Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
"Webseite kann nicht angezeigt werden"

"Webseite kann nicht angezeigt werden"


Log-Analyse und Auswertung: "Webseite kann nicht angezeigt werden"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 18.09.2012, 23:38   #1
ahead
 
"Webseite kann nicht angezeigt werden" - Icon17

"Webseite kann nicht angezeigt werden"


Guten Abend,

bin bisher von solchen Erlebnissen verschont geblieben, jetzt hat mich wohl auch ein etwas bekannterer Schädling erwischt. Ich bin neu auf dem Gebiet, wäre froh, wenn ihr mir bei der Fehlerbeseitigung ein bisschen unter die Arme helf

MEIN ANLIEGEN:

Nach dem Anmeldebildschirm erscheint eine Vollbild-Seite im Stil vom Internet Explorer, der mir sagt, dass eine bestimmte Seite nicht gefunden werden konnte.
Task-Manager lässt sich nicht starten.
Wenn ich das Boot-Menü aufrufen will, kommt eine Anzeige in folgendem Stil (ein Hoch auf MS Paint):



Der Unterstrich im oberen linken Eck blinkt.
Nichtsdestotrotz konnte ich ja zum Glück booten und konnte so OTL starten über REATOGO-X-PE.

Habe das REATOGO-X-PE Image auf eine DVD gebrannt und darüber gebootet.

Anliegend findet ihr die geforderten Log-Files von OTL:

OTL.txt

Code:
ATTFilter
OTL logfile created on: 9/19/2012 1:05:59 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 387.63 Gb Total Space | 204.63 Gb Free Space | 52.79% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 169.60 Gb Free Space | 18.21% Space Free | Partition Type: NTFS
Drive E: | 78.12 Gb Total Space | 2.11 Gb Free Space | 2.70% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- E:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- E:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (TabletServicePen) -- E:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.)
SRV:64bit: - (TouchServicePen) -- E:\Program Files\Tablet\Pen\Pen_TouchService.exe (Wacom Technology, Corp.)
SRV:64bit: - (AMD External Events Utility) -- E:\Windows\System32\atiesrxx.exe (AMD)
SRV:64bit: - (OODefragAgent) -- E:\Program Files\OO Defrag\oodag.exe (O&O Software GmbH)
SRV:64bit: - (WinDefend) -- E:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- E:\Windows\System32\appmgmts.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- E:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- E:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- E:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- E:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (Steam Client Service) -- E:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Creative Audio Engine Licensing Service) -- E:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Fabs) -- E:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (FirebirdServerMAGIXInstance) -- E:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (DCService.exe) -- E:\ProgramData\DataCardService\DCService.exe ()
SRV - (PassThru Service) -- E:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- E:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- E:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- E:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (CTAudSvcService) -- E:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (MSSQL$SONY_MEDIAMGR) -- E:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe (Microsoft Corporation)
SRV - (SQLAgent$SONY_MEDIAMGR) -- E:\Program Files (x86)\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (NVHDA) -- E:\Windows\System32\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NisDrv) -- E:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (wacmoumonitor) -- E:\Windows\System32\drivers\wacmoumonitor.sys (Wacom Technology)
DRV:64bit: - (wacommousefilter) -- E:\Windows\System32\drivers\wacommousefilter.sys (Wacom Technology)
DRV:64bit: - (wacomvhid) -- E:\Windows\System32\drivers\wacomvhid.sys (Wacom Technology)
DRV:64bit: - (atikmdag) -- E:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdag) -- E:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- E:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- E:\Windows\System32\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (sptd) -- E:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV:64bit: - (TsUsbFlt) -- E:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hwdatacard) -- E:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (huawei_enumerator) -- E:\Windows\System32\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (UnlockerDriver5) -- E:\Program Files\Unlocker\UnlockerDriver5.sys ()
DRV:64bit: - (htcnprot) -- E:\Windows\System32\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (amdiox64) -- E:\Windows\System32\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (HTCAND64) -- E:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (usb_rndisx) -- E:\Windows\System32\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (Ntfs) -- E:\Windows\System32\wbem\ntfs.mof ()
DRV:64bit: - (ebdrv) -- E:\Windows\system32\DRIVERS\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- E:\Windows\system32\DRIVERS\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- E:\Windows\System32\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (CTEXFIFX.SYS) -- E:\Windows\System32\drivers\CTEXFIFX.SYS (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX) -- E:\Windows\System32\drivers\CTEXFIFX.sys (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT.SYS) -- E:\Windows\System32\drivers\CTHWIUT.SYS (Creative Technology Ltd.)
DRV:64bit: - (CTHWIUT) -- E:\Windows\System32\drivers\CTHWIUT.sys (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.SYS) -- E:\Windows\System32\drivers\CT20XUT.SYS (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT) -- E:\Windows\System32\drivers\CT20XUT.sys (Creative Technology Ltd.)
DRV:64bit: - (RTL8167) -- E:\Windows\System32\drivers\Rt64win7.sys (Realtek Corporation                                            )
DRV:64bit: - (AnyDVD) -- E:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.)
DRV:64bit: - (ha20x2k) -- E:\Windows\System32\drivers\ha20x2k.sys (Creative Technology Ltd)
DRV:64bit: - (emupia) -- E:\Windows\System32\drivers\emupia2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctsfm2k) -- E:\Windows\System32\drivers\ctsfm2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctprxy2k) -- E:\Windows\System32\drivers\ctprxy2k.sys (Creative Technology Ltd)
DRV:64bit: - (ossrv) -- E:\Windows\System32\drivers\ctoss2k.sys (Creative Technology Ltd.)
DRV:64bit: - (ctaud2k) Creative Audio Driver (WDM) -- E:\Windows\System32\drivers\ctaud2k.sys (Creative Technology Ltd)
DRV:64bit: - (ctac32k) -- E:\Windows\System32\drivers\ctac32k.sys (Creative Technology Ltd)
DRV:64bit: - (CTHWIUT.DLL) -- E:\Windows\System32\CTHWIUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (CT20XUT.DLL) -- E:\Windows\System32\CT20XUT.DLL (Creative Technology Ltd.)
DRV:64bit: - (CTEXFIFX.DLL) -- E:\Windows\System32\CTEXFIFX.DLL (Creative Technology Ltd.)
DRV:64bit: - (CTEDSPSY.DLL) -- E:\Windows\System32\CTEDSPSY.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPIO.DLL) -- E:\Windows\System32\CTEDSPIO.DLL (Creative Technology Ltd)
DRV:64bit: - (CTERFXFX.DLL) -- E:\Windows\System32\CTERFXFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEDSPFX.DLL) -- E:\Windows\System32\CTEDSPFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTEAPSFX.DLL) -- E:\Windows\System32\CTEAPSFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTSBLFX.DLL) -- E:\Windows\System32\CTSBLFX.DLL (Creative Technology Ltd)
DRV:64bit: - (CTAUDFX.DLL) -- E:\Windows\System32\CTAUDFX.DLL (Creative Technology Ltd)
DRV:64bit: - (COMMONFX.DLL) -- E:\Windows\System32\COMMONFX.DLL (Creative Technology Ltd)
DRV:64bit: - (ATITool) -- E:\Windows\System32\drivers\ATITool64.sys ()
DRV - (AnyDVD) -- E:\Windows\SysWOW64\drivers\AnyDVD.sys (SlySoft, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.facemoods.com/?a=ddrnw
IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\Ferdi_ON_E\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0B C9 6E D7 78 20 CC 01  [binary data]
IE - HKU\Ferdi_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\Ferdi_ON_E\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "hxxp://www.facebook.com/"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\System32\Macromed\Flash\NPSWF64_11_3_300_271.dll ()
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer: E:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer: E:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.122.0: E:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@esn/esnlaunch,version=1.132.0: E:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@Google.com/GoogleEarthPlugin: E:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin: E:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: E:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming: E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.0.1: E:\Program Files (x86)\VLC Media Player\npvlc.dll (VideoLAN)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: E:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: E:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\Wow6432Node\MozillaPlugins\Adobe Reader: E:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: E:\Users\Ferdi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: E:\Users\Ferdi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: E:\Users\Ferdi\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: E:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/09/18 14:40:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/09/18 14:40:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\wow6432node\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
 
