800000cb.@ und 80000000.@ Trojaner

Jamaico · 30.12.2012, 22:30

Hallo,

Ich habe aus versehen eine Datei aus einer E-Mail geöffnet und mir damit einige Trojaner eingefangen. Ein paar habe ich direkt mit einer Systemüberprüfung von Avira AntiVir gefunden und beseitigt, allerdings sind die beiden 800000cb.@ und 80000000.@ übrig geblieben und unlöschbar. Beim verschieben in Quarantäne kommen sie nach einiger zeit wieder. Ich weiß, dass dieses Problem hier schon oft beschrieben und gelöst wurde. Jedes mal wurde dabei am ende ComboFix verwendet, um die Trojaner zu entfernen. Da dieses Programm aber davon abrät, es ohne die Anweisung eines Helfers zu verwenden, bitte ich euch hiermit, mich bei diesem Problem zu unterstützen.

Ich danke schon mal im Voraus.
MFG Jamaico

Chris4You · 30.12.2012, 23:45

Hi,

wahrscheinlich Rootkit, schau ma mal...

Malwarebytes Antimalware (MAM)
Anleitung&Download hier: http://www.trojaner-board.de/51187-m...i-malware.html
Falls der Download nicht klappt, bitte hierüber eine generische Version runterladen:
http://filepony.de/download-chameleon/
Danach bitte update der Signaturdateien (Reiter "Aktualisierungen" -> Suche nach Aktualisierungen")
Fullscan und alles bereinigen lassen! Log posten.

OTL
Lade Dir OTL von Oldtimer herunter (http://filepony.de/download-otl/) und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe

Vista/Win7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen

Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output

Unter Extra Registry, wähle bitte Use SafeList

Klicke nun auf Run Scan links oben

Wenn der Scan beendet wurde werden 2 Logfiles erstellt (OTL.TXT und EXTRAS.TXT)

Poste die Logfiles hier in den Thread

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster (Report anklicken), den Text abkopieren und hier posten...

chris

Jamaico · 31.12.2012, 15:27

Hallo Chris,

Danke für deine schnelle Antwort. Der Malwarebytes suchlauf läuft grade. Ich habe noch vergessen, zu erwähnen, was genau Avira anzeigt und dachte mir, dass das vielleicht wichtig sein könnte:

Objekt ____________ Fund

800000cb.@ _______ TR/ATRAPS.Gen2
80000000.@ _______ TR/ATRAPS.Gen

Danke nochmal, dass du mir hilfst. In meiner nächsten antwort werde ich dann die ganzen Logs schicken, kann aber noch etwas dauern, da mein PC nicht der neueste ist, also etwas langsamer.

MFG Jamaico

Hallo Chris,

Die Programme sind jetzt alle fertig. Malwarebytes hat schon so einiges gefunden und nach dem neustart kam auch nicht mehr die Trojanermeldung von Avira. Ich denke mal, dass das schon mal ein gutes Zeichen ist.

Hier ist der Log von Malwarebytes:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2012.12.31.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 7.0.6002.18005
Jannik :: JANNIKS-PC [Administrator]

31.12.2012 15:21:57
MBAM-log-2012-12-31 (18-44-18).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|D:\|E:\|F:\|G:\|H:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 502366
Laufzeit: 3 Stunde(n), 21 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 1
HKCU\SOFTWARE\AdTools, Inc. (Adware.AdTools) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Esafpyv (Spyware.Zbot) -> Daten: C:\Users\Jannik\AppData\Roaming\Atoge\vely.exe -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 1
HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bösartig: (C:\$Recycle.Bin\S-1-5-21-3211964125-2924045506-2779433812-1003\$4712b5647866e69e10a4d6fab3c9c7e7\n.) Gut: (shell32.dll) -> Keine Aktion durchgeführt.

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 12
C:\Users\Jannik\AppData\Roaming\Atoge\vely.exe (Spyware.Zbot) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-21-3211964125-2924045506-2779433812-1003\$4712b5647866e69e10a4d6fab3c9c7e7\n (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-21-3211964125-2924045506-2779433812-1003\$4712b5647866e69e10a4d6fab3c9c7e7\U\00000001.@ (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-21-3211964125-2924045506-2779433812-1003\$4712b5647866e69e10a4d6fab3c9c7e7\U\80000000.@ (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\$Recycle.Bin\S-1-5-21-3211964125-2924045506-2779433812-1003\$4712b5647866e69e10a4d6fab3c9c7e7\U\800000cb.@ (Trojan.0Access) -> Keine Aktion durchgeführt.
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-18\$4712b5647866e69e10a4d6fab3c9c7e7\n.vir (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Qoobox\Quarantine\C\$Recycle.Bin\S-1-5-21-3211964125-2924045506-2779433812-1003\$4712b5647866e69e10a4d6fab3c9c7e7\n.vir (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Users\Jannik\AppData\Local\khpfaphd.exe (Trojan.FakeMS) -> Keine Aktion durchgeführt.
C:\Users\Jannik\AppData\Local\Temp\msimg32.dll (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Users\Jannik\AppData\Local\Temp\tmp61bff96e\622.exe (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Users\Jannik\AppData\Local\Temp\tmp842d2950\622.exe (Rootkit.0Access) -> Keine Aktion durchgeführt.
C:\Users\Jannik\AppData\Local\Temp\tmp89f58e2d\622.exe (Rootkit.0Access) -> Keine Aktion durchgeführt.

(Ende)

Hier ist die OTL.txt :

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 31.12.2012 18:52:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jannik\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,08% Memory free
4,24 Gb Paging File | 3,06 Gb Available in Paging File | 72,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,09 Gb Total Space | 111,14 Gb Free Space | 39,97% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 11,08 Gb Free Space | 55,44% Space Free | Partition Type: FAT32
 
Computer Name: JANNIKS-PC | User Name: Jannik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jannik\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Soluto\SolutoLauncherService.exe (Soluto)
PRC - C:\Programme\Soluto\SolutoService.exe (Soluto)
PRC - c:\Programme\Soluto\Soluto.exe (Soluto)
PRC - C:\Programme\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
PRC - C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
PRC - C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Users\Jannik\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation)
PRC - C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira GmbH)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Windows\System32\conime.exe (Microsoft Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPostBootResources\4177e8f13cb6821f0b79095a17ca6076\PCGPostBootResources.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGHIDProbe\0548bc3ee808bf01e82633cb292564b5\PCGHIDProbe.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Community.CsharpSql#\cd72a52b9057a87515d724a5e199b593\Community.CsharpSqlite.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGRSPProbe\d23d4a4297f006105e12543f0df1657d\PCGRSPProbe.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGWuInfo\ac00c36a254ce6302b6b698410c536c5\PCGWuInfo.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Interop.IWshRuntime#\a6e5ffd699cc92814c9e1be7c998e5d6\Interop.IWshRuntimeLibrary.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAppControlPlugin#\6598e1dfe149ffc3a1db20ce06855f67\PCGAppControlPluginLoader.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGUsersCenter\43817c08959103462a457634dae06617\PCGUsersCenter.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGClientCommon\11c4f75a3cca2a6ee05e702115be994f\PCGClientCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGBootVisualizingC#\aa1c19078ba770ad7e62a283eb911a5e\PCGBootVisualizingCommon.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDriverProbe\18d959c90e49bf1f12b40b8d496556d8\PCGDriverProbe.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGConfiguration\7ee1515fdf8a6721be06a535c0fddca7\PCGConfiguration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGDatabase\13ca217fbcfcb091ef2937878a7b6463\PCGDatabase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureEntityFrame#\57620807f63d6aa0ffe5f2add0ac342f\PCGAzureEntityFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGAzureShared\531d54fa2ef6bbb7acf1c5d28df30f3b\PCGAzureShared.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGCommunication\5bfa9f2915d852f40d95dbc8fef721dd\PCGCommunication.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPreCompiled\ea9282fe926ee425b7891546896caa6a\PCGPreCompiled.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.Linq\4e8e1846ea93d2635d8a996d820ad88b\System.Data.Linq.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGPrestoSerializer\434019945734d78e803f5e711c27bb0b\PCGPrestoSerializer.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Ionic.Zip.Reduced\53828f9d9a074498582df02ad1ebc22d\Ionic.Zip.Reduced.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Newtonsoft.Json.Net#\834ac54343828aa35f22eb298c725e3e\Newtonsoft.Json.Net35.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PCGFramework\a30c875f869b535540caf2c97ba87626\PCGFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Soluto\8e1e24a711a1230ad826242072966f86\Soluto.ni.exe ()
MOD - c:\Programme\Soluto\PCGDllExportInspector.dll ()
MOD - C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
MOD - C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\libglesv2.dll ()
MOD - C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\libegl.dll ()
MOD - C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\avutil-51.dll ()
MOD - C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\avformat-54.dll ()
MOD - C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\0e5c035921c0ea2153a0db7a73996fa3\System.DirectoryServices.AccountManagement.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\42c233e3c221682cfc56eb6eef4f401d\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6525d5b1a3b2cbea3301959a47b353c2\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\ac05afefb5b28893d44ec451da0e6d4e\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\6082261ca7c89e5c073a073fdd851572\System.DirectoryServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\0fe45f0908e1c17f9aca39670d35e3a7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\7f15d0cb7e4f87f86e425d5ffe7e8280\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\741164a3e36f879b9f9e3ff176465127\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\22e554f2c4da53c07e4815a24e2d50e2\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\2c6cd37f29fc76d6c2ed6bbed202d82c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b2052acbbbba4f98585196872195e009\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7ad9c44df3b85848590e63f13fc59804\mscorlib.ni.dll ()
MOD - C:\Programme\Notepad++\NppShell_04.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (SolutoLauncherService) -- C:\Programme\Soluto\SolutoLauncherService.exe (Soluto)
SRV - (SolutoService) -- C:\Programme\Soluto\SolutoService.exe (Soluto)
SRV - (SolutoRemoteService) -- C:\Programme\Soluto\SolutoRemoteService.exe (Soluto)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Application Updater) -- C:\Programme\Application Updater\ApplicationUpdater.exe (Spigot, Inc.)
SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll ()
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nvUpdatusService) -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (Hamachi2Svc) -- C:\Programme\Hamachi kann nichts\hamachi-2.exe (LogMeIn Inc.)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (VideoAcceleratorService) -- C:\Programme\SpeedBit Video Accelerator\VideoAcceleratorService.exe (SpeedBit Ltd.)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (npggsvc) -- C:\Windows\System32\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (XDva401) -- C:\Windows\system32\XDva401.sys File not found
DRV - (XDva400) -- C:\Windows\system32\XDva400.sys File not found
DRV - (XDva398) -- C:\Windows\system32\XDva398.sys File not found
DRV - (XDva397) -- C:\Windows\system32\XDva397.sys File not found
DRV - (XDva396) -- C:\Windows\system32\XDva396.sys File not found
DRV - (XDva394) -- C:\Windows\system32\XDva394.sys File not found
DRV - (XDva393) -- C:\Windows\system32\XDva393.sys File not found
DRV - (XDva391) -- C:\Windows\system32\XDva391.sys File not found
DRV - (XDva390) -- C:\Windows\system32\XDva390.sys File not found
DRV - (XDva389) -- C:\Windows\system32\XDva389.sys File not found
DRV - (XDva388) -- C:\Windows\system32\XDva388.sys File not found
DRV - (XDva387) -- C:\Windows\system32\XDva387.sys File not found
DRV - (XDva386) -- C:\Windows\system32\XDva386.sys File not found
DRV - (XDva385) -- C:\Windows\system32\XDva385.sys File not found
DRV - (XDva383) -- C:\Windows\system32\XDva383.sys File not found
DRV - (XDva380) -- C:\Windows\system32\XDva380.sys File not found
DRV - (XDva375) -- C:\Windows\system32\XDva375.sys File not found
DRV - (XDva370) -- C:\Windows\system32\XDva370.sys File not found
DRV - (XDva359) -- C:\Windows\system32\XDva359.sys File not found
DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found
DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found
DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found
DRV - (hwdatacard) -- system32\DRIVERS\ewusbmdm.sys File not found
DRV - (EagleXNt) -- C:\Windows\system32\drivers\EagleXNt.sys File not found
DRV - (EagleNT) -- C:\Windows\system32\drivers\EagleNT.sys File not found
DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found
DRV - (cpuz135) -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found
DRV - (blbdrive) -- C:\Windows\system32\drivers\blbdrive.sys File not found
DRV - (Soluto) -- C:\Windows\System32\drivers\Soluto.sys (Soluto LTD.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (WinRing0_1_2_0) -- C:\Programme\Game Booster 3\Driver\WinRing0.sys (OpenLibSys.org)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (UnlockerDriver5) -- C:\Programme\Unlocker\UnlockerDriver5.sys ()
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek                                            )
DRV - (RMCAST) -- C:\Windows\System32\drivers\rmcast.sys (Microsoft Corporation)
DRV - (hamachi) -- C:\Windows\System32\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (3xHybrid) -- C:\Windows\System32\drivers\3xHybrid.sys (Philips Semiconductors GmbH)
DRV - (BIOS) -- C:\Windows\System32\drivers\BIOS.sys (BIOSTAR Group)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook:  - No CLSID value found
IE - HKCU\..\URLSearchHook: {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Programme\IObit Toolbar\IE\6.6\iobitToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {9194d24d-1cdc-4847-ba77-d60d1209f3b2}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{2940E757-97C4-470D-9CF2-A2D90DE845A5}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
IE - HKCU\..\SearchScopes\{9194d24d-1cdc-4847-ba77-d60d1209f3b2}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo"
FF - prefs.js..browser.search.defaultthis.engineName: "Abacho Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2883880&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=382950&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/webhp?sourceid=navclient-ff&cplp=1325114688084"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: battlefieldheroespatcher@ea.com:5.0.145.0
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.9
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: searchpredict@speedbit.com:1.0.1.0
FF - prefs.js..extensions.enabledItems: {0329E7D6-6F54-462D-93F6-F5C3118BADF2}:2.3.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: iobit@mybrowserbar.com:6.6
FF - prefs.js..extensions.enabledItems: wtxpcom@mybrowserbar.com:6.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}:6.0.33
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}:6.0.35
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=382950&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@ogplanet.com/npOGPPlugin: C:\Windows\system32\npOGPPlugin.dll (OGPlanet)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@Webzen.com/NPGameWebStarter: C:\Program Files\WEBZEN\WebzenGameStarter\NPGameWebStarter.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jannik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jannik\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Jannik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\searchpredict@speedbit.com: C:\Program Files\SearchPredict\PRFireFox [2011.05.24 20:10:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}: C:\Program Files\SpeedBit Video Downloader\SPFireFox [2011.05.24 20:10:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.09.12 17:58:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.05.20 19:43:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.06.24 16:54:00 | 000,000,000 | ---D | M]
 
