5)
  8. Browser funktionieren nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 20.11.2013 (11)
  9. Google Chrome und alle anderen Browser funktionieren nicht mehr!
    Plagegeister aller Art und deren Bekämpfung - 11.07.2013 (15)
  10. Browser funktionieren nicht trotz Internetverbindung - Wlan Repeater
    Alles rund um Windows - 11.11.2012 (13)
  11. Browser funktionieren nicht mehr einwandfrei
    Log-Analyse und Auswertung - 30.03.2010 (11)
  12. Browser - Google Links funktionieren nicht, andere Seiten öffnen sich
    Log-Analyse und Auswertung - 04.03.2010 (27)
  13. Programminstallation nicht möglich, Browser funktionieren nicht - Virus?
    Mülltonne - 18.01.2010 (1)
  14. Browser funktionieren nicht obwohl Internetverbindung steht (ICQ geht zB)
    Log-Analyse und Auswertung - 10.08.2009 (5)
  15. Browser funktionieren nicht - aber Verbindung steht
    Log-Analyse und Auswertung - 14.07.2009 (1)
  16. Browser funktionieren nicht mehr & Spiele ruckeln
    Log-Analyse und Auswertung - 30.07.2008 (7)
  17. Browser funktionieren nicht mehr
    Log-Analyse und Auswertung - 01.12.2006 (2)

Zum Thema Browser funktionieren nicht - Browser funktionierten nicht. Kurz die Eieruhr, dann nichts mehr. Vom Stick - Portable Apps ging es. Nach Boardeinträgen gesucht - Malwarebyre heruntergeladen - ANWEISUNGEN BEFOLGT UND ES GEHT WIEDER - - Browser funktionieren nicht...
Archiv
Du betrachtest: Browser funktionieren nicht auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.