Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside

Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside


Log-Analyse und Auswertung: Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 08.07.2012, 17:21   #1
JohnGotti
 
Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside - Standard

Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside


Hallo,

ich habe mir gestern den Bundespolizei-Trojaner eingefangen und dann einen Systemwiederherstellungspunkt vom Vortag ausgeführt. Der Trojaner scheint weg zu sein, aber ist mein System auch wirklich sicher? Bin mir sehr unsicher, z.B. geht Strg+Alt+Entf nicht mehr, oder auch Strg + v geht ebenso nicht mehr ... sind für mich komische Anzeichen.

Über Hilfe würde ich mich sehr freuen.

Vielen Dank

Gruß











----------------------------------------------------------------------

Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.08.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Myself :: MYSELF-PC [Administrator]

Schutz: Deaktiviert

08.07.2012 16:44:03
mbam-log-2012-07-08 (16-44-03).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 358140
Laufzeit: 58 Minute(n), 23 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)



----------------------------------------------------------------------








OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 08.07.2012 17:50:14 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Myself\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,74 Gb Total Physical Memory | 6,36 Gb Available Physical Memory | 82,09% Memory free
15,49 Gb Paging File | 13,91 Gb Available in Paging File | 89,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 167,13 Gb Free Space | 56,09% Space Free | Partition Type: NTFS
 