[2010.11.07 16:14:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jannik\AppData\Roaming\mozilla\Extensions
[2012.12.06 21:59:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jannik\AppData\Roaming\mozilla\Firefox\Profiles\lbbgdgmv.default\extensions
[2011.05.24 20:12:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jannik\AppData\Roaming\mozilla\Firefox\Profiles\lbbgdgmv.default\extensions\{0329E7D6-6F54-462D-93F6-F5C3118BADF2}
[2010.11.07 16:19:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Jannik\AppData\Roaming\mozilla\Firefox\Profiles\lbbgdgmv.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011.06.28 21:34:21 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Users\Jannik\AppData\Roaming\mozilla\Firefox\Profiles\lbbgdgmv.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2012.03.30 16:01:07 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jannik\AppData\Roaming\mozilla\Firefox\Profiles\lbbgdgmv.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.06.26 18:58:54 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Jannik\AppData\Roaming\mozilla\Firefox\Profiles\lbbgdgmv.default\extensions\battlefieldheroespatcher@ea.com
[2011.08.31 10:40:50 | 000,000,915 | ---- | M] () -- C:\Users\Jannik\AppData\Roaming\mozilla\firefox\profiles\lbbgdgmv.default\searchplugins\conduit.xml
[2010.11.07 16:15:15 | 000,002,342 | ---- | M] () -- C:\Users\Jannik\AppData\Roaming\mozilla\firefox\profiles\lbbgdgmv.default\searchplugins\icq-search.xml
[2011.09.03 16:03:45 | 000,000,950 | ---- | M] () -- C:\Users\Jannik\AppData\Roaming\mozilla\firefox\profiles\lbbgdgmv.default\searchplugins\icqplugin.xml
[2012.09.09 15:37:45 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2009.12.07 22:13:17 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Programme\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2011.11.26 21:24:56 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010.05.27 19:13:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.10 16:14:07 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.08 01:56:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.06 21:43:56 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.18 16:28:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.06.24 16:54:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.09 15:37:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.06 21:59:35 | 000,000,000 | ---D | M] (Widgi Toolbar Platform) -- C:\PROGRAM FILES\COMMON FILES\SPIGOT\WTXPCOM
[2012.12.06 21:59:35 | 000,000,000 | ---D | M] (IObit Toolbar) -- C:\PROGRAM FILES\IOBIT TOOLBAR\FF
[2009.08.29 19:48:35 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}
[2009.12.05 23:44:16 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
[2010.05.27 19:13:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.10 16:14:07 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.08 01:56:42 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.04.06 21:43:56 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.18 16:28:22 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2012.06.24 16:54:32 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.09.09 15:37:45 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2011.05.24 20:10:49 | 000,000,000 | ---D | M] (SearchPredict) -- C:\PROGRAM FILES\SEARCHPREDICT\PRFIREFOX
[2011.05.24 20:10:52 | 000,000,000 | ---D | M] (SpeedBit Video Downloader) -- C:\PROGRAM FILES\SPEEDBIT VIDEO DOWNLOADER\SPFIREFOX
[2010.07.27 16:13:46 | 000,027,136 | ---- | M] (NHN USA Inc.) -- C:\Program Files\mozilla firefox\plugins\npijjiautoinstallpluginff.dll
[2010.06.28 13:03:46 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.06.28 13:03:46 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2010.06.28 13:03:46 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.06.28 13:03:46 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.06.28 13:03:46 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jannik\AppData\Local\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jannik\AppData\Local\Google\Chrome\User Data\PepperFlash\11.1.31.203\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: ijji Auto Install Plugin for Mozilla (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npijjiautoinstallpluginff.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Disabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Nexon Game Controller (Disabled) = C:\ProgramData\NexonUS\NGM\npNxGameUS.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Jannik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: OGPlanet Game Plugin (Disabled) = C:\Windows\system32\npOGPPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Users\Jannik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Jannik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Jannik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Google Mail = C:\Users\Jannik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2 - BHO: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Programme\IObit Toolbar\IE\6.6\iobitToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (SBCONVERT Class) - {3017FB3E-9A77-4396-88C5-0EC9548FB42F} - C:\Programme\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Programme\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (SearchPredictObj Class) - {389943B0-C3A2-4E69-82CB-8596A84CB3DC} - C:\Programme\SearchPredict\SearchPredict.dll (Speedbit Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (GrabberObj Class) - {FF7C3CF0-4B15-11D1-ABED-709549C10000} - C:\Programme\SpeedBit Video Downloader\Toolbar\Grabber.dll (Speedbit Ltd.)
O3 - HKLM\..\Toolbar: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Programme\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (IObit Toolbar) - {0BDA0769-FD72-49F4-9266-E1FB004F4D8F} - C:\Programme\IObit Toolbar\IE\6.6\iobitToolbarIE.dll (Spigot, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (SpeedBit Video Downloader) - {0329E7D6-6F54-462D-93F6-F5C3118BADF2} - C:\Programme\SpeedBit Video Downloader\Toolbar\tbcore3.dll ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [SearchSettings] C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe (Spigot, Inc.)
O4 - HKLM..\Run: [Skytel] C:\Programme\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Jannik\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Esafpyv] C:\Users\Jannik\AppData\Roaming\Atoge\vely.exe File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Program Files\SpeedBit Video Accelerator\SBLSP.dll (SpeedBit)
O13 - gopher Prefix: missing
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} https://www.battlefieldheroes.com/static/updater/BFHUpdater_5.0.31.0.cab (Battlefield Heroes Updater)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{098F8384-C0D9-45BD-AD5B-195AC983842C}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O24 - Desktop WallPaper: C:\Users\Jannik\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Jannik\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2008.01.19 00:02:52 | 000,000,076 | ---- | M] () - D:\AUTORUN.INF -- [ FAT32 ]
O33 - MountPoints2\{07200ed1-0412-11e2-806c-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{07200ed1-0412-11e2-806c-0030676d0844}\Shell\AutoRun\command - "" = J:\Windows\CHECK\DriveNavigator.exe
O33 - MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.31 18:40:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jannik\Desktop\OTL.exe
[2012.12.31 15:20:27 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Malwarebytes
[2012.12.31 15:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.31 15:20:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.31 15:20:02 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.31 15:20:02 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.26 22:02:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Soluto
[2012.12.26 22:02:28 | 000,000,000 | ---D | C] -- C:\Program Files\Soluto
[2012.12.24 16:28:31 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.12.24 16:28:31 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.12.24 16:28:31 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.12.24 16:28:25 | 000,000,000 | --SD | C] -- C:\ComboFix
[2012.12.24 16:26:38 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.12.24 16:26:22 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.12.24 15:44:22 | 000,000,000 | ---D | C] -- C:\Program Files\Auf dem neuen PC
[2012.12.24 15:35:54 | 005,012,686 | R--- | C] (Swearware) -- C:\Users\Jannik\Desktop\ComboFix.exe
[2012.12.23 16:47:18 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Qulyos
[2012.12.23 16:47:18 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Fiybu
[2012.12.23 16:47:18 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Atoge
[2012.12.21 17:29:37 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.21 17:29:37 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.17 22:45:17 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\gamigo
[2012.12.17 22:45:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gamigo
[2012.12.12 23:08:28 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Wdfres.dll
[2012.12.12 23:08:26 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winusb.dll
[2012.12.12 23:08:25 | 000,172,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFPlatform.dll
[2012.12.12 23:08:23 | 000,047,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\WdfLdr.sys
[2012.12.12 23:08:22 | 000,613,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFx.dll
[2012.12.12 23:08:22 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WUDFCoinstaller.dll
[2012.12.12 22:07:14 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 22:07:10 | 000,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2012.12.12 22:07:09 | 001,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 22:07:09 | 000,498,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 22:07:09 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2012.12.12 22:07:09 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieapfltr.dll
[2012.12.12 22:07:09 | 000,193,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2012.12.12 22:07:09 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 22:07:09 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 22:07:09 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 22:07:05 | 000,376,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 22:07:05 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnsvr.exe
[2012.12.12 22:04:23 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.10 17:21:51 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Local\Aeria Games
[2012.12.10 17:21:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Aeria Games
[2012.12.10 17:10:39 | 000,000,000 | -HSD | C] -- C:\Windows\System32\AI_RecycleBin
[2012.12.10 17:10:18 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Aeria Games & Entertainment
[2012.12.08 23:50:25 | 000,000,000 | ---D | C] -- C:\Users\Jannik\Documents\Raiderz
[2012.12.08 21:32:37 | 000,000,000 | ---D | C] -- C:\Program Files\RaiderZ
[2012.12.07 10:29:10 | 000,000,000 | ---D | C] -- C:\Program Files\Magic Plot
[2012.12.06 22:16:20 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\MagicPlot
[2012.12.06 21:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Spigot
[2012.12.06 21:59:25 | 000,000,000 | ---D | C] -- C:\Program Files\Application Updater
[2012.12.06 21:59:24 | 000,000,000 | ---D | C] -- C:\Program Files\IObit Toolbar
[2012.12.03 21:34:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.12.01 19:04:55 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Local\Daedalic Entertainment
[2010.11.07 16:14:01 | 001,822,520 | ---- | C] (Microsoft Corporation) -- C:\Users\Jannik\instmsiw.exe
[2010.11.07 16:14:01 | 001,708,856 | ---- | C] (Microsoft Corporation) -- C:\Users\Jannik\instmsia.exe
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.31 18:47:01 | 000,006,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.31 18:47:01 | 000,006,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.31 18:46:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.31 18:46:50 | 2146,754,560 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.31 18:40:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jannik\Desktop\OTL.exe
[2012.12.31 18:24:01 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.31 18:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.31 18:16:01 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3211964125-2924045506-2779433812-1003UA.job
[2012.12.31 17:16:06 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3211964125-2924045506-2779433812-1003Core.job
[2012.12.31 15:20:05 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.30 22:31:05 | 000,000,104 | ---- | M] () -- C:\Users\Jannik\Desktop\Hilfe.url
[2012.12.29 23:52:15 | 000,000,066 | ---- | M] () -- C:\Users\Jannik\Desktop\Accel World - Wikipedia, the free encyclopedia.url
[2012.12.27 16:09:25 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.26 17:53:09 | 000,652,122 | ---- | M] () -- C:\Users\Jannik\Desktop\303143.jpg
[2012.12.24 15:36:17 | 005,012,686 | R--- | M] (Swearware) -- C:\Users\Jannik\Desktop\ComboFix.exe
[2012.12.23 21:56:32 | 000,056,402 | ---- | M] () -- C:\Users\Jannik\Desktop\Sedex.jpg
[2012.12.23 20:49:01 | 000,046,131 | ---- | M] () -- C:\Users\Jannik\AppData\Local\hvfwohqu
[2012.12.23 20:41:54 | 000,000,000 | ---- | M] () -- C:\Users\Jannik\AppData\Roaming\SharedSettings.ccs
[2012.12.22 01:47:40 | 000,364,612 | ---- | M] () -- C:\Users\Jannik\Desktop\How to make Wands.jpg
[2012.12.21 20:57:48 | 000,253,240 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.20 19:19:42 | 000,051,144 | ---- | M] (Soluto LTD.) -- C:\Windows\System32\drivers\Soluto.sys
[2012.12.19 19:47:23 | 000,442,074 | ---- | M] () -- C:\Users\Jannik\Desktop\cosplay.jpg
[2012.12.16 14:12:54 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.16 11:50:29 | 000,293,376 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.14 17:44:38 | 000,000,073 | ---- | M] () -- C:\Users\Jannik\Desktop\Let's Play Together.url
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.13 14:19:16 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.13 14:19:16 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.12 22:20:55 | 000,002,060 | ---- | M] () -- C:\Users\Jannik\Desktop\Google Chrome.lnk
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.12.31 15:20:05 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.12.29 23:52:15 | 000,000,066 | ---- | C] () -- C:\Users\Jannik\Desktop\Accel World - Wikipedia, the free encyclopedia.url
[2012.12.26 17:53:08 | 000,652,122 | ---- | C] () -- C:\Users\Jannik\Desktop\303143.jpg
[2012.12.24 16:28:31 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.12.24 16:28:31 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.12.24 16:28:31 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.12.24 16:28:31 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.12.24 16:28:31 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.12.24 15:03:35 | 000,000,104 | ---- | C] () -- C:\Users\Jannik\Desktop\Hilfe.url
[2012.12.23 21:56:25 | 000,056,402 | ---- | C] () -- C:\Users\Jannik\Desktop\Sedex.jpg
[2012.12.23 20:49:01 | 000,046,131 | ---- | C] () -- C:\Users\Jannik\AppData\Local\hvfwohqu
[2012.12.23 20:41:54 | 000,000,000 | ---- | C] () -- C:\Users\Jannik\AppData\Roaming\SharedSettings.ccs
[2012.12.22 01:47:40 | 000,364,612 | ---- | C] () -- C:\Users\Jannik\Desktop\How to make Wands.jpg
[2012.12.19 19:47:16 | 000,442,074 | ---- | C] () -- C:\Users\Jannik\Desktop\cosplay.jpg
[2012.12.14 17:44:38 | 000,000,073 | ---- | C] () -- C:\Users\Jannik\Desktop\Let's Play Together.url
[2012.12.12 23:08:35 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.12 23:08:35 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.10.25 20:35:01 | 000,000,001 | ---- | C] () -- C:\Windows\System32\SI.bin
[2012.07.01 18:00:24 | 000,003,992 | ---- | C] () -- C:\Users\Jannik\.recently-used.xbel
[2012.06.24 17:55:21 | 000,000,104 | ---- | C] () -- C:\Users\Jannik\Papierkorb - Verknüpfung.lnk
[2012.06.24 17:52:33 | 000,000,054 | ---- | C] () -- C:\Windows\winlemm.ini
[2012.05.25 19:18:48 | 1309,831,076 | ---- | C] () -- C:\Users\Jannik\SilkroadOnline_SROROfficial_v1_029.exe
[2012.01.10 20:44:31 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.10.25 22:39:27 | 000,000,032 | R--- | C] () -- C:\ProgramData\hash.dat
[2011.10.24 23:55:48 | 000,138,056 | ---- | C] () -- C:\Users\Jannik\AppData\Roaming\PnkBstrK.sys
[2011.09.05 18:52:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.31 07:39:50 | 000,058,368 | ---- | C] () -- C:\Windows\System32\bdmpegv.dll
[2011.05.31 07:38:18 | 000,015,360 | ---- | C] () -- C:\Windows\System32\bdmjpeg.dll
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011.02.18 14:17:35 | 000,001,356 | ---- | C] () -- C:\Users\Jannik\AppData\Local\d3d9caps.dat
[2011.02.16 18:25:03 | 000,083,076 | -H-- | C] () -- C:\Windows\System32\mlfcache.dat
[2010.12.17 15:19:45 | 000,000,173 | ---- | C] () -- C:\Users\Jannik\AppData\Roaming\D2Info0
[2010.12.17 15:19:45 | 000,000,008 | ---- | C] () -- C:\Users\Jannik\AppData\Roaming\DofusAppId0_2
[2010.11.08 00:21:29 | 000,000,094 | ---- | C] () -- C:\Users\Jannik\AppData\Local\fusioncache.dat
[2010.11.07 16:48:58 | 000,011,264 | ---- | C] () -- C:\Users\Jannik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.07 16:14:01 | 001,806,336 | ---- | C] () -- C:\Users\Jannik\SpeedTreeRT.dll
[2010.11.07 16:14:01 | 000,000,003 | ---- | C] () -- C:\Users\Jannik\mouse.cfg
[2010.11.07 16:14:01 | 000,000,000 | ---- | C] () -- C:\Users\Jannik\__ng3d.lock
 