[2011/06/02 09:57:30 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Extensions
[2011/06/02 09:57:30 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/09/16 09:47:39 | 000,000,000 | ---D | M] (No name found) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Firefox\Profiles\s4wjptxu.default\extensions
[2012/08/19 18:26:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Firefox\Profiles\s4wjptxu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012/09/16 09:47:39 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- E:\Users\Ferdi\AppData\Roaming\Mozilla\Firefox\Profiles\s4wjptxu.default\extensions\ich@maltegoetz.de
[2012/09/07 07:47:24 | 000,000,000 | ---D | M] (No name found) -- E:\Program Files (x86)\Mozilla Firefox\extensions
File not found (No name found) -- 
() (No name found) -- E:\USERS\FERDI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\S4WJPTXU.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012/09/07 07:47:50 | 000,266,720 | ---- | M] (Mozilla Foundation) -- E:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/08/14 11:28:55 | 000,001,392 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/28 11:28:37 | 000,002,465 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/08/14 11:28:55 | 000,001,153 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011/10/19 12:16:14 | 000,002,048 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012/08/14 11:28:55 | 000,006,805 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/08/14 11:28:55 | 000,001,178 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/08/14 11:28:55 | 000,001,105 | ---- | M] () -- E:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012/06/11 19:42:27 | 000,002,666 | ---- | M]) - E:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 3dns.adobe.com
O1 - Hosts: 127.0.0.1 3dns-1.adobe.com
O1 - Hosts: 127.0.0.1 3dns-2.adobe.com
O1 - Hosts: 127.0.0.1 3dns-3.adobe.com
O1 - Hosts: 127.0.0.1 3dns-4.adobe.com
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sea.adobe.com
O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com
O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com
O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com
O1 - Hosts: 127.0.0.1 crl.verisign.net
O1 - Hosts: 127.0.0.1 CRL.VERISIGN.NET
O1 - Hosts: 127.0.0.1 ood.opsource.net
O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net
O1 - Hosts: 127.0.0.1 practivate.adobe
O1 - Hosts: 127.0.0.1 practivate.adobe
O1 - Hosts: 37 more lines...
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] E:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [MSC] E:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKU\Ferdi_ON_E..\Run: [Facebook Update] E:\Users\Ferdi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\Ferdi_ON_E..\Run: [osgjeecnozmbqxp] E:\ProgramData\osgjeecn.exe ()
O4 - HKU\Ferdi_ON_E..\Run: [Spotify Web Helper] E:\Users\Ferdi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\LocalService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\NetworkService_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\UpdatusUser_ON_E..\Run: [Sidebar] E:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\LocalService_ON_E..\RunOnce: [mctadmin]  File not found
O4 - HKU\NetworkService_ON_E..\RunOnce: [mctadmin]  File not found
O4 - HKU\UpdatusUser_ON_E..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\Ferdi_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - E:\Users\Ferdi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - E:\Users\Ferdi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O13:64bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Reg Error: Key error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - E:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - E:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKU\Ferdi_ON_E Winlogon: Shell - (expstart.exe) - E:\Windows\expstart.exe ()
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/03/24 07:06:41 | 000,000,053 | R--- | M] () - X:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{066a6910-ca42-11e0-ad32-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{066a6910-ca42-11e0-ad32-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{07de8c08-c13a-11e0-b133-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{07de8c08-c13a-11e0-b133-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{07de8c15-c13a-11e0-b133-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{07de8c15-c13a-11e0-b133-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{07de8c21-c13a-11e0-b133-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{07de8c21-c13a-11e0-b133-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{15ac4a93-d94e-11e0-b372-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{15ac4a93-d94e-11e0-b372-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{15ac4aa6-d94e-11e0-b372-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{15ac4aa6-d94e-11e0-b372-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{378cf6e2-c134-11e0-acae-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{378cf6e2-c134-11e0-acae-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{378cf6fb-c134-11e0-acae-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{378cf6fb-c134-11e0-acae-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{7a703e32-c04a-11e0-aeca-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{7a703e32-c04a-11e0-aeca-806e6f6e6963}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8c7d3308-c01b-11e0-8548-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{8c7d3308-c01b-11e0-8548-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8c7d3314-c01b-11e0-8548-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{8c7d3314-c01b-11e0-8548-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f6bbde7-c109-11e0-b136-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{8f6bbde7-c109-11e0-b136-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{8f6bbdfb-c109-11e0-b136-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{8f6bbdfb-c109-11e0-b136-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{9109209c-c0db-11e0-ae6c-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{9109209c-c0db-11e0-ae6c-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{910920b2-c0db-11e0-ae6c-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{910920b2-c0db-11e0-ae6c-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{9ad30109-c1e2-11e0-b291-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{9ad30109-c1e2-11e0-b291-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{9ad3011d-c1e2-11e0-b291-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{9ad3011d-c1e2-11e0-b291-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{c781e1d1-2a69-11e1-b78f-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{c781e1d1-2a69-11e1-b78f-00241dd0da6f}\Shell\AutoRun\command - "" = G:\LANLauncher.exe
O33 - MountPoints2\{d640eca9-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{d640eca9-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d640ecbd-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{d640ecbd-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d640eccf-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{d640eccf-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{d640ecd1-bdee-11e0-b4ac-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{d640ecd1-bdee-11e0-b4ac-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell\AutoRun\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell\configure\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{e7e8d8ed-8d11-11e0-aa05-00241dd0da6f}\Shell\install\command - "" = D:\SETUP.EXE
O33 - MountPoints2\{f2d7000d-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{f2d7000d-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f2d7000f-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{f2d7000f-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f2d7002b-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{f2d7002b-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f2d70041-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{f2d70041-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f2d70045-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{f2d70045-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\{f2d70054-bdf0-11e0-831b-00241dd0da6f}\Shell - "" = AutoRun
O33 - MountPoints2\{f2d70054-bdf0-11e0-831b-00241dd0da6f}\Shell\AutoRun\command - "" = G:\AutoRun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
64bit: O35 - HKLM\..comfile [open] -- "%1" %* File not found
64bit: O35 - HKLM\..exefile [open] -- "%1" %* File not found
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/09/18 17:06:30 | 000,000,000 | ---D | C] -- E:\ProgramData\xpwlsjghoevadnu