Computer Name: MYSELF-PC | User Name: Myself | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.07 16:47:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Myself\Desktop\OTL.exe
PRC - [2012.05.08 15:04:41 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 15:04:41 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.08 15:04:41 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.11.25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe
PRC - [2010.10.01 15:44:58 | 000,280,120 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
PRC - [2010.09.27 18:29:26 | 000,092,216 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.03.16 02:54:10 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.06.23 19:46:17 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.17 00:20:58 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.08 15:04:41 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 15:04:41 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.11.25 17:32:36 | 000,687,400 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate) @C:\Program Files (x86)
SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.10.01 15:44:58 | 000,280,120 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe -- (hpHotkeyMonitor)
SRV - [2010.09.27 18:29:26 | 000,092,216 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.09.08 13:05:34 | 000,271,360 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.23 23:34:20 | 000,370,688 | ---- | M] (StarWind Software) [Auto | Running] -- C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.02 13:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.05.08 15:04:41 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 15:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012.02.24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2012.02.12 15:34:39 | 000,503,352 | ---- | M] (Duplex Secure Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2012.02.12 12:46:20 | 003,063,360 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.03.16 03:14:36 | 006,862,848 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2011.03.16 02:20:10 | 000,264,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.08 12:03:24 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.17 09:04:32 | 000,115,216 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2010.09.08 13:05:34 | 000,515,584 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.06.03 20:18:56 | 001,379,376 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.06.02 16:08:38 | 000,025,912 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2010.05.03 15:44:02 | 000,331,880 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.03.09 23:03:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 6A D4 1A B2 1C 5D CD 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.19: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 00:20:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.02.12 13:01:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Myself\AppData\Roaming\mozilla\Extensions
[2012.05.02 13:40:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Myself\AppData\Roaming\mozilla\Firefox\Profiles\7wj5tk5k.default\extensions
[2012.03.04 15:49:40 | 000,000,000 | ---D | M] (Complitly - Speed up your search with your personal search suggestions tool) -- C:\Users\Myself\AppData\Roaming\mozilla\Firefox\Profiles\7wj5tk5k.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}
[2012.03.18 09:59:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.17 00:20:58 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.08 19:36:16 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.08 19:21:19 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.08 19:36:16 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.08 19:36:16 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.08 19:36:16 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.08 19:36:16 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D5F06006-4B42-4C27-A6E8-D98FC5B3AF6F}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DB50102F-D1ED-4138-B01E-BFAF302D09BA}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.07 18:34:14 | 000,000,000 | ---D | C] -- C:\Users\Myself\AppData\Roaming\Malwarebytes
[2012.07.07 18:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.07 18:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.07 18:33:58 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.07 18:33:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.07 16:56:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.07 16:56:01 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.07 16:51:53 | 010,063,000 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Myself\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.07 16:50:23 | 003,889,704 | ---- | C] (Piriform Ltd) -- C:\Users\Myself\Desktop\ccsetup320.exe
[2012.07.07 16:47:50 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Myself\Desktop\OTL.exe
[2012.07.07 15:32:44 | 000,000,000 | ---D | C] -- C:\Users\Myself\AppData\Roaming\Xeibov
[2012.07.05 21:35:02 | 000,000,000 | ---D | C] -- C:\Users\Myself\Desktop\Wandern
[2012.06.30 18:29:41 | 000,000,000 | ---D | C] -- C:\Users\Myself\Desktop\Linking Park
[2012.06.18 11:08:14 | 000,000,000 | ---D | C] -- C:\Users\Myself\AppData\Local\Macromedia
[2012.06.11 13:58:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\System32
[1 C:\Users\Myself\Desktop\*.tmp files -> C:\Users\Myself\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.08 17:54:22 | 001,507,342 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.08 17:54:22 | 000,657,910 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.08 17:54:22 | 000,619,146 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.08 17:54:22 | 000,131,250 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.08 17:54:22 | 000,107,466 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.08 17:54:21 | 000,028,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 17:54:21 | 000,028,976 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 17:46:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.08 17:46:47 | 1941,094,399 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.08 17:46:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.08 17:45:16 | 000,000,020 | ---- | M] () -- C:\Users\Myself\defogger_reenable
[2012.07.07 18:33:59 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.07 18:17:14 | 000,050,477 | ---- | M] () -- C:\Users\Myself\Desktop\Defogger.exe
[2012.07.07 16:51:59 | 010,063,000 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Myself\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.07 16:50:26 | 003,889,704 | ---- | M] (Piriform Ltd) -- C:\Users\Myself\Desktop\ccsetup320.exe
[2012.07.07 16:47:53 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Myself\Desktop\OTL.exe
[2012.07.06 14:45:47 | 000,054,015 | ---- | M] () -- C:\Users\Myself\183071_105598086186381_3878415_n.jpg
[2012.07.06 10:52:00 | 000,000,655 | ---- | M] () -- C:\Users\Myself\Documents\ax_files.xml
[2012.07.04 09:49:10 | 000,001,531 | ---- | M] () -- C:\Windows\wininit.ini
[2012.06.29 19:26:07 | 1249,595,178 | ---- | M] () -- C:\Users\Myself\Desktop\lame.mkv
[2012.06.23 01:40:57 | 582,600,704 | ---- | M] () -- C:\Users\Myself\Desktop\take cd2.avi
[2012.06.23 01:38:15 | 609,087,488 | ---- | M] () -- C:\Users\Myself\Desktop\take cd1.avi
[2012.06.13 13:40:37 | 000,413,624 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[1 C:\Users\Myself\Desktop\*.tmp files -> C:\Users\Myself\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.08 17:45:16 | 000,000,020 | ---- | C] () -- C:\Users\Myself\defogger_reenable
[2012.07.07 18:33:59 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.07 18:17:14 | 000,050,477 | ---- | C] () -- C:\Users\Myself\Desktop\Defogger.exe
[2012.07.06 17:57:48 | 1249,595,178 | ---- | C] () -- C:\Users\Myself\Desktop\lame.mkv
[2012.07.06 14:45:44 | 000,054,015 | ---- | C] () -- C:\Users\Myself\183071_105598086186381_3878415_n.jpg
[2012.07.06 14:07:17 | 3741,417,471 | ---- | C] () -- C:\Users\Myself\Desktop\Wallander - DB.iso
[2012.07.05 21:28:50 | 4161,404,927 | ---- | C] () -- C:\Users\Myself\Desktop\Wallander - DF.iso
[2012.07.05 21:13:45 | 582,600,704 | ---- | C] () -- C:\Users\Myself\Desktop\take cd2.avi
[2012.07.05 21:13:28 | 609,087,488 | ---- | C] () -- C:\Users\Myself\Desktop\take cd1.avi
[2012.07.03 01:26:20 | 3422,036,053 | ---- | C] () -- C:\Users\Myself\Desktop\Der.Mann.mkv
[2012.06.11 10:41:39 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.04.02 19:03:29 | 000,001,531 | ---- | C] () -- C:\Windows\wininit.ini
[2012.02.12 17:36:29 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.02.12 12:14:06 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.03.02 07:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011.03.02 07:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2011.03.02 07:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2011.03.02 07:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2011.03.02 07:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
 