========== ZeroAccess Check ==========
 
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"ThreadingModel" = Both
"" = shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 116 bytes -> C:\ProgramData\TEMP:BEB15613

< End of report >

--- --- ---

Hier ist die Extras.txt :

OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 31.12.2012 18:52:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jannik\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,00 Gb Total Physical Memory | 0,98 Gb Available Physical Memory | 49,08% Memory free
4,24 Gb Paging File | 3,06 Gb Available in Paging File | 72,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 278,09 Gb Total Space | 111,14 Gb Free Space | 39,97% Space Free | Partition Type: NTFS
Drive D: | 19,99 Gb Total Space | 11,08 Gb Free Space | 55,44% Space Free | Partition Type: FAT32
 
Computer Name: JANNIKS-PC | User Name: Jannik | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{07FCBED5-94C3-4F94-B9D3-360FA27C7B06}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}" = Microsoft SQL Server Compact 3.5 DEU
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1DCCB2B0-A482-464F-94F6-1219693E34F0}_is1" = AeroSnap 0.61
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager
"{2945BF05-EDBE-4EA7-8C3F-605E84678034}" = ArcSoft WebCam Companion 3
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{35CB6715-41F8-4F99-8881-6FC75BF054B0}" = Oblivion
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D374523-CFDE-461A-827E-2A102E2AB365}" = Star Wars Battlefront II
"{4422D20B-F530-4E65-8504-31396C9BC066}" = Google SketchUp 8
"{46BE6D86-7BEF-4DAB-B3E6-7B932D3872F3}_is1" = Dragonica Version TEST
"{46C045BF-2B3F-4BC4-8E4C-00E0CF8BD9DB}" = Adobe AIR
"{47E16407-05D3-4D2A-B2B9-C30700B7C2AD}" = LogMeIn Hamachi
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{52061908-F94F-3D78-AA50-B956039C845D}" = Microsoft Visual C# 2008 Express Edition - DEU
"{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}" = Paint.NET v3.5.10
"{58D68DF0-4E8B-4E9E-B425-670F9E37C1A8}" = TES Construction Set
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7EE9145D-C430-44E6-B5ED-61FF9C332103}_is1" = War of the Immortals DE
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 4.3.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes
"{901DC58A-5C1B-4315-BA40-5AD3D3A463B9}" = REACTOR
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{92127AF5-FDD8-4ADF-BC40-C356C9EE0B7D}" = 32 Bit HP CIO Components Installer
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.5 - Deutsch
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.97
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B542E870-529B-4A92-9EFB-7C772BA8C88C}" = S4 League_EU
"{B82A7D5E-4371-4FBB-97E3-1A7C6646A933}" = IObit Toolbar v6.6
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{C07B8BC4-AFD9-3AA4-BDF5-330A07591FDE}" = Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{E32260E7-0B10-43C7-9B77-AB9F4184676D}" = Microsoft SQL Server Compact 3.5 Design Tools DEU
"{E5BA7FD7-45F0-4C12-9D2C-C522C332130C}" = Soluto
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}" = Nexon Game Manager
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FF29527A-44CD-3422-945E-981A13584000}" = VC Runtimes MSI
"7-Zip" = 7-Zip 9.20
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Akamai" = Akamai NetSession Interface Service
"AltoMP3 Gold" = AltoMP3 Gold 5.20
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"BandiMPEG1" = Bandisoft MPEG-1 Decoder
"CCleaner" = CCleaner
"De_Blob_EN" = De Blob (alleen verwijderen)
"DivX Setup" = DivX-Setup
"Free FLV to MP3 Converter_is1" = Free FLV to MP3 Converter
"Game Booster_is1" = Game Booster 3
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Visual C# 2008 Express Edition - DEU" = Microsoft Visual C# 2008 Express Edition - DEU
"Mozilla Firefox (3.6.12)" = Mozilla Firefox (3.6.12)
"NCLauncher_GameForge" = NC Launcher (GameForge)
"Neffy" = Neffy 1,3,29,0
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"SpeedBit Video Accelerator" = SpeedBit Video Accelerator
"SpeedBit Video Downloader" = SpeedBit Video Downloader
"Steam App 105600" = Terraria
"Steam App 204030" = Fable - The Lost Chapters
"Steam App 48000" = LIMBO
"Steam App 65800" = Dungeon Defenders
"SystemRequirementsLab" = System Requirements Lab
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TIPP10_is1" = TIPP10 Version 2.0.3
"TmNationsForever_is1" = TmNationsForever
"Veoh Web Player Beta" = Veoh Web Player
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Google Chrome" = Google Chrome
"SkyDriveSetup.exe" = Microsoft SkyDrive
"UnityWebPlayer" = Unity Web Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 27.04.2012 11:24:42 | Computer Name = Janniks-PC | Source = Application Hang | ID = 1002
Description = Programm iTunes.exe, Version 10.6.1.7 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: a1c  Anfangszeit: 01cd24892666baa2  Zeitpunkt der Beendigung:
 0
 
Error - 27.04.2012 11:26:28 | Computer Name = Janniks-PC | Source = Application Hang | ID = 1002
Description = Programm iTunes.exe, Version 10.6.1.7 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: 14fc  Anfangszeit: 01cd2489ec22fe13  Zeitpunkt der Beendigung:
 110
 
Error - 27.04.2012 12:01:36 | Computer Name = Janniks-PC | Source = Application Hang | ID = 1002
Description = Programm iTunes.exe, Version 10.6.1.7 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: 1074  Anfangszeit: 01cd248a3279f5a6  Zeitpunkt der Beendigung:
 28
 
Error - 27.04.2012 17:24:08 | Computer Name = Janniks-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Skype.exe, Version 4.2.0.187, Zeitstempel 0x4c7f99c9,
 fehlerhaftes Modul kernel32.dll, Version 6.0.6002.18449, Zeitstempel 0x4da47967,
 Ausnahmecode 0xe0fafafa, Fehleroffset 0x0003fc56,  Prozess-ID 0x10ac, Anwendungsstartzeit
 01cd24893ecde44e.
 
Error - 05.05.2012 11:46:16 | Computer Name = Janniks-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 05.05.2012 11:46:16 | Computer Name = Janniks-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 05.05.2012 11:46:17 | Computer Name = Janniks-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 05.05.2012 19:34:58 | Computer Name = Janniks-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 13.05.2012 13:39:45 | Computer Name = Janniks-PC | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung spoolsv.exe, Version 6.0.6002.18294, Zeitstempel
 0x4c6a9898, fehlerhaftes Modul SBLSP.dll, Version 3.2.2.4, Zeitstempel 0x4d932f7f,
 Ausnahmecode 0xc0000005, Fehleroffset 0x00003110,  Prozess-ID 0x7d4, Anwendungsstartzeit
 01cd312f5a4fb134.
 