[2012/09/18 16:40:00 | 000,327,749 | ---- | C] (RealNetworks, Inc.) -- E:\Windows\SysWow64\drvc.dll
[2012/09/18 16:40:00 | 000,216,064 | RHS- | C] (MONOGRAM Multimedia, s.r.o.) -- E:\Windows\SysWow64\nbDX.dll
[2012/09/18 16:40:00 | 000,031,232 | RHS- | C] (Hans Mayerl) -- E:\Windows\SysWow64\msfDX.dll
[2012/09/18 16:40:00 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012/09/18 16:39:59 | 000,186,880 | RHS- | C] (RadLight) -- E:\Windows\SysWow64\RLOgg.ax
[2012/09/18 16:39:59 | 000,163,328 | RHS- | C] (Gabest) -- E:\Windows\SysWow64\flvDX.dll
[2012/09/18 16:39:59 | 000,092,672 | RHS- | C] (RadLight) -- E:\Windows\SysWow64\RLVorbisDec.ax
[2012/09/18 16:39:59 | 000,090,112 | RHS- | C] (-) -- E:\Windows\SysWow64\TTADSSplitter.ax
[2012/09/18 16:39:59 | 000,090,112 | RHS- | C] (-) -- E:\Windows\SysWow64\TTADSDecoder.ax
[2012/09/18 16:39:59 | 000,067,584 | RHS- | C] (RadLight, LLC) -- E:\Windows\SysWow64\RLTheoraDec.ax
[2012/09/18 16:39:58 | 000,161,792 | RHS- | C] (Gabest) -- E:\Windows\SysWow64\RealMediaDX.ax
[2012/09/18 16:39:57 | 000,179,200 | RHS- | C] (Gabest) -- E:\Windows\SysWow64\DiracSplitter.ax
[2012/09/18 16:39:57 | 000,123,904 | RHS- | C] (CoreCodec) -- E:\Windows\SysWow64\AVCDX.ax
[2012/09/18 16:39:41 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\SUPER
[2012/09/18 15:57:12 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\Apple Computer
[2012/09/18 15:54:06 | 000,000,000 | ---D | C] -- E:\Windows\de
[2012/09/18 15:43:31 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\Windows Live
[2012/09/18 15:19:08 | 000,000,000 | ---D | C] -- E:\Users\Public\Documents\MAGIX
[2012/09/18 15:19:08 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012/09/18 14:40:42 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/09/18 14:40:21 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\QuickTime
[2012/09/18 14:40:21 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple Computer
[2012/09/18 14:39:54 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\Apple
[2012/09/18 14:39:50 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\Apple
[2012/09/18 14:39:49 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Apple Software Update
[2012/09/18 14:39:49 | 000,000,000 | ---D | C] -- E:\ProgramData\Apple
[2012/09/18 14:34:39 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\avidemux
[2012/09/18 14:34:15 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\DesktopIconForAmazon
[2012/09/18 11:22:44 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012/09/13 06:14:49 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012/09/13 03:50:57 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Desktop\Logo Papa
[2012/09/12 11:57:28 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Desktop\Q3_SD
[2012/09/12 11:56:33 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\Video deluxe 2013
[2012/09/12 11:56:33 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\MAGIX Downloads
[2012/09/12 11:56:33 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\MAGIX
[2012/09/12 11:56:32 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Roaming\MAGIX
[2012/09/12 11:55:13 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\MAGIX Shared
[2012/09/12 11:53:46 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\MAGIX
[2012/09/12 11:53:38 | 000,000,000 | ---D | C] -- E:\ProgramData\MAGIX
[2012/09/12 11:53:35 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Common Files\MAGIX Services
[2012/09/12 03:51:39 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Desktop\plakat goin
[2012/09/12 03:02:46 | 000,376,688 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys
[2012/09/12 03:02:46 | 000,288,624 | ---- | C] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
[2012/09/11 04:56:41 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\Facebook
[2012/09/07 07:47:24 | 000,000,000 | ---D | C] -- E:\Program Files (x86)\Mozilla Firefox
[2012/09/03 19:28:04 | 000,000,000 | ---D | C] -- E:\Windows\System32\oodag
[2012/09/03 18:33:52 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\AppData\Local\O&O
[2012/09/03 18:33:42 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2012/09/03 18:33:41 | 000,000,000 | ---D | C] -- E:\Program Files\OO Defrag
[2012/09/03 18:27:31 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\CCleaner Reg Files
[2012/09/03 18:22:01 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/09/03 18:21:59 | 000,000,000 | ---D | C] -- E:\Program Files\CCleaner
[2012/08/25 09:03:57 | 000,000,000 | ---D | C] -- E:\Users\Ferdi\Documents\Battlefield 3
[2012/08/25 08:25:54 | 000,000,000 | ---D | C] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/08/25 08:21:29 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA
[2012/08/25 08:21:00 | 003,149,632 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvsvc64.dll
[2012/08/25 08:21:00 | 000,063,296 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvshext.dll
[2012/08/25 08:20:59 | 006,151,488 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcpl.dll
[2012/08/25 08:20:59 | 002,561,856 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvsvcr.dll
[2012/08/25 08:20:59 | 000,118,080 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvmctray.dll
[2012/08/25 08:20:36 | 000,068,928 | ---- | C] (Khronos Group) -- E:\Windows\System32\OpenCL.dll
[2012/08/25 08:20:36 | 000,061,248 | ---- | C] (Khronos Group) -- E:\Windows\SysWow64\OpenCL.dll
[2012/08/25 08:20:31 | 000,000,000 | ---D | C] -- E:\ProgramData\NVIDIA Corporation
[2012/08/25 08:20:08 | 010,194,752 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvwgf2umx.dll
[2012/08/25 08:20:08 | 008,105,280 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvwgf2um.dll
[2012/08/25 08:20:08 | 001,451,840 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvhdagenco6420103.dll
[2012/08/25 08:20:08 | 000,949,056 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvumdshimx.dll
[2012/08/25 08:20:08 | 000,818,496 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvumdshim.dll
[2012/08/25 08:20:08 | 000,188,736 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\drivers\nvhda64v.sys
[2012/08/25 08:20:08 | 000,031,040 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvhdap64.dll
[2012/08/25 08:20:07 | 025,743,168 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvoglv64.dll
[2012/08/25 08:20:07 | 025,248,064 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcompiler.dll
[2012/08/25 08:20:07 | 019,607,872 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvoglv32.dll
[2012/08/25 08:20:07 | 018,044,224 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvd3dumx.dll
[2012/08/25 08:20:07 | 017,551,680 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcompiler.dll
[2012/08/25 08:20:07 | 015,322,432 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvd3dum.dll
[2012/08/25 08:20:07 | 008,139,072 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcuda.dll
[2012/08/25 08:20:07 | 005,982,528 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcuda.dll
[2012/08/25 08:20:07 | 002,881,856 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcuvenc.dll
[2012/08/25 08:20:07 | 002,741,568 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvapi64.dll
[2012/08/25 08:20:07 | 002,681,664 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvcuvid.dll
[2012/08/25 08:20:07 | 002,524,992 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcuvid.dll
[2012/08/25 08:20:07 | 002,445,120 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvcuvenc.dll
[2012/08/25 08:20:07 | 002,368,832 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvapi.dll
[2012/08/25 08:20:07 | 001,738,048 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvdispco64.dll
[2012/08/25 08:20:07 | 001,468,224 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvgenco64.dll
[2012/08/25 08:20:07 | 000,364,352 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvdecodemft.dll
[2012/08/25 08:20:07 | 000,301,376 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvdecodemft.dll
[2012/08/25 08:20:07 | 000,246,592 | ---- | C] (NVIDIA Corporation) -- E:\Windows\System32\nvinitx.dll
[2012/08/25 08:20:07 | 000,202,048 | ---- | C] (NVIDIA Corporation) -- E:\Windows\SysWow64\nvinit.dll
[2012/08/25 07:46:42 | 000,000,000 | ---D | C] -- E:\ProgramData\EA Logs
[2012/08/23 19:31:46 | 000,426,184 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/23 19:31:46 | 000,070,344 | ---- | C] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/06/02 09:22:34 | 000,034,816 | ---- | C] ( ) -- E:\Windows\SysWow64\a3d.dll
[2009/06/03 18:32:54 | 000,012,800 | ---- | C] ( ) -- E:\Windows\SysWow64\killapps.exe
 