========== LOP Check ==========
 
[2012.03.13 21:16:55 | 000,000,000 | ---D | M] -- C:\Users\Myself\AppData\Roaming\IrfanView
[2012.02.12 16:37:03 | 000,000,000 | ---D | M] -- C:\Users\Myself\AppData\Roaming\Leadertech
[2012.02.12 14:24:45 | 000,000,000 | ---D | M] -- C:\Users\Myself\AppData\Roaming\Miranda Fusion
[2012.02.12 22:16:10 | 000,000,000 | ---D | M] -- C:\Users\Myself\AppData\Roaming\PacificPoker
[2012.03.13 20:58:59 | 000,000,000 | ---D | M] -- C:\Users\Myself\AppData\Roaming\PhotoFiltre
[2012.05.12 12:41:25 | 000,000,000 | ---D | M] -- C:\Users\Myself\AppData\Roaming\Samsung
[2012.07.07 15:33:23 | 000,000,000 | ---D | M] -- C:\Users\Myself\AppData\Roaming\Xeibov
[2012.05.11 14:45:45 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
--- --- ---



----------------------------------------------------------------------









OTL Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 08.07.2012 17:50:14 - Run 1
OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Myself\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,74 Gb Total Physical Memory | 6,36 Gb Available Physical Memory | 82,09% Memory free
15,49 Gb Paging File | 13,91 Gb Available in Paging File | 89,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 297,99 Gb Total Space | 167,13 Gb Free Space | 56,09% Space Free | Partition Type: NTFS
 