Error - 15.05.2012 17:27:05 | Computer Name = Janniks-PC | Source = EventSystem | ID = 4609
Description = 
 
Error - 18.05.2012 10:36:39 | Computer Name = Janniks-PC | Source = System Restore | ID = 8193
Description = 
 
[ System Events ]
Error - 29.12.2012 17:02:42 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 30.12.2012 16:38:12 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 30.12.2012 16:38:12 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 30.12.2012 16:38:12 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 31.12.2012 10:00:22 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 31.12.2012 10:00:22 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 31.12.2012 10:00:22 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 31.12.2012 13:48:35 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7023
Description = 
 
Error - 31.12.2012 13:48:35 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7003
Description = 
 
Error - 31.12.2012 13:48:35 | Computer Name = Janniks-PC | Source = Service Control Manager | ID = 7003
Description = 
 
 
< End of report >

--- --- ---

Jamaico · 01.01.2013, 04:23

Und hier ist der Report von TDSS Killer :

Zitat:

04:01:56.0414 2864 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
04:01:56.0632 2864 ============================================================
04:01:56.0632 2864 Current date / time: 2013/01/01 04:01:56.0632
04:01:56.0632 2864 SystemInfo:
04:01:56.0632 2864
04:01:56.0632 2864 OS Version: 6.0.6002 ServicePack: 2.0
04:01:56.0632 2864 Product type: Workstation
04:01:56.0632 2864 ComputerName: JANNIKS-PC
04:01:56.0632 2864 UserName: Jannik
04:01:56.0632 2864 Windows directory: C:\Windows
04:01:56.0632 2864 System windows directory: C:\Windows
04:01:56.0632 2864 Processor architecture: Intel x86
04:01:56.0632 2864 Number of processors: 2
04:01:56.0632 2864 Page size: 0x1000
04:01:56.0632 2864 Boot type: Normal boot
04:01:56.0632 2864 ============================================================
04:01:57.0242 2864 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x605A4, SectorsPerTrack: 0x21, TracksPerCylinder: 0x30, Type 'K0', Flags 0x00000050
04:01:57.0273 2864 ============================================================
04:01:57.0273 2864 \Device\Harddisk0\DR0:
04:01:57.0273 2864 MBR partitions:
04:01:57.0273 2864 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x22C2D000
04:01:57.0304 2864 \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x22C2D83F, BlocksNum 0x27FFE82
04:01:57.0304 2864 ============================================================
04:01:57.0335 2864 C: <-> \Device\Harddisk0\DR0\Partition1
04:01:57.0335 2864 D: <-> \Device\Harddisk0\DR0\Partition2
04:01:57.0335 2864 ============================================================
04:01:57.0335 2864 Initialize success
04:01:57.0335 2864 ============================================================
04:03:48.0269 2176 ============================================================
04:03:48.0269 2176 Scan started
04:03:48.0269 2176 Mode: Manual; SigCheck; TDLFS;
04:03:48.0269 2176 ============================================================
04:03:48.0566 2176 ================ Scan services =============================
04:03:48.0738 2176 [ 5ABD10518DEC48B4FA5FFC03B73402E5 ] 3xHybrid C:\Windows\system32\DRIVERS\3xHybrid.sys
04:03:48.0926 2176 3xHybrid - ok
04:03:49.0019 2176 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
04:03:49.0035 2176 ACDaemon - ok
04:03:49.0066 2176 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
04:03:49.0082 2176 ACPI - ok
04:03:49.0160 2176 [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
04:03:49.0176 2176 AdobeFlashPlayerUpdateSvc - ok
04:03:49.0238 2176 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
04:03:49.0269 2176 adp94xx - ok
04:03:49.0301 2176 [ B84088CA3CDCA97DA44A984C6CE1CCAD ] adpahci C:\Windows\system32\drivers\adpahci.sys
04:03:49.0316 2176 adpahci - ok
04:03:49.0348 2176 [ 7880C67BCCC27C86FD05AA2AFB5EA469 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
04:03:49.0363 2176 adpu160m - ok
04:03:49.0379 2176 [ 9AE713F8E30EFC2ABCCD84904333DF4D ] adpu320 C:\Windows\system32\drivers\adpu320.sys
04:03:49.0394 2176 adpu320 - ok
04:03:49.0457 2176 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
04:03:49.0504 2176 AeLookupSvc - ok
04:03:49.0566 2176 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
04:03:49.0629 2176 AFD - ok
04:03:49.0660 2176 [ EF23439CDD587F64C2C1B8825CEAD7D8 ] agp440 C:\Windows\system32\drivers\agp440.sys
04:03:49.0676 2176 agp440 - ok
04:03:49.0723 2176 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
04:03:49.0738 2176 aic78xx - ok
04:03:49.0894 2176 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
04:03:49.0894 2176 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
04:03:49.0910 2176 Akamai ( HiddenFile.Multi.Generic ) - warning
04:03:49.0910 2176 Akamai - detected HiddenFile.Multi.Generic (1)
04:03:49.0957 2176 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
04:03:50.0035 2176 ALG - ok
04:03:50.0051 2176 [ 90395B64600EBB4552E26E178C94B2E4 ] aliide C:\Windows\system32\drivers\aliide.sys
04:03:50.0066 2176 aliide - ok
04:03:50.0098 2176 [ 2B13E304C9DFDFA5EB582F6A149FA2C7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
04:03:50.0113 2176 amdagp - ok
04:03:50.0161 2176 [ 0577DF1D323FE75A739C787893D300EA ] amdide C:\Windows\system32\drivers\amdide.sys
04:03:50.0177 2176 amdide - ok
04:03:50.0192 2176 [ DC487885BCEF9F28EECE6FAC0E5DDFC5 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
04:03:50.0270 2176 AmdK7 - ok
04:03:50.0286 2176 [ 0CA0071DA4315B00FC1328CA86B425DA ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
04:03:50.0364 2176 AmdK8 - ok
04:03:50.0442 2176 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
04:03:50.0474 2176 AntiVirSchedulerService - ok
04:03:50.0489 2176 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
04:03:50.0505 2176 AntiVirService - ok
04:03:50.0567 2176 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
04:03:50.0614 2176 Appinfo - ok
04:03:50.0661 2176 [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
04:03:50.0677 2176 Apple Mobile Device - ok
04:03:50.0724 2176 [ 2C349460E40EF6B9604D774AAF367730 ] Application Updater C:\Program Files\Application Updater\ApplicationUpdater.exe
04:03:50.0786 2176 Application Updater ( UnsignedFile.Multi.Generic ) - warning
04:03:50.0786 2176 Application Updater - detected UnsignedFile.Multi.Generic (1)
04:03:50.0833 2176 [ 5F673180268BB1FDB69C99B6619FE379 ] arc C:\Windows\system32\drivers\arc.sys
04:03:50.0849 2176 arc - ok
04:03:50.0895 2176 [ 957F7540B5E7F602E44648C7DE5A1C05 ] arcsas C:\Windows\system32\drivers\arcsas.sys
04:03:50.0911 2176 arcsas - ok
04:03:51.0020 2176 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
04:03:51.0036 2176 aspnet_state - ok
04:03:51.0067 2176 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
04:03:51.0114 2176 AsyncMac - ok
04:03:51.0145 2176 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
04:03:51.0161 2176 atapi - ok
04:03:51.0224 2176 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
04:03:51.0270 2176 AudioEndpointBuilder - ok
04:03:51.0302 2176 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
04:03:51.0317 2176 Audiosrv - ok
04:03:51.0333 2176 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
04:03:51.0349 2176 avgntflt - ok
04:03:51.0380 2176 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
04:03:51.0395 2176 avipbb - ok
04:03:51.0442 2176 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
04:03:51.0505 2176 Beep - ok
04:03:51.0536 2176 [ BE5D50529799B9BAB6BE879EC768B6CF ] BIOS C:\Windows\system32\drivers\BIOS.sys
04:03:51.0567 2176 BIOS ( UnsignedFile.Multi.Generic ) - warning
04:03:51.0567 2176 BIOS - detected UnsignedFile.Multi.Generic (1)
04:03:51.0630 2176 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
04:03:51.0724 2176 BITS - ok
04:03:51.0724 2176 blbdrive - ok
04:03:51.0802 2176 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
04:03:51.0817 2176 Bonjour Service - ok
04:03:51.0849 2176 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
04:03:51.0895 2176 bowser - ok
04:03:51.0942 2176 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
04:03:51.0989 2176 BrFiltLo - ok
04:03:52.0005 2176 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
04:03:52.0036 2176 BrFiltUp - ok
04:03:52.0067 2176 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
04:03:52.0130 2176 Browser - ok
04:03:52.0177 2176 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
04:03:52.0239 2176 Brserid - ok
04:03:52.0255 2176 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
04:03:52.0317 2176 BrSerWdm - ok
04:03:52.0333 2176 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
04:03:52.0411 2176 BrUsbMdm - ok
04:03:52.0427 2176 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
04:03:52.0505 2176 BrUsbSer - ok
04:03:52.0536 2176 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
04:03:52.0599 2176 BTHMODEM - ok
04:03:52.0630 2176 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
04:03:52.0661 2176 cdfs - ok
04:03:52.0692 2176 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
04:03:52.0739 2176 cdrom - ok
04:03:52.0786 2176 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
04:03:52.0833 2176 CertPropSvc - ok
04:03:52.0864 2176 [ DA8E0AFC7BAA226C538EF53AC2F90897 ] circlass C:\Windows\system32\drivers\circlass.sys
04:03:52.0927 2176 circlass - ok
04:03:52.0958 2176 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
04:03:52.0974 2176 CLFS - ok
04:03:53.0036 2176 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
04:03:53.0052 2176 clr_optimization_v2.0.50727_32 - ok
04:03:53.0083 2176 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
04:03:53.0099 2176 clr_optimization_v4.0.30319_32 - ok
04:03:53.0114 2176 [ 45201046C776FFDAF3FC8A0029C581C8 ] cmdide C:\Windows\system32\drivers\cmdide.sys
04:03:53.0130 2176 cmdide - ok
04:03:53.0162 2176 [ 82B8C91D327CFECF76CB58716F7D4997 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
04:03:53.0178 2176 Compbatt - ok
04:03:53.0193 2176 COMSysApp - ok
04:03:53.0225 2176 cpuz135 - ok
04:03:53.0256 2176 cpuz136 - ok
04:03:53.0271 2176 [ 2A213AE086BBEC5E937553C7D9A2B22C ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
04:03:53.0287 2176 crcdisk - ok
04:03:53.0303 2176 [ 22A7F883508176489F559EE745B5BF5D ] Crusoe C:\Windows\system32\drivers\crusoe.sys
04:03:53.0365 2176 Crusoe - ok
04:03:53.0412 2176 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
04:03:53.0428 2176 CryptSvc - ok
04:03:53.0475 2176 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
04:03:53.0537 2176 DcomLaunch - ok
04:03:53.0568 2176 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
04:03:53.0615 2176 DfsC - ok
04:03:53.0693 2176 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
04:03:53.0865 2176 DFSR - ok
04:03:53.0928 2176 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
04:03:53.0943 2176 Dhcp - ok
04:03:53.0990 2176 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
04:03:54.0006 2176 disk - ok
04:03:54.0037 2176 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
04:03:54.0084 2176 Dnscache - ok
04:03:54.0115 2176 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
04:03:54.0162 2176 dot3svc - ok
04:03:54.0193 2176 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
04:03:54.0240 2176 Dot4 - ok
04:03:54.0271 2176 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
04:03:54.0287 2176 Dot4Print - ok
04:03:54.0303 2176 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
04:03:54.0365 2176 dot4usb - ok
04:03:54.0396 2176 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
04:03:54.0443 2176 DPS - ok
04:03:54.0475 2176 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
04:03:54.0506 2176 drmkaud - ok
04:03:54.0553 2176 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
04:03:54.0584 2176 DXGKrnl - ok
04:03:54.0631 2176 [ F88FB26547FD2CE6D0A5AF2985892C48 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
04:03:54.0678 2176 E1G60 - ok
04:03:54.0709 2176 EagleNT - ok
04:03:54.0725 2176 EagleXNt - ok
04:03:54.0756 2176 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
04:03:54.0787 2176 EapHost - ok
04:03:54.0834 2176 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
04:03:54.0850 2176 Ecache - ok
04:03:54.0912 2176 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
04:03:54.0928 2176 ehRecvr - ok
04:03:54.0959 2176 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
04:03:55.0006 2176 ehSched - ok
04:03:55.0021 2176 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
04:03:55.0053 2176 ehstart - ok
04:03:55.0100 2176 [ E8F3F21A71720C84BCF423B80028359F ] elxstor C:\Windows\system32\drivers\elxstor.sys
04:03:55.0131 2176 elxstor - ok
04:03:55.0162 2176 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
04:03:55.0240 2176 EMDMgmt - ok
04:03:55.0271 2176 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
04:03:55.0318 2176 EventSystem - ok
04:03:55.0365 2176 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
04:03:55.0381 2176 exfat - ok
04:03:55.0412 2176 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
04:03:55.0459 2176 fastfat - ok
04:03:55.0490 2176 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
04:03:55.0537 2176 fdc - ok
04:03:55.0568 2176 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
04:03:55.0615 2176 fdPHost - ok
04:03:55.0646 2176 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
04:03:55.0709 2176 FDResPub - ok
04:03:55.0756 2176 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
04:03:55.0771 2176 FileInfo - ok
04:03:55.0803 2176 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
04:03:55.0850 2176 Filetrace - ok
04:03:55.0881 2176 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
04:03:55.0928 2176 flpydisk - ok
04:03:55.0975 2176 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
04:03:55.0990 2176 FltMgr - ok
04:03:56.0053 2176 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
04:03:56.0100 2176 FontCache - ok
04:03:56.0178 2176 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
04:03:56.0193 2176 FontCache3.0.0.0 - ok
04:03:56.0209 2176 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
04:03:56.0240 2176 Fs_Rec - ok
04:03:56.0271 2176 [ 4E1CD0A45C50A8882616CAE5BF82F3C5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
04:03:56.0287 2176 gagp30kx - ok
04:03:56.0318 2176 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
04:03:56.0334 2176 GEARAspiWDM - ok
04:03:56.0365 2176 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
04:03:56.0443 2176 gpsvc - ok
04:03:56.0521 2176 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
04:03:56.0537 2176 gupdate - ok
04:03:56.0553 2176 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
04:03:56.0568 2176 gupdatem - ok
04:03:56.0584 2176 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
04:03:56.0600 2176 hamachi - ok
04:03:56.0662 2176 [ D1C12332326D7F4AB5CB57C660FEED0B ] Hamachi2Svc C:\Program Files\Hamachi kann nichts\hamachi-2.exe
04:03:56.0740 2176 Hamachi2Svc - ok
04:03:56.0803 2176 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
04:03:56.0865 2176 HdAudAddService - ok
04:03:56.0912 2176 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
04:03:56.0990 2176 HDAudBus - ok
04:03:57.0021 2176 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
04:03:57.0084 2176 HidBth - ok
04:03:57.0115 2176 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
04:03:57.0162 2176 HidIr - ok
04:03:57.0193 2176 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\System32\hidserv.dll
04:03:57.0225 2176 hidserv - ok
04:03:57.0256 2176 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
04:03:57.0303 2176 HidUsb - ok
04:03:57.0334 2176 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
04:03:57.0365 2176 hkmsvc - ok
04:03:57.0412 2176 [ DF353B401001246853763C4B7AAA6F50 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
04:03:57.0412 2176 HpCISSs - ok
04:03:57.0459 2176 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
04:03:57.0490 2176 HTTP - ok
04:03:57.0537 2176 hwdatacard - ok
04:03:57.0553 2176 [ 324C2152FF2C61ABAE92D09F3CCA4D63 ] i2omp C:\Windows\system32\drivers\i2omp.sys
04:03:57.0568 2176 i2omp - ok
04:03:57.0600 2176 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
04:03:57.0646 2176 i8042prt - ok
04:03:57.0678 2176 [ C957BF4B5D80B46C5017BF0101E6C906 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
04:03:57.0693 2176 iaStorV - ok
04:03:57.0771 2176 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
04:03:57.0787 2176 IDriverT ( UnsignedFile.Multi.Generic ) - warning
04:03:57.0787 2176 IDriverT - detected UnsignedFile.Multi.Generic (1)
04:03:57.0850 2176 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
04:03:57.0896 2176 idsvc - ok