========== Files - Modified Within 30 Days ==========
 
[2012/09/18 17:28:19 | 000,067,584 | --S- | M] () -- E:\Windows\bootstat.dat
[2012/09/18 17:28:17 | 000,064,756 | ---- | M] () -- E:\Windows\System32\DVCState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/09/18 17:28:17 | 000,062,280 | ---- | M] () -- E:\Windows\System32\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/09/18 17:28:17 | 000,062,280 | ---- | M] () -- E:\Windows\System32\BMXState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx
[2012/09/18 17:27:40 | 2146,295,807 | -HS- | M] () -- E:\hiberfil.sys
[2012/09/18 17:17:42 | 000,014,752 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/18 17:17:42 | 000,014,752 | -H-- | M] () -- E:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/18 17:15:50 | 007,744,816 | ---- | M] () -- E:\Windows\System32\perfh007.dat
[2012/09/18 17:15:50 | 002,757,010 | ---- | M] () -- E:\Windows\System32\perfh009.dat
[2012/09/18 17:15:50 | 002,345,532 | ---- | M] () -- E:\Windows\System32\perfc007.dat
[2012/09/18 17:15:50 | 002,091,742 | ---- | M] () -- E:\Windows\System32\perfc009.dat
[2012/09/18 17:06:30 | 000,076,346 | ---- | M] () -- E:\ProgramData\uleqxaouoxmpwim
[2012/09/18 17:04:58 | 000,305,632 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI.sfk
[2012/09/18 17:04:25 | 000,080,384 | ---- | M] () -- E:\ProgramData\osgjeecn.exe
[2012/09/18 17:04:25 | 000,000,156 | ---- | M] () -- E:\Windows\Twunk001.MTX
[2012/09/18 17:04:25 | 000,000,003 | ---- | M] () -- E:\Windows\Twain001.Mtx
[2012/09/18 17:04:02 | 191,434,434 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI
[2012/09/18 17:01:00 | 000,000,928 | ---- | M] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job
[2012/09/18 16:41:48 | 000,001,152 | ---- | M] () -- E:\Users\Ferdi\Desktop\Continue Video Converter Installation.lnk
[2012/09/18 16:40:00 | 000,000,927 | ---- | M] () -- E:\Users\Public\Desktop\SUPER ©.lnk
[2012/09/18 16:40:00 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPER © - by eRightSoft
[2012/09/18 16:27:02 | 000,001,120 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job
[2012/09/18 16:17:37 | 000,332,448 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.sfk
[2012/09/18 15:56:48 | 005,971,800 | ---- | M] () -- E:\Windows\System32\FNTCACHE.DAT
[2012/09/18 15:53:54 | 000,001,265 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012/09/18 15:53:39 | 000,001,334 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2012/09/18 15:50:14 | 000,006,682 | ---- | M] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2012/09/18 15:19:08 | 000,001,081 | ---- | M] () -- E:\Users\Public\Desktop\MAGIX Video deluxe 2013.lnk
[2012/09/18 15:19:08 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2012/09/18 14:42:59 | 188,587,898 | ---- | M] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV
[2012/09/18 14:40:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2012/09/18 14:39:50 | 000,002,519 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/18 14:34:15 | 000,001,450 | ---- | M] () -- E:\Users\Ferdi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amazon.lnk
[2012/09/18 14:33:19 | 002,469,422 | ---- | M] () -- E:\Users\Ferdi\Desktop\VR440.jpg
[2012/09/18 11:27:00 | 000,001,068 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job
[2012/09/18 11:22:45 | 000,002,361 | ---- | M] () -- E:\Users\Ferdi\Desktop\Google Chrome.lnk
[2012/09/18 06:20:25 | 000,001,456 | ---- | M] () -- E:\Users\Ferdi\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/09/18 05:01:00 | 000,000,906 | ---- | M] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job
[2012/09/12 11:55:16 | 000,120,200 | ---- | M] () -- E:\Windows\SysWow64\DLLDEV32i.dll
[2012/09/10 17:19:23 | 000,467,300 | ---- | M] () -- E:\Users\Ferdi\Desktop\Ticket Ferdinand September 2012.pdf
[2012/09/07 06:55:47 | 000,001,124 | ---- | M] () -- E:\Users\Ferdi\Desktop\faviconbaer.png
[2012/09/04 09:48:20 | 000,283,304 | ---- | M] () -- E:\Windows\SysWow64\PnkBstrB.xtr
[2012/09/04 09:48:20 | 000,283,304 | ---- | M] () -- E:\Windows\SysWow64\PnkBstrB.exe
[2012/09/04 09:48:13 | 000,280,904 | ---- | M] () -- E:\Windows\SysWow64\PnkBstrB.ex0
[2012/09/04 06:05:51 | 000,002,441 | ---- | M] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2012/09/04 03:59:23 | 000,001,108 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/04 03:59:23 | 000,001,104 | ---- | M] () -- E:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/03 18:50:40 | 000,000,866 | ---- | M] () -- E:\Users\Public\Desktop\CCleaner.lnk
[2012/09/03 18:33:42 | 000,002,689 | ---- | M] () -- E:\Users\Public\Desktop\O&O Defrag.lnk
[2012/09/03 18:33:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
[2012/09/03 18:22:01 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012/09/03 18:04:07 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
[2012/08/28 18:25:04 | 000,001,203 | ---- | M] () -- E:\Users\Ferdi\Desktop\Free YouTube to MP3 Converter.lnk
[2012/08/28 18:25:04 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012/08/25 08:25:54 | 000,000,000 | ---D | M] -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2012/08/24 09:58:36 | 000,405,152 | ---- | M] (Newtonsoft) -- E:\Windows\SysWow64\Newtonsoft.Json.Net20.dll
[2012/08/23 19:31:46 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerApp.exe
[2012/08/23 19:31:46 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- E:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/22 14:12:40 | 000,376,688 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\netio.sys
[2012/08/22 14:12:33 | 000,288,624 | ---- | M] (Microsoft Corporation) -- E:\Windows\System32\drivers\FWPKCLNT.SYS
 