Computer Name: MYSELF-PC | User Name: Myself | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{23C301C7-BDA3-46FA-AE98-142DFBF2A85D}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{299D58E5-F116-4BFE-85EF-D7A2954AFDF7}" = lport=139 | protocol=6 | dir=in | app=system | 
"{311DEDE6-99BF-4FE9-B052-5C5A17E7C8D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{729FD71D-9BB1-49B5-BCCE-1BBCF8A6A635}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{7EC3ED81-4F57-4925-8859-F851466B58FA}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{86F36B87-E98D-473C-9980-5DB24A655484}" = lport=445 | protocol=6 | dir=in | app=system | 
"{93299D4B-2F12-45F8-878F-A85C3001F3F0}" = rport=445 | protocol=6 | dir=out | app=system | 
"{A02FD18C-0771-45BD-BBAD-D3826AEE49DD}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A438C1D0-3FD9-41ED-9CC1-445A92852215}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A8C45F52-7D3A-46CE-8258-04D7048FB0C2}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{B4326025-9681-4FFD-B013-249F8D84E5BF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C743921E-D214-4414-9987-697807513704}" = lport=137 | protocol=17 | dir=in | app=system | 
"{CA394C06-6208-4E6F-A03A-E7014E143C50}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{D7429BF6-9FD3-49C2-BD8B-0861797020D7}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{DAF7030D-A5B9-4E17-A246-1B3626C2E16A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{DB88D2BE-F564-48F5-8F08-106271AABCB7}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{DD95602E-54EC-4126-8B5D-5908D568A615}" = rport=139 | protocol=6 | dir=out | app=system | 
"{EF0CE250-9646-43B7-879E-23E00A8A7D01}" = rport=138 | protocol=17 | dir=out | app=system | 
"{F5E8A6E5-2F64-4648-8D2E-7EB0D350566B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F68168C5-E7EA-4177-8887-A42ED984F82E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F79BC302-0C8C-4FF0-BECA-8C23CD0CDE71}" = lport=138 | protocol=17 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{015C7763-F93D-4231-AF6E-A54123FDB549}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{088A792D-BB36-4B08-B847-81F008FCAF0E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{0AB61115-BF6E-4D59-A3DC-AC35E7ACF05A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{0D0B7441-63F8-4595-B8AD-1B309437E4D3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{10332853-18A8-4E17-A744-D2D4B0EE763F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4AD11F93-4E6E-4C0A-9642-3A3DE4631666}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{6F2FBEEC-41C5-4664-A37F-8675199BC89B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{714ADD09-CD1E-432C-8A44-E2EFB70BFFB7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{72F16791-F959-4C91-A512-4A5FCA232A56}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{743E21E7-23BF-46A1-9C0B-DDF7BD8522EA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{871AB04D-7CAC-4B14-A679-C152C5A4C3EB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{90D9E07C-022D-44D7-80D3-259A404CE655}" = protocol=6 | dir=out | app=system | 
"{97663165-3C2B-4538-9C92-FB841DA685E1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{9A031E13-45EA-497F-92A5-37BC9B025F90}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{A89B6BB1-B059-490B-9FA8-FAB295D487C3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A9F66BC9-C311-44AD-9721-070A7EAA26EA}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E27381F8-9A51-4360-A12F-4B2E78F5DF30}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{F2182E00-5A21-4E94-93F5-74D352491C0C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FF7B6F95-89C9-4174-B121-0BB755FCF7AB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{014C6C60-4916-48F7-916E-E8048E12E9F1}" = HP HotKey Support
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8FCB2935-2D33-166F-CCF3-0BFC02419983}" = ccc-utility64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9DFEC455-86B1-95C7-3189-B922131869E0}" = WMV9/VC-1 Video Playback
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D6120CE6-6591-A00E-E7EA-02CC3F47BF11}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Broadcom 802.11 Wireless LAN Adapter" = Broadcom 802.11 Wireless LAN Adapter
"CCleaner" = CCleaner
"EPSON SX110 Series" = Druckerdeinstallation für EPSON SX110 Series
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"sp6" = Logitech SetPoint 6.32
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.10 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00789D75-DD2A-CC46-AC78-06A845E785AF}" = CCC Help Finnish
"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{0E9A5816-8E92-577D-9BC8-2CCBD1D1C46D}" = CCC Help Polish
"{0EA30CC1-C0FA-036E-9F2E-50CDDDF47ED0}" = CCC Help Spanish
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{19BE5A8D-9390-3019-653B-840757E69F9B}" = Catalyst Control Center Localization All
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{31B86234-2E65-A855-8A14-47C253C38FD9}" = CCC Help Dutch
"{3C87C43B-0693-6941-8AFE-CD6011C73D5A}" = CCC Help Thai
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{40B8FAC4-BB82-5F03-D15B-BD2D355D8F8A}" = CCC Help Swedish
"{41DEF013-805A-8D82-B72E-6D1496ED3150}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{700E89B8-C157-34B5-E68C-6017823E6424}" = CCC Help Korean
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{712B481B-96DD-0065-6B14-57497730995D}" = CCC Help French
"{71CDBB06-7EB2-576E-F8EF-46A58F151E4E}" = CCC Help English
"{74443BC6-ED97-9A1B-52C4-B23D400D8255}" = CCC Help Italian
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7CAC2022-01CD-4FFD-4A29-089A676261CD}" = CCC Help Portuguese
"{7F292B05-7C7E-F016-6A7A-6FF74838B149}" = CCC Help Russian
"{90120000-0014-0000-0000-0000000FF1CE}" = Microsoft Office Professional 2007
"{90120000-0014-0000-0000-0000000FF1CE}_PRO_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_PRO_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_PRO_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_PRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_PRO_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_PRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_PRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_PRO_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = 2007 Microsoft Office Suite Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9135F223-3ED1-C424-93F9-3F4FB3F80C2F}" = CCC Help Danish
"{95140000-0080-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9596B7FA-9226-02D9-E417-C4CF064E5BEF}" = ccc-core-static
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v4.1
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{ACE3B3C3-2063-BBAD-BD77-DFEE4E5034B9}" = CCC Help Turkish
"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11
"{B2D3F27F-1602-195B-A546-13A288D24F32}" = CCC Help German
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C34B71C9-08A9-C73D-026B-D0D9AED1E0A2}" = CCC Help Norwegian
"{C4C73A45-1D4D-5875-A5C6-F3DAA8A75D8D}" = Catalyst Control Center InstallProxy
"{CF01D4F2-D8B0-2CD5-11F4-778A074255E7}" = CCC Help Hungarian
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{D5E3F9E2-FB26-F760-41BC-A9D6244C128E}" = CCC Help Chinese Traditional
"{DA9660B6-F1DD-41D3-BA3C-E7F7BF9921B2}" = Catalyst Control Center - Branding
"{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}" = LightScribe System Software
"{E220706D-CBD0-EA07-4175-081A1C10E161}" = CCC Help Greek
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E72EC29C-9853-4CC2-1F18-3A288C9A1FA8}" = CCC Help Czech
"{EFE4AB7D-4E94-441B-9A86-98E69E37567B}" = Nero Burning ROM 11
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5A538B0-42B0-6F7E-3BC9-B8F5B032FA09}" = CCC Help Japanese
"{F5F16745-6FCB-4134-83F9-2688ACFF5DC9}" = HP ESU for Microsoft Windows 7
"{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}" = Realtek Ethernet Controller All-In-One Windows Driver
"888poker" = 888poker
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Betfair Poker_is1" = Betfair Poker 1.0.0
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"MirandaFusion" = Miranda Fusion 3.1.15.1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PKR" = PKR
"Poker Heaven " = Poker Heaven
"PokerStars" = PokerStars
"PRO" = Microsoft Office Professional 2007
"SopCast" = SopCast 3.5.0
"Veetle TV" = Veetle TV
"VLC media player" = VLC media player 2.0.1
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"FoxTab FLV Player" = FoxTab FLV Player
"PhotoFiltre" = PhotoFiltre
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.06.2012 03:30:02 | Computer Name = Myself-PC | Source = Microsoft-Windows-EapHost | ID = 2002
Description = Überspringen: Eap method DLL path name Fehler bei der Überprüfung.
 Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 
Error - 28.06.2012 03:30:09 | Computer Name = Myself-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 28.06.2012 18:35:12 | Computer Name = Myself-PC | Source = Microsoft-Windows-EapHost | ID = 2002
Description = Überspringen: Eap method DLL path name Fehler bei der Überprüfung.
 Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 
Error - 28.06.2012 18:35:19 | Computer Name = Myself-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 29.06.2012 04:11:02 | Computer Name = Myself-PC | Source = Microsoft-Windows-EapHost | ID = 2002
Description = Überspringen: Eap method DLL path name Fehler bei der Überprüfung.
 Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 
Error - 29.06.2012 04:11:09 | Computer Name = Myself-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 30.06.2012 04:16:47 | Computer Name = Myself-PC | Source = Microsoft-Windows-EapHost | ID = 2002
Description = Überspringen: Eap method DLL path name Fehler bei der Überprüfung.
 Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 
Error - 30.06.2012 04:16:54 | Computer Name = Myself-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 01.07.2012 03:42:13 | Computer Name = Myself-PC | Source = Microsoft-Windows-EapHost | ID = 2002
Description = Überspringen: Eap method DLL path name Fehler bei der Überprüfung.
 Fehler: Type-ID=17, Autor-ID=9, Lieferant-ID=0, Lieferant-Typ=0
 