04:03:58.0006 2176 [ 9378D57E2B96C0A185D844770AD49948 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
04:03:58.0100 2176 igfx - ok
04:03:58.0131 2176 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
04:03:58.0146 2176 iirsp - ok
04:03:58.0178 2176 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
04:03:58.0241 2176 IKEEXT - ok
04:03:58.0351 2176 [ 4440FD5EE670DFBBBFDB9742EA8F51E6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
04:03:58.0460 2176 IntcAzAudAddService - ok
04:03:58.0491 2176 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
04:03:58.0507 2176 intelide - ok
04:03:58.0538 2176 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
04:03:58.0569 2176 intelppm - ok
04:03:58.0601 2176 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
04:03:58.0647 2176 IPBusEnum - ok
04:03:58.0679 2176 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
04:03:58.0726 2176 IpFilterDriver - ok
04:03:58.0726 2176 IpInIp - ok
04:03:58.0757 2176 [ 40F34F8ABA2A015D780E4B09138B6C17 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
04:03:58.0819 2176 IPMIDRV - ok
04:03:58.0851 2176 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
04:03:58.0897 2176 IPNAT - ok
04:03:58.0976 2176 [ 57EDB35EA2FECA88F8B17C0C095C9A56 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
04:03:58.0991 2176 iPod Service - ok
04:03:59.0038 2176 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
04:03:59.0085 2176 IRENUM - ok
04:03:59.0101 2176 [ 350FCA7E73CF65BCEF43FAE1E4E91293 ] isapnp C:\Windows\system32\drivers\isapnp.sys
04:03:59.0116 2176 isapnp - ok
04:03:59.0147 2176 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
04:03:59.0163 2176 iScsiPrt - ok
04:03:59.0179 2176 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
04:03:59.0194 2176 iteatapi - ok
04:03:59.0226 2176 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
04:03:59.0241 2176 iteraid - ok
04:03:59.0272 2176 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
04:03:59.0288 2176 kbdclass - ok
04:03:59.0304 2176 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
04:03:59.0335 2176 kbdhid - ok
04:03:59.0366 2176 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
04:03:59.0397 2176 KeyIso - ok
04:03:59.0429 2176 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
04:03:59.0460 2176 KSecDD - ok
04:03:59.0507 2176 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
04:03:59.0601 2176 KtmRm - ok
04:03:59.0632 2176 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\System32\srvsvc.dll
04:03:59.0663 2176 LanmanServer - ok
04:03:59.0694 2176 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
04:03:59.0710 2176 LanmanWorkstation - ok
04:03:59.0741 2176 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
04:03:59.0788 2176 lltdio - ok
04:03:59.0804 2176 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
04:03:59.0851 2176 lltdsvc - ok
04:03:59.0882 2176 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
04:03:59.0944 2176 lmhosts - ok
04:03:59.0976 2176 [ A2262FB9F28935E862B4DB46438C80D2 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
04:03:59.0991 2176 LSI_FC - ok
04:04:00.0007 2176 [ 30D73327D390F72A62F32C103DAF1D6D ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
04:04:00.0022 2176 LSI_SAS - ok
04:04:00.0038 2176 [ E1E36FEFD45849A95F1AB81DE0159FE3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
04:04:00.0054 2176 LSI_SCSI - ok
04:04:00.0101 2176 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
04:04:00.0132 2176 luafv - ok
04:04:00.0179 2176 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
04:04:00.0210 2176 Mcx2Svc - ok
04:04:00.0241 2176 [ D153B14FC6598EAE8422A2037553ADCE ] megasas C:\Windows\system32\drivers\megasas.sys
04:04:00.0257 2176 megasas - ok
04:04:00.0288 2176 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
04:04:00.0319 2176 MMCSS - ok
04:04:00.0351 2176 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
04:04:00.0397 2176 Modem - ok
04:04:00.0444 2176 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
04:04:00.0476 2176 monitor - ok
04:04:00.0491 2176 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
04:04:00.0507 2176 mouclass - ok
04:04:00.0538 2176 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
04:04:00.0554 2176 mouhid - ok
04:04:00.0585 2176 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
04:04:00.0601 2176 MountMgr - ok
04:04:00.0616 2176 [ 583A41F26278D9E0EA548163D6139397 ] mpio C:\Windows\system32\drivers\mpio.sys
04:04:00.0632 2176 mpio - ok
04:04:00.0663 2176 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
04:04:00.0694 2176 mpsdrv - ok
04:04:00.0710 2176 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
04:04:00.0726 2176 Mraid35x - ok
04:04:00.0757 2176 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
04:04:00.0788 2176 MRxDAV - ok
04:04:00.0819 2176 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
04:04:00.0851 2176 mrxsmb - ok
04:04:00.0882 2176 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
04:04:00.0913 2176 mrxsmb10 - ok
04:04:00.0929 2176 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
04:04:00.0976 2176 mrxsmb20 - ok
04:04:01.0007 2176 [ 742AED7939E734C36B7E8D6228CE26B7 ] msahci C:\Windows\system32\drivers\msahci.sys
04:04:01.0022 2176 msahci - ok
04:04:01.0038 2176 [ 3FC82A2AE4CC149165A94699183D3028 ] msdsm C:\Windows\system32\drivers\msdsm.sys
04:04:01.0054 2176 msdsm - ok
04:04:01.0085 2176 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
04:04:01.0116 2176 MSDTC - ok
04:04:01.0147 2176 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
04:04:01.0179 2176 Msfs - ok
04:04:01.0227 2176 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
04:04:01.0227 2176 msisadrv - ok
04:04:01.0258 2176 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
04:04:01.0305 2176 MSiSCSI - ok
04:04:01.0320 2176 msiserver - ok
04:04:01.0352 2176 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
04:04:01.0398 2176 MSKSSRV - ok
04:04:01.0445 2176 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
04:04:01.0477 2176 MSPCLOCK - ok
04:04:01.0477 2176 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
04:04:01.0508 2176 MSPQM - ok
04:04:01.0539 2176 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
04:04:01.0555 2176 MsRPC - ok
04:04:01.0570 2176 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
04:04:01.0586 2176 mssmbios - ok
04:04:01.0617 2176 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
04:04:01.0664 2176 MSTEE - ok
04:04:01.0695 2176 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
04:04:01.0711 2176 Mup - ok
04:04:01.0742 2176 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
04:04:01.0773 2176 napagent - ok
04:04:01.0820 2176 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
04:04:01.0852 2176 NativeWifiP - ok
04:04:01.0883 2176 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
04:04:01.0930 2176 NDIS - ok
04:04:01.0961 2176 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
04:04:01.0992 2176 NdisTapi - ok
04:04:02.0023 2176 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
04:04:02.0070 2176 Ndisuio - ok
04:04:02.0102 2176 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
04:04:02.0133 2176 NdisWan - ok
04:04:02.0164 2176 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
04:04:02.0211 2176 NDProxy - ok
04:04:02.0242 2176 [ 510C138564486FF926A3F773205C63D1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
04:04:02.0258 2176 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
04:04:02.0258 2176 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
04:04:02.0305 2176 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
04:04:02.0336 2176 NetBIOS - ok
04:04:02.0367 2176 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
04:04:02.0414 2176 netbt - ok
04:04:02.0445 2176 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
04:04:02.0461 2176 Netlogon - ok
04:04:02.0508 2176 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
04:04:02.0555 2176 Netman - ok
04:04:02.0586 2176 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:04:02.0602 2176 NetMsmqActivator - ok
04:04:02.0602 2176 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:04:02.0617 2176 NetPipeActivator - ok
04:04:02.0648 2176 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
04:04:02.0695 2176 netprofm - ok
04:04:02.0727 2176 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:04:02.0742 2176 NetTcpActivator - ok
04:04:02.0742 2176 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
04:04:02.0758 2176 NetTcpPortSharing - ok
04:04:02.0789 2176 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
04:04:02.0805 2176 nfrd960 - ok
04:04:02.0836 2176 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
04:04:02.0883 2176 NlaSvc - ok
04:04:02.0914 2176 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
04:04:02.0945 2176 Npfs - ok
04:04:02.0961 2176 npggsvc - ok
04:04:02.0977 2176 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
04:04:03.0008 2176 nsi - ok
04:04:03.0039 2176 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
04:04:03.0086 2176 nsiproxy - ok
04:04:03.0148 2176 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
04:04:03.0211 2176 Ntfs - ok
04:04:03.0242 2176 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
04:04:03.0305 2176 ntrigdigi - ok
04:04:03.0320 2176 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
04:04:03.0352 2176 Null - ok
04:04:03.0602 2176 [ 0A1B502CBC8230DA74BEFBAADDB58916 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
04:04:04.0102 2176 nvlddmkm - ok
04:04:04.0133 2176 [ E69E946F80C1C31C53003BFBF50CBB7C ] nvraid C:\Windows\system32\drivers\nvraid.sys
04:04:04.0148 2176 nvraid - ok
04:04:04.0164 2176 [ 9E0BA19A28C498A6D323D065DB76DFFC ] nvstor C:\Windows\system32\drivers\nvstor.sys
04:04:04.0180 2176 nvstor - ok
04:04:04.0227 2176 [ EB5A13F9139F20AD71ADF4BF79C3AA29 ] NVSvc C:\Windows\system32\nvvsvc.exe
04:04:04.0259 2176 NVSvc - ok
04:04:04.0337 2176 [ 0629259E3AF6BB0534FCECA208973404 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
04:04:04.0384 2176 nvUpdatusService - ok
04:04:04.0431 2176 [ 07C186427EB8FCC3D8D7927187F260F7 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
04:04:04.0446 2176 nv_agp - ok
04:04:04.0446 2176 NwlnkFlt - ok
04:04:04.0462 2176 NwlnkFwd - ok
04:04:04.0493 2176 [ BE32DA025A0BE1878F0EE8D6D9386CD5 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
04:04:04.0556 2176 ohci1394 - ok
04:04:04.0587 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
04:04:04.0618 2176 p2pimsvc - ok
04:04:04.0681 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
04:04:04.0696 2176 p2psvc - ok
04:04:04.0759 2176 [ 8A79FDF04A73428597E2CAF9D0D67850 ] Parport C:\Windows\system32\DRIVERS\parport.sys
04:04:04.0790 2176 Parport - ok
04:04:04.0821 2176 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
04:04:04.0837 2176 partmgr - ok
04:04:04.0837 2176 [ 6C580025C81CAF3AE9E3617C22CAD00E ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
04:04:04.0884 2176 Parvdm - ok
04:04:04.0915 2176 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
04:04:04.0962 2176 PcaSvc - ok
04:04:04.0993 2176 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
04:04:05.0009 2176 pci - ok
04:04:05.0040 2176 [ 3B1901E401473E03EB8C874271E50C26 ] pciide C:\Windows\system32\drivers\pciide.sys
04:04:05.0056 2176 pciide - ok
04:04:05.0071 2176 [ E6F3FB1B86AA519E7698AD05E58B04E5 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
04:04:05.0087 2176 pcmcia - ok
04:04:05.0134 2176 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
04:04:05.0243 2176 PEAUTH - ok
04:04:05.0321 2176 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
04:04:05.0431 2176 pla - ok
04:04:05.0477 2176 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
04:04:05.0509 2176 PlugPlay - ok
04:04:05.0556 2176 [ 37E5E8FFBAD35605DAEEC3224EA0E465 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
04:04:05.0571 2176 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
04:04:05.0571 2176 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
04:04:05.0602 2176 [ 3A2BDD76E7D2A5F40A7174793D1BA794 ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
04:04:05.0618 2176 PnkBstrA - ok
04:04:05.0649 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
04:04:05.0681 2176 PNRPAutoReg - ok
04:04:05.0712 2176 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
04:04:05.0743 2176 PNRPsvc - ok
04:04:05.0790 2176 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
04:04:05.0837 2176 PolicyAgent - ok
04:04:05.0868 2176 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
04:04:05.0899 2176 PptpMiniport - ok
04:04:05.0931 2176 [ 0E3CEF5D28B40CF273281D620C50700A ] Processor C:\Windows\system32\drivers\processr.sys
04:04:05.0993 2176 Processor - ok
04:04:06.0024 2176 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
04:04:06.0056 2176 ProfSvc - ok
04:04:06.0071 2176 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
04:04:06.0087 2176 ProtectedStorage - ok
04:04:06.0118 2176 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
04:04:06.0149 2176 PSched - ok
04:04:06.0196 2176 [ CCDAC889326317792480C0A67156A1EC ] ql2300 C:\Windows\system32\drivers\ql2300.sys
04:04:06.0275 2176 ql2300 - ok
04:04:06.0322 2176 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
04:04:06.0338 2176 ql40xx - ok
04:04:06.0369 2176 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
04:04:06.0400 2176 QWAVE - ok
04:04:06.0432 2176 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
04:04:06.0447 2176 QWAVEdrv - ok
04:04:06.0478 2176 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
04:04:06.0510 2176 RasAcd - ok
04:04:06.0541 2176 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
04:04:06.0588 2176 RasAuto - ok
04:04:06.0619 2176 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
04:04:06.0650 2176 Rasl2tp - ok
04:04:06.0697 2176 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
04:04:06.0713 2176 RasMan - ok
04:04:06.0744 2176 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
04:04:06.0775 2176 RasPppoe - ok
04:04:06.0807 2176 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
04:04:06.0838 2176 RasSstp - ok
04:04:06.0869 2176 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
04:04:06.0916 2176 rdbss - ok
04:04:06.0947 2176 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
04:04:06.0994 2176 RDPCDD - ok
04:04:07.0025 2176 [ E8BD98D46F2ED77132BA927FCCB47D8B ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
04:04:07.0088 2176 rdpdr - ok
04:04:07.0119 2176 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
04:04:07.0166 2176 RDPENCDD - ok
04:04:07.0197 2176 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
04:04:07.0213 2176 RDPWD - ok
04:04:07.0244 2176 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
04:04:07.0265 2176 RemoteAccess - ok
04:04:07.0327 2176 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
04:04:07.0358 2176 RemoteRegistry - ok
04:04:07.0421 2176 [ EEC7EE5675294B03E88AA868540007C1 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
04:04:07.0452 2176 RMCAST - ok
04:04:07.0499 2176 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
04:04:07.0530 2176 RpcLocator - ok
04:04:07.0561 2176 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
04:04:07.0608 2176 RpcSs - ok
04:04:07.0640 2176 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
04:04:07.0671 2176 rspndr - ok
04:04:07.0718 2176 [ EEFF14CD2BAF7B9D176980C855C9B5D1 ] RTL8169 C:\Windows\system32\DRIVERS\Rtlh86.sys
04:04:07.0765 2176 RTL8169 - ok
04:04:07.0780 2176 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
04:04:07.0796 2176 SamSs - ok
04:04:07.0843 2176 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
04:04:07.0858 2176 sbp2port - ok
04:04:07.0921 2176 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
04:04:07.0936 2176 SCardSvr - ok
04:04:07.0983 2176 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
04:04:07.0999 2176 Schedule - ok
04:04:08.0030 2176 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
04:04:08.0061 2176 SCPolicySvc - ok
04:04:08.0093 2176 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
04:04:08.0124 2176 SDRSVC - ok
04:04:08.0155 2176 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
04:04:08.0218 2176 secdrv - ok
04:04:08.0249 2176 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
04:04:08.0280 2176 seclogon - ok
04:04:08.0333 2176 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
04:04:08.0380 2176 SENS - ok
04:04:08.0411 2176 [ CE9EC966638EF0B10B864DDEDF62A099 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
04:04:08.0474 2176 Serenum - ok
04:04:08.0489 2176 [ 6D663022DB3E7058907784AE14B69898 ] Serial C:\Windows\system32\DRIVERS\serial.sys
04:04:08.0536 2176 Serial - ok
04:04:08.0567 2176 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
04:04:08.0599 2176 sermouse - ok
04:04:08.0645 2176 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