========== Files Created - No Company Name ==========
 
[2012/09/18 17:06:30 | 000,080,384 | ---- | C] () -- E:\ProgramData\osgjeecn.exe
[2012/09/18 17:04:52 | 000,305,632 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI.sfk
[2012/09/18 17:04:25 | 000,076,346 | ---- | C] () -- E:\ProgramData\uleqxaouoxmpwim
[2012/09/18 16:43:14 | 191,434,434 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.AVI
[2012/09/18 16:41:48 | 000,001,152 | ---- | C] () -- E:\Users\Ferdi\Desktop\Continue Video Converter Installation.lnk
[2012/09/18 16:40:00 | 000,000,927 | ---- | C] () -- E:\Users\Public\Desktop\SUPER ©.lnk
[2012/09/18 16:39:59 | 000,121,344 | RHS- | C] () -- E:\Windows\SysWow64\TAKDSDecoder.ax
[2012/09/18 16:39:59 | 000,107,520 | RHS- | C] () -- E:\Windows\SysWow64\TAKDSDecoder.dll
[2012/09/18 16:39:59 | 000,107,520 | RHS- | C] () -- E:\Windows\SysWow64\RLMPCDec.ax
[2012/09/18 16:39:59 | 000,051,712 | RHS- | C] () -- E:\Windows\SysWow64\RLSpeexDec.ax
[2012/09/18 16:39:58 | 000,195,584 | RHS- | C] () -- E:\Windows\SysWow64\MatroskaDX.ax
[2012/09/18 16:39:58 | 000,120,832 | RHS- | C] () -- E:\Windows\SysWow64\MPCDx.ax
[2012/09/18 16:39:58 | 000,070,656 | RHS- | C] () -- E:\Windows\SysWow64\RLAPEDec.ax
[2012/09/18 16:39:57 | 000,227,328 | RHS- | C] () -- E:\Windows\SysWow64\ac3DX.ax
[2012/09/18 16:39:57 | 000,175,104 | RHS- | C] () -- E:\Windows\SysWow64\CoreAAC.ax
[2012/09/18 16:39:57 | 000,097,280 | RHS- | C] () -- E:\Windows\SysWow64\FLACDX.ax
[2012/09/18 16:39:57 | 000,081,920 | RHS- | C] () -- E:\Windows\SysWow64\aac_parser.ax
[2012/09/18 16:17:23 | 000,332,448 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV.sfk
[2012/09/18 15:53:54 | 000,001,265 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012/09/18 15:53:39 | 000,001,334 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2012/09/18 15:19:08 | 000,001,081 | ---- | C] () -- E:\Users\Public\Desktop\MAGIX Video deluxe 2013.lnk
[2012/09/18 14:39:50 | 000,002,519 | ---- | C] () -- E:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012/09/18 14:34:15 | 000,001,450 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Amazon.lnk
[2012/09/18 14:33:21 | 002,469,422 | ---- | C] () -- E:\Users\Ferdi\Desktop\VR440.jpg
[2012/09/18 14:21:34 | 188,587,898 | ---- | C] () -- E:\Users\Ferdi\Desktop\ZOOM0008.MOV
[2012/09/18 11:22:45 | 000,002,361 | ---- | C] () -- E:\Users\Ferdi\Desktop\Google Chrome.lnk
[2012/09/18 11:22:21 | 000,001,120 | ---- | C] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job
[2012/09/18 11:22:20 | 000,001,068 | ---- | C] () -- E:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job
[2012/09/11 04:56:44 | 000,000,928 | ---- | C] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job
[2012/09/11 04:56:43 | 000,000,906 | ---- | C] () -- E:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job
[2012/09/10 17:19:23 | 000,467,300 | ---- | C] () -- E:\Users\Ferdi\Desktop\Ticket Ferdinand September 2012.pdf
[2012/09/07 06:55:46 | 000,001,124 | ---- | C] () -- E:\Users\Ferdi\Desktop\faviconbaer.png
[2012/09/03 18:33:42 | 000,002,689 | ---- | C] () -- E:\Users\Public\Desktop\O&O Defrag.lnk
[2012/09/03 18:22:01 | 000,000,866 | ---- | C] () -- E:\Users\Public\Desktop\CCleaner.lnk
[2012/08/25 08:20:59 | 002,621,723 | ---- | C] () -- E:\Windows\System32\nvcoproc.bin
[2012/08/25 08:20:07 | 000,014,324 | ---- | C] () -- E:\Windows\System32\nvinfo.pb
[2012/05/14 20:21:50 | 000,423,744 | ---- | C] () -- E:\Windows\SysWow64\nvStreaming.exe
[2012/04/08 15:00:53 | 000,000,132 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2012/03/24 16:58:48 | 000,000,132 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Adobe BMP Format CS5 Prefs