Error - 01.07.2012 03:42:20 | Computer Name = Myself-PC | Source = WinMgmt | ID = 10
Description = 
 
[ OSession Events ]
Error - 25.03.2012 09:26:38 | Computer Name = Myself-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 20914
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 22.05.2012 15:10:39 | Computer Name = Myself-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23931
 seconds with 240 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 07.07.2012 09:48:20 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB-Miniredirector-Wrapper und -Modul" ist vom Dienst 
"Umgeleitetes Puffersubsystem" abhängig, der aufgrund folgenden Fehlers nicht gestartet
 wurde:   %%31
 
Error - 07.07.2012 09:48:20 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 1.x-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 07.07.2012 09:48:20 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "SMB 2.0-Miniredirector" ist vom Dienst "SMB-Miniredirector-Wrapper
 und -Modul" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 07.07.2012 09:48:20 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NLA (Network Location Awareness)" ist vom Dienst "Netzwerkspeicher-Schnittstellendienst"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068
 
Error - 07.07.2012 09:48:20 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   AFD  avipbb  avkmgr  CSC  DfsC  discache  NetBIOS  NetBT  nsiproxy  Psched  rdbss  spldr  sptd  tdx  vwififlt
Wanarpv6
WfpLwf
 
Error - 07.07.2012 10:17:05 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit Scanner" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%306.
 