04:04:08.0692 2176 SessionEnv - ok
04:04:08.0724 2176 [ 103B79418DA647736EE95645F305F68A ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
04:04:08.0786 2176 sffdisk - ok
04:04:08.0802 2176 [ 8FD08A310645FE872EEEC6E08C6BF3EE ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
04:04:08.0864 2176 sffp_mmc - ok
04:04:08.0880 2176 [ 9CFA05FCFCB7124E69CFC812B72F9614 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
04:04:08.0942 2176 sffp_sd - ok
04:04:08.0974 2176 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
04:04:09.0020 2176 sfloppy - ok
04:04:09.0052 2176 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
04:04:09.0099 2176 ShellHWDetection - ok
04:04:09.0130 2176 [ D2A595D6EEBEEAF4334F8E50EFBC9931 ] sisagp C:\Windows\system32\drivers\sisagp.sys
04:04:09.0145 2176 sisagp - ok
04:04:09.0161 2176 [ CEDD6F4E7D84E9F98B34B3FE988373AA ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
04:04:09.0177 2176 SiSRaid2 - ok
04:04:09.0192 2176 [ DF843C528C4F69D12CE41CE462E973A7 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
04:04:09.0208 2176 SiSRaid4 - ok
04:04:09.0270 2176 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
04:04:09.0286 2176 SkypeUpdate - ok
04:04:09.0380 2176 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
04:04:09.0520 2176 slsvc - ok
04:04:09.0567 2176 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
04:04:09.0614 2176 SLUINotify - ok
04:04:09.0645 2176 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
04:04:09.0677 2176 Smb - ok
04:04:09.0708 2176 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
04:04:09.0724 2176 SNMPTRAP - ok
04:04:09.0739 2176 [ FF35C2D01AC36B446A1B997F305F0FC2 ] Soluto C:\Windows\system32\DRIVERS\Soluto.sys
04:04:09.0755 2176 Soluto - ok
04:04:09.0833 2176 [ 8F6342519A77622A6F2D06A13CE935DA ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe
04:04:09.0849 2176 SolutoLauncherService - ok
04:04:09.0880 2176 [ 379BED16AB0FE75EAF4B19C1F4DD5E37 ] SolutoRemoteService C:\Program Files\Soluto\SolutoRemoteService.exe
04:04:09.0942 2176 SolutoRemoteService - ok
04:04:09.0974 2176 [ 8399FC38576E3A4798BA970345EC4213 ] SolutoService C:\Program Files\Soluto\SolutoService.exe
04:04:10.0005 2176 SolutoService - ok
04:04:10.0020 2176 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
04:04:10.0036 2176 spldr - ok
04:04:10.0083 2176 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
04:04:10.0114 2176 Spooler - ok
04:04:10.0145 2176 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
04:04:10.0192 2176 srv - ok
04:04:10.0224 2176 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
04:04:10.0255 2176 srv2 - ok
04:04:10.0270 2176 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
04:04:10.0302 2176 srvnet - ok
04:04:10.0349 2176 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
04:04:10.0411 2176 SSDPSRV - ok
04:04:10.0442 2176 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
04:04:10.0458 2176 ssmdrv - ok
04:04:10.0489 2176 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
04:04:10.0520 2176 SstpSvc - ok
04:04:10.0552 2176 Steam Client Service - ok
04:04:10.0599 2176 [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
04:04:10.0630 2176 Stereo Service - ok
04:04:10.0692 2176 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
04:04:10.0755 2176 stisvc - ok
04:04:10.0786 2176 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
04:04:10.0802 2176 swenum - ok
04:04:10.0833 2176 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
04:04:10.0864 2176 swprv - ok
04:04:10.0895 2176 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
04:04:10.0911 2176 Symc8xx - ok
04:04:10.0942 2176 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
04:04:10.0958 2176 Sym_hi - ok
04:04:10.0958 2176 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
04:04:10.0974 2176 Sym_u3 - ok
04:04:11.0020 2176 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
04:04:11.0099 2176 SysMain - ok
04:04:11.0130 2176 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
04:04:11.0177 2176 TabletInputService - ok
04:04:11.0208 2176 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
04:04:11.0239 2176 TapiSrv - ok
04:04:11.0270 2176 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
04:04:11.0302 2176 TBS - ok
04:04:11.0349 2176 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
04:04:11.0411 2176 Tcpip - ok
04:04:11.0458 2176 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
04:04:11.0505 2176 Tcpip6 - ok
04:04:11.0552 2176 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
04:04:11.0583 2176 tcpipreg - ok
04:04:11.0614 2176 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
04:04:11.0645 2176 TDPIPE - ok
04:04:11.0677 2176 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
04:04:11.0724 2176 TDTCP - ok
04:04:11.0755 2176 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
04:04:11.0786 2176 tdx - ok
04:04:11.0817 2176 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
04:04:11.0833 2176 TermDD - ok
04:04:11.0864 2176 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
04:04:11.0927 2176 TermService - ok
04:04:11.0942 2176 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
04:04:11.0974 2176 Themes - ok
04:04:11.0974 2176 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
04:04:12.0005 2176 THREADORDER - ok
04:04:12.0036 2176 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
04:04:12.0067 2176 TrkWks - ok
04:04:12.0130 2176 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
04:04:12.0161 2176 TrustedInstaller - ok
04:04:12.0177 2176 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
04:04:12.0224 2176 tssecsrv - ok
04:04:12.0255 2176 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
04:04:12.0270 2176 tunmp - ok
04:04:12.0286 2176 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
04:04:12.0302 2176 tunnel - ok
04:04:12.0333 2176 [ C3ADE15414120033A36C0F293D4A4121 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
04:04:12.0349 2176 uagp35 - ok
04:04:12.0380 2176 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
04:04:12.0395 2176 udfs - ok
04:04:12.0442 2176 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
04:04:12.0474 2176 UI0Detect - ok
04:04:12.0489 2176 [ 75E6890EBFCE0841D3291B02E7A8BDB0 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
04:04:12.0505 2176 uliagpkx - ok
04:04:12.0520 2176 [ 3CD4EA35A6221B85DCC25DAA46313F8D ] uliahci C:\Windows\system32\drivers\uliahci.sys
04:04:12.0536 2176 uliahci - ok
04:04:12.0567 2176 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
04:04:12.0583 2176 UlSata - ok
04:04:12.0599 2176 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
04:04:12.0614 2176 ulsata2 - ok
04:04:12.0630 2176 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
04:04:12.0661 2176 umbus - ok
04:04:12.0692 2176 [ D0CB75386D9E89C864D808D64EC9160F ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
04:04:12.0724 2176 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - warning
04:04:12.0724 2176 UnlockerDriver5 - detected UnsignedFile.Multi.Generic (1)
04:04:12.0755 2176 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
04:04:12.0786 2176 upnphost - ok
04:04:12.0817 2176 [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
04:04:12.0849 2176 USBAAPL - ok
04:04:12.0895 2176 [ 32DB9517628FF0D070682AAB61E688F0 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
04:04:12.0911 2176 usbaudio - ok
04:04:12.0958 2176 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
04:04:12.0974 2176 usbccgp - ok
04:04:13.0005 2176 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
04:04:13.0052 2176 usbcir - ok
04:04:13.0083 2176 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
04:04:13.0114 2176 usbehci - ok
04:04:13.0130 2176 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
04:04:13.0161 2176 usbhub - ok
04:04:13.0192 2176 [ 38DBC7DD6CC5A72011F187425384388B ] usbohci C:\Windows\system32\drivers\usbohci.sys
04:04:13.0239 2176 usbohci - ok
04:04:13.0270 2176 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
04:04:13.0317 2176 usbprint - ok
04:04:13.0349 2176 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
04:04:13.0364 2176 usbscan - ok
04:04:13.0395 2176 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
04:04:13.0427 2176 USBSTOR - ok
04:04:13.0458 2176 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
04:04:13.0489 2176 usbuhci - ok
04:04:13.0520 2176 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
04:04:13.0552 2176 usbvideo - ok
04:04:13.0583 2176 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
04:04:13.0630 2176 UxSms - ok
04:04:13.0677 2176 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
04:04:13.0724 2176 vds - ok
04:04:13.0755 2176 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
04:04:13.0802 2176 vga - ok
04:04:13.0833 2176 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
04:04:13.0880 2176 VgaSave - ok
04:04:13.0911 2176 [ 045D9961E591CF0674A920B6BA3BA5CB ] viaagp C:\Windows\system32\drivers\viaagp.sys
04:04:13.0927 2176 viaagp - ok
04:04:13.0958 2176 [ 56A4DE5F02F2E88182B0981119B4DD98 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
04:04:14.0005 2176 ViaC7 - ok
04:04:14.0020 2176 [ FD2E3175FCADA350C7AB4521DCA187EC ] viaide C:\Windows\system32\drivers\viaide.sys
04:04:14.0036 2176 viaide - ok
04:04:14.0067 2176 VideoAcceleratorService - ok
04:04:14.0099 2176 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
04:04:14.0114 2176 volmgr - ok
04:04:14.0145 2176 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
04:04:14.0177 2176 volmgrx - ok
04:04:14.0208 2176 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
04:04:14.0224 2176 volsnap - ok
04:04:14.0270 2176 [ D984439746D42B30FC65A4C3546C6829 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
04:04:14.0286 2176 vsmraid - ok
04:04:14.0365 2176 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
04:04:14.0428 2176 VSS - ok
04:04:14.0459 2176 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
04:04:14.0506 2176 W32Time - ok
04:04:14.0537 2176 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
04:04:14.0584 2176 WacomPen - ok
04:04:14.0615 2176 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
04:04:14.0662 2176 Wanarp - ok
04:04:14.0662 2176 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
04:04:14.0678 2176 Wanarpv6 - ok
04:04:14.0725 2176 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
04:04:14.0756 2176 wcncsvc - ok
04:04:14.0787 2176 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
04:04:14.0818 2176 WcsPlugInService - ok
04:04:14.0850 2176 [ AFC5AD65B991C1E205CF25CFDBF7A6F4 ] Wd C:\Windows\system32\drivers\wd.sys
04:04:14.0865 2176 Wd - ok
04:04:14.0912 2176 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
04:04:14.0943 2176 Wdf01000 - ok
04:04:14.0975 2176 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
04:04:15.0021 2176 WdiServiceHost - ok
04:04:15.0037 2176 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
04:04:15.0068 2176 WdiSystemHost - ok
04:04:15.0100 2176 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
04:04:15.0115 2176 WebClient - ok
04:04:15.0162 2176 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
04:04:15.0193 2176 Wecsvc - ok
04:04:15.0225 2176 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
04:04:15.0271 2176 wercplsupport - ok
04:04:15.0303 2176 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
04:04:15.0350 2176 WerSvc - ok
04:04:15.0413 2176 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
04:04:15.0429 2176 WinDefend - ok
04:04:15.0444 2176 WinHttpAutoProxySvc - ok
04:04:15.0507 2176 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
04:04:15.0522 2176 Winmgmt - ok
04:04:15.0569 2176 [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0 C:\Program Files\Game Booster 3\Driver\WinRing0.sys
04:04:15.0585 2176 WinRing0_1_2_0 - ok
04:04:15.0647 2176 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
04:04:15.0741 2176 WinRM - ok
04:04:15.0804 2176 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
04:04:15.0866 2176 Wlansvc - ok
04:04:15.0944 2176 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
04:04:16.0038 2176 wlidsvc - ok
04:04:16.0054 2176 [ 701A9F884A294327E9141D73746EE279 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
04:04:16.0116 2176 WmiAcpi - ok
04:04:16.0132 2176 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
04:04:16.0179 2176 wmiApSrv - ok
04:04:16.0241 2176 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
04:04:16.0288 2176 WMPNetworkSvc - ok
04:04:16.0335 2176 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
04:04:16.0366 2176 WPCSvc - ok
04:04:16.0397 2176 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
04:04:16.0429 2176 WPDBusEnum - ok
04:04:16.0460 2176 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
04:04:16.0476 2176 WpdUsb - ok
04:04:16.0554 2176 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
04:04:16.0585 2176 WPFFontCache_v0400 - ok
04:04:16.0601 2176 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
04:04:16.0632 2176 ws2ifsl - ok
04:04:16.0663 2176 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\system32\wscsvc.dll
04:04:16.0694 2176 wscsvc - ok
04:04:16.0710 2176 WSearch - ok
04:04:16.0772 2176 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
04:04:16.0866 2176 wuauserv - ok
04:04:16.0897 2176 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
04:04:16.0913 2176 WudfPf - ok
04:04:16.0944 2176 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
04:04:16.0976 2176 WUDFRd - ok
04:04:17.0022 2176 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
04:04:17.0054 2176 wudfsvc - ok
04:04:17.0069 2176 XDva359 - ok
04:04:17.0085 2176 XDva370 - ok
04:04:17.0085 2176 XDva375 - ok
04:04:17.0101 2176 XDva380 - ok
04:04:17.0101 2176 XDva383 - ok
04:04:17.0116 2176 XDva385 - ok
04:04:17.0132 2176 XDva386 - ok
04:04:17.0132 2176 XDva387 - ok
04:04:17.0147 2176 XDva388 - ok
04:04:17.0163 2176 XDva389 - ok
04:04:17.0179 2176 XDva390 - ok
04:04:17.0194 2176 XDva391 - ok
04:04:17.0194 2176 XDva393 - ok
04:04:17.0210 2176 XDva394 - ok
04:04:17.0210 2176 XDva396 - ok
04:04:17.0226 2176 XDva397 - ok
04:04:17.0241 2176 XDva398 - ok
04:04:17.0241 2176 XDva400 - ok
04:04:17.0241 2176 XDva401 - ok
04:04:17.0257 2176 ================ Scan global ===============================
04:04:17.0288 2176 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
04:04:17.0319 2176 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
04:04:17.0351 2176 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
04:04:17.0382 2176 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
04:04:17.0414 2176 [Global] - ok
04:04:17.0414 2176 ================ Scan MBR ==================================
04:04:17.0414 2176 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
04:04:17.0664 2176 \Device\Harddisk0\DR0 - ok
04:04:17.0664 2176 ================ Scan VBR ==================================
04:04:17.0664 2176 [ 209175190B35A7F777CBE0B52D591850 ] \Device\Harddisk0\DR0\Partition1
04:04:17.0664 2176 \Device\Harddisk0\DR0\Partition1 - ok
04:04:17.0680 2176 [ FAB06AF9A2FB027C2C87052CE9E1FD95 ] \Device\Harddisk0\DR0\Partition2
04:04:17.0680 2176 \Device\Harddisk0\DR0\Partition2 - ok
04:04:17.0680 2176 ============================================================
04:04:17.0680 2176 Scan finished
04:04:17.0680 2176 ============================================================
04:04:17.0695 2336 Detected object count: 7
04:04:17.0695 2336 Actual detected object count: 7
04:05:52.0272 2336 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
04:05:52.0272 2336 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
04:05:52.0273 2336 Application Updater ( UnsignedFile.Multi.Generic ) - skipped by user
04:05:52.0273 2336 Application Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:05:52.0275 2336 BIOS ( UnsignedFile.Multi.Generic ) - skipped by user
04:05:52.0275 2336 BIOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:05:52.0277 2336 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
04:05:52.0278 2336 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:05:52.0280 2336 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
04:05:52.0280 2336 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:05:52.0282 2336 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
04:05:52.0282 2336 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
04:05:52.0284 2336 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - skipped by user
04:05:52.0285 2336 UnlockerDriver5 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Sorry, dass ich den Malwarebytes Log nicht in ein zitat gepackt hab. Da wusste ich noch nicht, wie das geht und jetzt kann ich den Beitrag nicht mehr Ändern. Falls es da Rechtliche Probleme geben sollte, kann ja vielleicht ein Admin den Beitrag ändern, hoffe ich.