[2012/03/03 10:46:50 | 000,000,132 | ---- | C] () -- E:\Users\Ferdi\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/01/07 16:39:34 | 000,283,304 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrB.exe
[2012/01/07 16:39:31 | 000,076,888 | ---- | C] () -- E:\Windows\SysWow64\PnkBstrA.exe
[2011/11/02 01:59:29 | 000,007,764 | ---- | C] () -- E:\Windows\cadx2.ini
[2011/09/12 16:29:11 | 000,000,400 | ---- | C] () -- E:\Windows\ODBC.INI
[2011/09/06 15:50:54 | 000,001,456 | ---- | C] () -- E:\Users\Ferdi\AppData\Local\Adobe Save for Web 12.0 Prefs
[2011/09/06 12:04:59 | 000,925,184 | ---- | C] () -- E:\Windows\expstart.exe
[2011/09/06 11:04:35 | 000,404,288 | ---- | C] () -- E:\Windows\UTP.exe
[2011/09/06 03:22:14 | 000,252,928 | ---- | C] () -- E:\Windows\SysWow64\DShowRdpFilter.dll
[2011/08/24 14:19:10 | 000,056,320 | ---- | C] () -- E:\Windows\SysWow64\OpenVideo.dll
[2011/08/19 09:16:13 | 000,006,682 | ---- | C] () -- E:\Windows\SysWow64\PerfStringBackup.INI
[2011/08/19 09:00:29 | 000,032,256 | ---- | C] () -- E:\Windows\SysWow64\AVSredirect.dll
[2011/07/10 13:19:22 | 000,000,040 | -HS- | C] () -- E:\ProgramData\.zreglib
[2011/06/02 09:22:35 | 000,000,054 | ---- | C] () -- E:\Windows\SysWow64\ctzapxx.ini
[2011/06/02 09:22:34 | 000,325,724 | ---- | C] () -- E:\Windows\SysWow64\ctdlang.dat
[2011/06/02 09:22:34 | 000,313,207 | ---- | C] () -- E:\Windows\SysWow64\ctstatic.dat
[2011/06/02 09:22:34 | 000,055,904 | ---- | C] () -- E:\Windows\SysWow64\ctdnlstr.dat
[2011/06/02 09:22:34 | 000,053,932 | ---- | C] () -- E:\Windows\SysWow64\ctdaught.dat
[2011/06/01 12:55:59 | 000,148,480 | ---- | C] () -- E:\Windows\SysWow64\APOMngr.DLL
[2011/06/01 12:55:59 | 000,073,728 | ---- | C] () -- E:\Windows\SysWow64\CmdRtr.DLL
[2011/06/01 12:55:14 | 000,003,072 | ---- | C] () -- E:\Windows\SysWow64\CTXFIGER.DLL
[2011/06/01 12:15:14 | 000,000,000 | ---- | C] () -- E:\Windows\ativpsrm.bin
[2011/05/04 19:28:10 | 000,059,904 | ---- | C] () -- E:\Windows\SysWow64\OVDecode.dll
[2011/04/09 12:55:28 | 000,179,261 | ---- | C] () -- E:\Windows\SysWow64\xlive.dll.cat
[2011/03/17 13:51:44 | 000,003,929 | ---- | C] () -- E:\Windows\SysWow64\atipblag.dat
[2009/07/14 01:38:36 | 000,067,584 | --S- | C] () -- E:\Windows\bootstat.dat
[2009/07/13 22:35:51 | 000,000,741 | ---- | C] () -- E:\Windows\SysWow64\NOISE.DAT
[2009/07/13 22:34:42 | 000,215,943 | ---- | C] () -- E:\Windows\SysWow64\dssec.dat
[2009/07/13 20:10:29 | 000,043,131 | ---- | C] () -- E:\Windows\mib.bin
[2009/07/13 19:42:10 | 000,064,000 | ---- | C] () -- E:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 18:25:04 | 000,197,632 | ---- | C] () -- E:\Windows\SysWow64\ir32_32.dll
[2009/07/13 17:03:59 | 000,364,544 | ---- | C] () -- E:\Windows\SysWow64\msjetoledb40.dll
[2009/06/10 17:26:10 | 000,673,088 | ---- | C] () -- E:\Windows\SysWow64\mlang.dat
[2009/06/03 19:37:08 | 000,097,713 | R--- | C] () -- E:\Windows\SysWow64\instwdm.ini
[2009/06/03 18:55:20 | 000,002,560 | ---- | C] () -- E:\Windows\SysWow64\CtxfiRes.dll
[2009/06/03 18:33:04 | 000,007,680 | ---- | C] () -- E:\Windows\SysWow64\enlocstr.exe
[2009/05/27 03:49:00 | 000,000,285 | ---- | C] () -- E:\Windows\SysWow64\kill.ini
[2007/04/27 04:43:58 | 000,120,200 | ---- | C] () -- E:\Windows\SysWow64\DLLDEV32i.dll
[2007/03/05 03:10:20 | 000,043,520 | ---- | C] () -- E:\Windows\SysWow64\CTBURST.DLL
[2007/03/05 03:09:04 | 000,037,888 | ---- | C] () -- E:\Windows\SysWow64\PSCONV.EXE
[2005/10/04 11:28:12 | 000,071,680 | ---- | C] () -- E:\Windows\SysWow64\CTMMACTL.DLL
 