Error - 07.07.2012 10:17:41 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 07.07.2012 10:26:43 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit Scanner" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%306.
 
Error - 08.07.2012 09:46:34 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 08.07.2012 11:47:30 | Computer Name = Myself-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
 
< End of report >
--- --- ---
Geändert von JohnGotti (08.07.2012 um 17:29 Uhr)

 

Themen zu Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside
administrator, adobe, antivir, avg, avira, bho, ccsetup, device driver, error, explorer, fehler, firefox, flash player, format, helper, heuristiks/extra, heuristiks/shuriken, install.exe, langs, locker, logfile, microsoft office word, mozilla, object, plug-in, realtek, registry, rundll, scan, searchscopes, security, software, svchost.exe, usb


« Nach GVU-Trojander RunDLL "glom0_og.exe" fehler | TR/PSW.Zbot.2334 gefunden »


Ähnliche Themen: Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside


  1. Lyrixeeker und Babylon im Sytem (WIN 8 / Google Chrome / Comodo) Logs fertig!
    Plagegeister aller Art und deren Bekämpfung - 25.09.2013 (8)
  2. GVU Trojaner, Win 7, Systemwiederherstellung durchgeführt
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (11)
  3. Bundespolizei Trojaner - Systemwiederherstellung
    Plagegeister aller Art und deren Bekämpfung - 07.11.2012 (2)
  4. Wie lösche ich endgültig den GVU-Trojaner? Systemwiederherstellung bereits durchgeführt.
    Plagegeister aller Art und deren Bekämpfung - 19.10.2012 (1)
  5. Bundespolizei Trojaner - Systemwiederherstellung
    Log-Analyse und Auswertung - 16.10.2012 (1)
  6. GVU-Trojaner 2.07 / Logs angehängt / System sauber?
    Log-Analyse und Auswertung - 05.10.2012 (8)
  7. Bundespolizei Trojaner: Systemwiederherstellung durchgeführt
    Log-Analyse und Auswertung - 20.09.2012 (47)
  8. S.M.A.R.T. Repair Virus; Systemwiederherstellung durchgeführt; was bleibt zu tun?
    Log-Analyse und Auswertung - 25.07.2012 (30)
  9. BKA-Trojaner / Systemwiederherstellung durchgeführt / OTL.txt & EXTRAS.txt
    Log-Analyse und Auswertung - 25.07.2012 (2)
  10. BKA-Trojaner-Problem durch Systemwiederherstellung gelöst, ist mein PC jetzt sauber?
    Log-Analyse und Auswertung - 26.03.2012 (12)
  11. Bundespolizei Trojaner Otl-Scan wurde durchgeführt, brauche Hilfe!
    Log-Analyse und Auswertung - 19.03.2012 (9)
  12. Trojaner 'System check' eingefangen, Sony Vaio Systemwiederherstellung durchgeführt -> ausreichend?
    Plagegeister aller Art und deren Bekämpfung - 14.03.2012 (4)
  13. Trojaner "50 € Strafe" Systemwiederherstellung durchgeführt, derzeit ohne Virenprogramm
    Log-Analyse und Auswertung - 02.03.2012 (27)
  14. Ist nun mein Sytem sauber ?
    Plagegeister aller Art und deren Bekämpfung - 09.09.2011 (0)
  15. Bundespolizei-Trojaner nach Systemwiederherstellung
    Log-Analyse und Auswertung - 12.08.2011 (34)
  16. Viren Verdacht - Logs inside
    Log-Analyse und Auswertung - 24.12.2010 (2)
  17. TR/Trash.Gen Virus: Gelöscht: Ist das Sytem nun sauber?
    Log-Analyse und Auswertung - 16.04.2010 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside - Hallo, ich habe mir gestern den Bundespolizei-Trojaner eingefangen und dann einen Systemwiederherstellungspunkt vom Vortag ausgeführt. Der Trojaner scheint weg zu sein, aber ist mein System auch wirklich sicher? Bin mir - Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside...
Archiv
Du betrachtest: Bundespolizei-Trojaner - Systemwiederherstellung durchgeführt - Sytem sauber? logs inside auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19