MFG Jamaico

Chris4You · 01.01.2013, 19:50

Hi,

das sieht soweit schon recht gut aus, allerdings bitte sofort alle Passwörter ändern (ZBOT)....

Dann hast Du noch einige Sachen drauf die wir entfernen sollten...

Aber zuerst mal noch etwas weiter aufräumen...

Doppelklick auf die OTL.exe, um das Programm auszuführen.

Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.

Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:

ATTFilter

:OTL
DRV - (XDva401) -- C:\Windows\system32\XDva401.sys File not found
DRV - (XDva400) -- C:\Windows\system32\XDva400.sys File not found
DRV - (XDva398) -- C:\Windows\system32\XDva398.sys File not found
DRV - (XDva397) -- C:\Windows\system32\XDva397.sys File not found
DRV - (XDva396) -- C:\Windows\system32\XDva396.sys File not found
DRV - (XDva394) -- C:\Windows\system32\XDva394.sys File not found
DRV - (XDva393) -- C:\Windows\system32\XDva393.sys File not found
DRV - (XDva391) -- C:\Windows\system32\XDva391.sys File not found
DRV - (XDva390) -- C:\Windows\system32\XDva390.sys File not found
DRV - (XDva389) -- C:\Windows\system32\XDva389.sys File not found
DRV - (XDva388) -- C:\Windows\system32\XDva388.sys File not found
DRV - (XDva387) -- C:\Windows\system32\XDva387.sys File not found
DRV - (XDva386) -- C:\Windows\system32\XDva386.sys File not found
DRV - (XDva385) -- C:\Windows\system32\XDva385.sys File not found
DRV - (XDva383) -- C:\Windows\system32\XDva383.sys File not found
DRV - (XDva380) -- C:\Windows\system32\XDva380.sys File not found
DRV - (XDva375) -- C:\Windows\system32\XDva375.sys File not found
DRV - (XDva370) -- C:\Windows\system32\XDva370.sys File not found
DRV - (XDva359) -- C:\Windows\system32\XDva359.sys File not found
DRV - (cpuz136) -- C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found
DRV - (cpuz135) -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found
O4 - HKCU..\Run: [Esafpyv] C:\Users\Jannik\AppData\Roaming\Atoge\vely.exe File not found
O33 - MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O33 - MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\Shell - "" = AutoRun
O33 - MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\Shell\AutoRun\command - "" = I:\AutoRun.exe
[2012.12.23 16:47:18 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Qulyos
[2012.12.23 16:47:18 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Fiybu
[2012.12.23 16:47:18 | 000,000,000 | ---D | C] -- C:\Users\Jannik\AppData\Roaming\Atoge
[2012.12.23 20:49:01 | 000,046,131 | ---- | M] () -- C:\Users\Jannik\AppData\Local\hvfwohqu


:Commands
[purity]
[emptytemp]
[CREATERESTOREPOINT]
[resethosts]
[Reboot]

Den roten Run Fixes! Button anklicken.

Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.

Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:

%systemroot%\_OTL

AdwareCleaner (AdwCleaner)
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!
Poste die Logfiles in Code-Tags
Download über AdwCleaner by Xplode zum Desktop.

Starte AdwCleaner und klicke Search
Nach einiger zeit öffnet ein Logfile (C:\AdwCleaner[xx].txt) poste dessen Inhalt hier ins Forum.

chris

Jamaico · 02.01.2013, 02:05

Hallo,

OTL ist beim ersten Durchlauf anscheinend beim Reboot hängen geblieben (zeigte an: OTL.exe Funktioniert nicht mehr), also musste ich den PC neu starten. Danach öffnete sich aber wir vorgesehen die Log Datei. Ich habe es dann nochmal durchlaufen lassen (was ohne Probleme geklappt hat) und werde hier jetzt beide Logs Posten.