========== LOP Check ==========
 
[2012/01/07 14:16:26 | 000,000,000 | ---D | M] -- E:\ProgramData\AMD
[2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Anwendungsdaten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Application Data
[2011/11/29 10:12:42 | 000,000,000 | ---D | M] -- E:\ProgramData\Canneverbe Limited
[2011/06/02 08:13:26 | 000,000,000 | ---D | M] -- E:\ProgramData\DAEMON Tools Lite
[2011/08/09 05:24:52 | 000,000,000 | ---D | M] -- E:\ProgramData\DataCardService
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Desktop
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Documents
[2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Dokumente
[2012/01/07 16:40:48 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Core
[2012/08/25 08:26:43 | 000,000,000 | ---D | M] -- E:\ProgramData\EA Logs
[2012/01/07 16:40:51 | 000,000,000 | ---D | M] -- E:\ProgramData\Electronic Arts
[2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favoriten
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Favorites
[2012/09/12 11:56:34 | 000,000,000 | ---D | M] -- E:\ProgramData\MAGIX
[2011/12/25 11:37:15 | 000,000,000 | ---D | M] -- E:\ProgramData\MediaMonkey
[2011/08/07 11:42:41 | 000,000,000 | ---D | M] -- E:\ProgramData\Mobile Partner
[2012/08/14 11:40:49 | 000,000,000 | ---D | M] -- E:\ProgramData\Origin
[2011/09/21 10:46:16 | 000,000,000 | ---D | M] -- E:\ProgramData\regid.1986-12.com.adobe
[2011/07/10 13:19:23 | 000,000,000 | ---D | M] -- E:\ProgramData\SlySoft
[2011/08/19 09:15:16 | 000,000,000 | ---D | M] -- E:\ProgramData\Sony
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Start Menu
[2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Startmenü
[2009/07/14 01:08:56 | 000,000,000 | -HSD | M] -- E:\ProgramData\Templates
[2012/04/09 17:07:44 | 000,000,000 | ---D | M] -- E:\ProgramData\TrackMania
[2011/09/06 00:50:18 | 000,000,000 | ---D | M] -- E:\ProgramData\TuneUp Software
[2012/01/03 09:50:32 | 000,000,000 | ---D | M] -- E:\ProgramData\Ubisoft
[2011/08/07 11:24:19 | 000,000,000 | ---D | M] -- E:\ProgramData\Vodafone
[2011/06/01 12:11:25 | 000,000,000 | -HSD | M] -- E:\ProgramData\Vorlagen
[2012/09/18 17:06:43 | 000,000,000 | ---D | M] -- E:\ProgramData\xpwlsjghoevadnu
[2011/09/06 00:48:31 | 000,000,000 | -HSD | M] -- E:\ProgramData\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
[2012/09/18 05:01:00 | 000,000,906 | ---- | M] () -- E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001Core.job
[2012/09/18 17:01:00 | 000,000,928 | ---- | M] () -- E:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1938211568-3655134167-1898605797-1001UA.job
[2012/08/31 06:33:53 | 000,032,640 | ---- | M] () -- E:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 24 bytes -> E:\Windows:F589A80C4ECE0568
< End of report >
Extras.txt

Code:
ATTFilter
OTL Extras logfile created on: 9/19/2012 1:05:59 AM - Run 
OTLPE by OldTimer - Version 3.1.48.0     Folder = X:\Programs\OTLPE
64bit-Windows 7 Professional Service Pack 1 (Version = 6.1.7601) - Type = System
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.00 Gb Total Physical Memory | 3.00 Gb Available Physical Memory | 89.00% Memory free
3.00 Gb Paging File | 3.00 Gb Available in Paging File | 97.00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = E: | %SystemRoot% = E:\Windows | %ProgramFiles% = E:\Program Files (x86)
Drive C: | 387.63 Gb Total Space | 204.63 Gb Free Space | 52.79% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 169.60 Gb Free Space | 18.21% Space Free | Partition Type: NTFS
Drive E: | 78.12 Gb Total Space | 2.11 Gb Free Space | 2.70% Space Free | Partition Type: NTFS
Drive X: | 436.59 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
 
Computer Name: REATOGO | User Name: SYSTEM
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
Using ControlSet: ControlSet001
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- E:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- E:\Windows\System32\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- E:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- E:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1" File not found
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
jsfile [edit] -- "C:\Program Files (x86)\Dreamweaver 8\dreamweaver.exe" "%1" (Macromedia, Inc.)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU 
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A35302C-A6D3-DDE5-38BA-55E7BABA9670}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EDDD103-CF66-40DF-A0B9-DECDC0F017D5}" = MAGIX Video deluxe 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU 
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A3A1D6DC-7CB4-4894-8E54-3A48493EF488}" = MAGIX Speed burnR (MSI)
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"{FD686BCC-33E0-4990-BB88-3DAA8C29511E}" = O&O Defrag Free Edition
"CCleaner" = CCleaner
"DesktopIconAmazon" = Desktop Icon für Amazon
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Pen Tablet Driver" = Bamboo
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.01 (64-bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{03AC245F-4C64-425C-89CF-7783C1D3AB2C}" = Microsoft Sync Framework 2.0 Provider Services (x64) ENU 
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{26A24AE4-039D-4CA4-87B4-2F86416026FF}" = Java(TM) 6 Update 26 (64-bit)
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{4A35302C-A6D3-DDE5-38BA-55E7BABA9670}" = AMD Catalyst Install Manager
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5EDDD103-CF66-40DF-A0B9-DECDC0F017D5}" = MAGIX Video deluxe 2013
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{88DAAF05-5A72-46D2-A7C5-C3759697E943}" = SyncToy 2.1 (x64)
"{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}" = Microsoft Sync Framework 2.0 Core Components (x64) ENU 
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{A3A1D6DC-7CB4-4894-8E54-3A48493EF488}" = MAGIX Speed burnR (MSI)
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.42
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.16.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{CE52672C-A0E9-4450-8875-88A221D5CD50}" = Windows Live ID Sign-in Assistant
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F842F8B0-6942-4930-821F-543E976B2C66}" = MSVCRT110_amd64
"{FD686BCC-33E0-4990-BB88-3DAA8C29511E}" = O&O Defrag Free Edition
"CCleaner" = CCleaner
"DesktopIconAmazon" = Desktop Icon für Amazon
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Pen Tablet Driver" = Bamboo
"Unlocker" = Unlocker 1.9.1-x64
"WinRAR archiver" = WinRAR 4.01 (64-bit)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\Ferdi_ON_E\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"Spotify" = Spotify
 
< End of report >
Grüße aus Berlin!
ahead

Alt 19.09.2012, 20:09   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Webseite kann nicht angezeigt werden" - Standard

"Webseite kann nicht angezeigt werden"


Zitat:
Wenn ich das Boot-Menü aufrufen will, kommt eine Anzeige in folgendem Stil (ein Hoch auf MS Paint):
Bootmenü? Du meinst das welches nach F8 kommt um zB in den abgesicherten Modus starten zu können?
__________________

__________________
Alt 19.09.2012, 21:45   #3
ahead
 
"Webseite kann nicht angezeigt werden" - Standard

"Webseite kann nicht angezeigt werden"


Zitat:
Zitat von cosinus Beitrag anzeigen
Bootmenü? Du meinst das welches nach F8 kommt um zB in den abgesicherten Modus starten zu können?
Ich komme auf diesen komischen Bildschirm, wenn ich eine Funktion namens "XpressRecovery" ausführen will und noch etwas namens "Boot".

Wie auch immer:

Ich habe meine wichtigen Daten sichern können über REATOGO-X-PE und werde nun eine Neu-Formatierung durchführen. Ich denke, dass der Rest des Systems sauber sein dürfte, da ich eigentlich sehr gründlich immer schaue, dass alle Updates installiert sind und ich nicht jeden Dreck installiere oder anklicke.
Ich habe einige Webseiten selber gemacht, diese sind teilweise im HTML-Format. Dürfte doch kein Problem sein? Denn es heißt, das sind auch ausführbare Dateitypen, die gefährlich sein könnten. Damit meinte ich, dass sich der Schädling dort eingenistet hat in meinen eigenen Dateien.
__________________
Alt 20.09.2012, 13:56   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
"Webseite kann nicht angezeigt werden" - Standard

"Webseite kann nicht angezeigt werden"


HTML ist eine Auszeichnungsprache, keine Programmiersprache. HTML selbst ein rein textorientiert und NICHT ausführbar wie man es zB von EXE-Dateien kennt.
Wenn müsste der Schädling schon deine Platte nach (statischen) HTML-Dateien durchforsten und dort irgendwas injizerien an Fremdcode. Sowas kenn ich aber nur von gehackten oder verwundbaren Webservern dass da sowas passiert.
__________________
Logfiles bitte immer in CODE-Tags posten

Antwort

Themen zu "Webseite kann nicht angezeigt werden"
aufrufe, bho, booten, continue, converter, defender, download, error, explorer, firefox, format, google, helper, install.exe, internet, internet explorer, launch, limited.com/facebook, logfile, microsoft, mp3, msvcrt, neu, nvidia, nvidia update, plug-ins, realtek, registry, rundll, scan, schädling, security, software, spotify web helper, super, werden"


« Live Security Platinum eingefangen - wie werde ich den wieder los? | GVU Trojaner »


Ähnliche Themen: "Webseite kann nicht angezeigt werden"


  1. Fehler bei Mozilla "die Seite kann nicht angezeigt werden" ...
    Log-Analyse und Auswertung - 14.06.2014 (9)
  2. "Webseite kann nicht angezeigt werden" bei Windows 7 Boot
    Plagegeister aller Art und deren Bekämpfung - 03.12.2012 (2)
  3. "Diese Webseite kann nicht angezeigt werden" - Windows Vista 32 bit
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (4)
  4. Virus auf PC "Diese Webseite kann nicht angezeigt werden" - BKA?
    Plagegeister aller Art und deren Bekämpfung - 13.11.2012 (24)
  5. "Webseite kann nicht angezeigt werden" bei Windows 7 Boot
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (25)
  6. weisser dektop (wie bei IE) mit der aufschrifft "webseite kann nicht geöffnet werden" ...exploit.drop.ur.2
    Plagegeister aller Art und deren Bekämpfung - 29.10.2012 (33)
  7. Trojaner - "Diese Seite kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 21.09.2012 (8)
  8. Weisser Desktop "Webseite kann nicht angezeigt werden" Löschung auch ohne Admin-Rechte möglich?
    Log-Analyse und Auswertung - 16.09.2012 (8)
  9. "Diese Webseite kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 13.09.2012 (9)
  10. "Diese Webseite kann nicht angezeigt werden" - Virus
    Plagegeister aller Art und deren Bekämpfung - 10.09.2012 (9)
  11. fehlermeldung "diese webseite kann nicht angezeigt werden" bildschirm ist blockiert
    Log-Analyse und Auswertung - 14.08.2012 (3)
  12. Auch keinen Zugriff mehr aufden Desktop "Webseite kann nicht angezeigt werden"
    Log-Analyse und Auswertung - 09.08.2012 (1)
  13. Kein Zugriff auf Desktop! "Die Webseite kann nicht angezeigt werden."
    Log-Analyse und Auswertung - 28.04.2012 (27)
  14. Meldung im Vollbild "Webseite kann nicht angezeigt werden" kein Zugriff auf Desktop
    Plagegeister aller Art und deren Bekämpfung - 31.03.2012 (1)
  15. Microsoft-Update-Seite "kann nicht angezeigt werden"
    Plagegeister aller Art und deren Bekämpfung - 14.04.2010 (5)
  16. "Seite kann nicht angezeigt werden" - Internet Aussetzer
    Log-Analyse und Auswertung - 17.01.2008 (0)
  17. IE6: "Diese Seite kann nicht angezeigt werden."
    Log-Analyse und Auswertung - 23.12.2006 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema "Webseite kann nicht angezeigt werden" - Guten Abend, bin bisher von solchen Erlebnissen verschont geblieben, jetzt hat mich wohl auch ein etwas bekannterer Schädling erwischt. Ich bin neu auf dem Gebiet, wäre froh, wenn ihr mir - "Webseite kann nicht angezeigt werden"...
Archiv
Du betrachtest: "Webseite kann nicht angezeigt werden" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54