Erster Log:

Zitat:

All processes killed
========== OTL ==========
Service XDva401 stopped successfully!
Service XDva401 deleted successfully!
File C:\Windows\system32\XDva401.sys File not found not found.
Service XDva400 stopped successfully!
Service XDva400 deleted successfully!
File C:\Windows\system32\XDva400.sys File not found not found.
Service XDva398 stopped successfully!
Service XDva398 deleted successfully!
File C:\Windows\system32\XDva398.sys File not found not found.
Service XDva397 stopped successfully!
Service XDva397 deleted successfully!
File C:\Windows\system32\XDva397.sys File not found not found.
Service XDva396 stopped successfully!
Service XDva396 deleted successfully!
File C:\Windows\system32\XDva396.sys File not found not found.
Service XDva394 stopped successfully!
Service XDva394 deleted successfully!
File C:\Windows\system32\XDva394.sys File not found not found.
Service XDva393 stopped successfully!
Service XDva393 deleted successfully!
File C:\Windows\system32\XDva393.sys File not found not found.
Service XDva391 stopped successfully!
Service XDva391 deleted successfully!
File C:\Windows\system32\XDva391.sys File not found not found.
Service XDva390 stopped successfully!
Service XDva390 deleted successfully!
File C:\Windows\system32\XDva390.sys File not found not found.
Service XDva389 stopped successfully!
Service XDva389 deleted successfully!
File C:\Windows\system32\XDva389.sys File not found not found.
Service XDva388 stopped successfully!
Service XDva388 deleted successfully!
File C:\Windows\system32\XDva388.sys File not found not found.
Service XDva387 stopped successfully!
Service XDva387 deleted successfully!
File C:\Windows\system32\XDva387.sys File not found not found.
Service XDva386 stopped successfully!
Service XDva386 deleted successfully!
File C:\Windows\system32\XDva386.sys File not found not found.
Service XDva385 stopped successfully!
Service XDva385 deleted successfully!
File C:\Windows\system32\XDva385.sys File not found not found.
Service XDva383 stopped successfully!
Service XDva383 deleted successfully!
File C:\Windows\system32\XDva383.sys File not found not found.
Service XDva380 stopped successfully!
Service XDva380 deleted successfully!
File C:\Windows\system32\XDva380.sys File not found not found.
Service XDva375 stopped successfully!
Service XDva375 deleted successfully!
File C:\Windows\system32\XDva375.sys File not found not found.
Service XDva370 stopped successfully!
Service XDva370 deleted successfully!
File C:\Windows\system32\XDva370.sys File not found not found.
Service XDva359 stopped successfully!
Service XDva359 deleted successfully!
File C:\Windows\system32\XDva359.sys File not found not found.
Service cpuz136 stopped successfully!
Service cpuz136 deleted successfully!
File C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found not found.
Service cpuz135 stopped successfully!
Service cpuz135 deleted successfully!
File C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Esafpyv deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505810e-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505810e-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5058122-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5058122-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812a-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812a-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812c-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812c-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
C:\Users\Jannik\AppData\Roaming\Qulyos folder moved successfully.
C:\Users\Jannik\AppData\Roaming\Fiybu folder moved successfully.
C:\Users\Jannik\AppData\Roaming\Atoge folder moved successfully.
C:\Users\Jannik\AppData\Local\hvfwohqu moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jannik
->Temp folder emptied: 94227585 bytes
->Temporary Internet Files folder emptied: 22187346 bytes
->Java cache emptied: 11234759 bytes
->FireFox cache emptied: 113412201 bytes
->Google Chrome cache emptied: 351770674 bytes
->Flash cache emptied: 57488 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56502 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 2176026 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 568,00 mb

Restore point Set: OTL Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01022013_003447

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Zweiter Log:

Zitat:

All processes killed
========== OTL ==========
Error: No service named XDva401 was found to stop!
Service\Driver key XDva401 not found.
File C:\Windows\system32\XDva401.sys File not found not found.
Error: No service named XDva400 was found to stop!
Service\Driver key XDva400 not found.
File C:\Windows\system32\XDva400.sys File not found not found.
Error: No service named XDva398 was found to stop!
Service\Driver key XDva398 not found.
File C:\Windows\system32\XDva398.sys File not found not found.
Error: No service named XDva397 was found to stop!
Service\Driver key XDva397 not found.
File C:\Windows\system32\XDva397.sys File not found not found.
Error: No service named XDva396 was found to stop!
Service\Driver key XDva396 not found.
File C:\Windows\system32\XDva396.sys File not found not found.
Error: No service named XDva394 was found to stop!
Service\Driver key XDva394 not found.
File C:\Windows\system32\XDva394.sys File not found not found.
Error: No service named XDva393 was found to stop!
Service\Driver key XDva393 not found.
File C:\Windows\system32\XDva393.sys File not found not found.
Error: No service named XDva391 was found to stop!
Service\Driver key XDva391 not found.
File C:\Windows\system32\XDva391.sys File not found not found.
Error: No service named XDva390 was found to stop!
Service\Driver key XDva390 not found.
File C:\Windows\system32\XDva390.sys File not found not found.
Error: No service named XDva389 was found to stop!
Service\Driver key XDva389 not found.
File C:\Windows\system32\XDva389.sys File not found not found.
Error: No service named XDva388 was found to stop!
Service\Driver key XDva388 not found.
File C:\Windows\system32\XDva388.sys File not found not found.
Error: No service named XDva387 was found to stop!
Service\Driver key XDva387 not found.
File C:\Windows\system32\XDva387.sys File not found not found.
Error: No service named XDva386 was found to stop!
Service\Driver key XDva386 not found.
File C:\Windows\system32\XDva386.sys File not found not found.
Error: No service named XDva385 was found to stop!
Service\Driver key XDva385 not found.
File C:\Windows\system32\XDva385.sys File not found not found.
Error: No service named XDva383 was found to stop!
Service\Driver key XDva383 not found.
File C:\Windows\system32\XDva383.sys File not found not found.
Error: No service named XDva380 was found to stop!
Service\Driver key XDva380 not found.
File C:\Windows\system32\XDva380.sys File not found not found.
Error: No service named XDva375 was found to stop!
Service\Driver key XDva375 not found.
File C:\Windows\system32\XDva375.sys File not found not found.
Error: No service named XDva370 was found to stop!
Service\Driver key XDva370 not found.
File C:\Windows\system32\XDva370.sys File not found not found.
Error: No service named XDva359 was found to stop!
Service\Driver key XDva359 not found.
File C:\Windows\system32\XDva359.sys File not found not found.
Service cpuz136 stopped successfully!
Service cpuz136 deleted successfully!
File C:\Windows\TEMP\cpuz136\cpuz136_x32.sys File not found not found.
Error: No service named cpuz135 was found to stop!
Service\Driver key cpuz135 not found.
File C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\Esafpyv not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505810e-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505810e-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505810e-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5058122-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e5058122-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e5058122-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812a-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812a-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812a-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812c-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e505812c-11c5-11e0-b4e6-0030676d0844}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{e505812c-11c5-11e0-b4e6-0030676d0844}\ not found.
File I:\AutoRun.exe not found.
Folder C:\Users\Jannik\AppData\Roaming\Qulyos\ not found.
Folder C:\Users\Jannik\AppData\Roaming\Fiybu\ not found.
Folder C:\Users\Jannik\AppData\Roaming\Atoge\ not found.
File C:\Users\Jannik\AppData\Local\hvfwohqu not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Jannik
->Temp folder emptied: 31832 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 0 bytes
->Google Chrome cache emptied: 8628967 bytes
->Flash cache emptied: 0 bytes

User: Public

User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 1248 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 8,00 mb

Restore point Set: OTL Restore Point
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01022013_015047

Files\Folders moved on Reboot...

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

Und hier der ADWCleaner:

Zitat:

# AdwCleaner v2.104 - Datei am 02/01/2013 um 01:58:40 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Jannik - JANNIKS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jannik\Desktop\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

Gefunden : Application Updater

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\.autoreg
Datei Gefunden : C:\Users\Jannik\AppData\Roaming\Mozilla\Firefox\Profiles\lbbgdgmv.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\Jannik\AppData\Roaming\Mozilla\Firefox\Profiles\lbbgdgmv.default\searchplugins\icqplugin.xml
Ordner Gefunden : C:\Program Files\Application Updater
Ordner Gefunden : C:\Program Files\Common Files\spigot
Ordner Gefunden : C:\Users\Jannik\AppData\LocalLow\boost_interprocess
Ordner Gefunden : C:\Users\Jannik\AppData\LocalLow\Search Settings
Ordner Gefunden : C:\Users\Jannik\AppData\LocalLow\Toolbar4
Ordner Gefunden : C:\Users\Jannik\AppData\Roaming\Mozilla\Firefox\Profiles\lbbgdgmv.default\ConduitCommon

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\Software\Application Updater
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gefunden : HKLM\Software\Search Settings
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]

***** [Internet Browser] *****

-\\ Internet Explorer v7.0.6002.18005

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v3.6.12 (de)

Datei : C:\Users\Jannik\AppData\Roaming\Mozilla\Firefox\Profiles\lbbgdgmv.default\prefs.js

Gefunden : user_pref("CT2883880..clientLogIsEnabled", true);
Gefunden : user_pref("CT2883880..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2883880..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2883880.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2883880.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2883880.AppTrackingLastCheckTime", "Sat Sep 03 2011 15:48:39 GMT+0200");
Gefunden : user_pref("CT2883880.BrowserCompStateIsOpen_1000515", true);
Gefunden : user_pref("CT2883880.CT2883880", "CT2883880");
Gefunden : user_pref("CT2883880.CurrentServerDate", "23-10-2011");
Gefunden : user_pref("CT2883880.DSInstall", true);
Gefunden : user_pref("CT2883880.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2883880.DialogsGetterLastCheckTime", "Sun Oct 23 2011 20:31:19 GMT+0200");
Gefunden : user_pref("CT2883880.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gefunden : user_pref("CT2883880.FirstServerDate", "3-9-2011");
Gefunden : user_pref("CT2883880.FirstTime", true);
Gefunden : user_pref("CT2883880.FirstTimeFF3", true);
Gefunden : user_pref("CT2883880.FixPageNotFoundErrors", false);
Gefunden : user_pref("CT2883880.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2883880.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2883880.HPInstall", false);
Gefunden : user_pref("CT2883880.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2883880.HomePageProtectorEnabled", false);
Gefunden : user_pref("CT2883880.HomepageBeforeUnload", "resource:/browserconfig.properties");
Gefunden : user_pref("CT2883880.Initialize", true);
Gefunden : user_pref("CT2883880.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2883880.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2883880.InstallationType", "DirectDownload");
Gefunden : user_pref("CT2883880.InstalledDate", "Sat Sep 03 2011 15:48:31 GMT+0200");
Gefunden : user_pref("CT2883880.InvalidateCache", false);
Gefunden : user_pref("CT2883880.IsGrouping", false);
Gefunden : user_pref("CT2883880.IsInitSetupIni", true);
Gefunden : user_pref("CT2883880.IsMulticommunity", false);
Gefunden : user_pref("CT2883880.IsOpenThankYouPage", true);
Gefunden : user_pref("CT2883880.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2883880.IsProtectorsInit", true);
Gefunden : user_pref("CT2883880.LanguagePackLastCheckTime", "Sun Oct 23 2011 20:31:18 GMT+0200");
Gefunden : user_pref("CT2883880.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2883880.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2883880.LastLogin_3.7.0.6", "Sat Sep 03 2011 15:48:51 GMT+0200");
Gefunden : user_pref("CT2883880.LastLogin_3.8.0.8", "Sun Oct 23 2011 20:31:19 GMT+0200");
Gefunden : user_pref("CT2883880.LatestVersion", "3.5.0.12");
Gefunden : user_pref("CT2883880.Locale", "de-de");
Gefunden : user_pref("CT2883880.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2883880.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2883880.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2883880.MyStuffEnabledAtInstallation", false);
Gefunden : user_pref("CT2883880.OriginalFirstVersion", "3.7.0.6");
Gefunden : user_pref("CT2883880.RadioIsPodcast", false);
Gefunden : user_pref("CT2883880.RadioLastCheckTime", "Sun Oct 23 2011 20:31:18 GMT+0200");
Gefunden : user_pref("CT2883880.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2883880.RadioLastUpdateServer", "129406185201870000");
Gefunden : user_pref("CT2883880.RadioMediaID", "21761921");
Gefunden : user_pref("CT2883880.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2883880.RadioMenuSelectedID", "EBRadioMenu_CT288388021761921");
Gefunden : user_pref("CT2883880.RadioShrinkedFromSetup", false);
Gefunden : user_pref("CT2883880.RadioStationName", "Radio%20Eins%20(RBB)");
Gefunden : user_pref("CT2883880.RadioStationURL", "hxxp://stream2.rbb-online.de/wmtencoder/radioeins-live.wma")[...]
Gefunden : user_pref("CT2883880.SearchCaption", "Abacho Customized Web Search");
Gefunden : user_pref("CT2883880.SearchEngineBeforeUnload", "Abacho Customized Web Search");
Gefunden : user_pref("CT2883880.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2883880.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT288[...]
Gefunden : user_pref("CT2883880.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2883880.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2883880.SearchInNewTabLastCheckTime", "Sun Oct 23 2011 20:31:19 GMT+0200");
Gefunden : user_pref("CT2883880.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2883880.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Gefunden : user_pref("CT2883880.SearchProtectorEnabled", false);
Gefunden : user_pref("CT2883880.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT2883880.SendProtectorDataViaLogin", true);
Gefunden : user_pref("CT2883880.ServiceMapLastCheckTime", "Sun Oct 23 2011 20:31:18 GMT+0200");
Gefunden : user_pref("CT2883880.SettingsLastCheckTime", "Sun Oct 23 2011 20:31:17 GMT+0200");
Gefunden : user_pref("CT2883880.SettingsLastUpdate", "1312118211");
Gefunden : user_pref("CT2883880.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2883880&SearchSource=13");
Gefunden : user_pref("CT2883880.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2883880.ThirdPartyComponentsLastCheck", "Sun Oct 23 2011 20:31:17 GMT+0200");
Gefunden : user_pref("CT2883880.ThirdPartyComponentsLastUpdate", "1255344657");
Gefunden : user_pref("CT2883880.ToolbarDisabled", false);
Gefunden : user_pref("CT2883880.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT2883880.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2883880");
Gefunden : user_pref("CT2883880.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2883880.Uninstall", true);
Gefunden : user_pref("CT2883880.UserID", "UN82299131149769540");
Gefunden : user_pref("CT2883880.WeatherNetwork", "");
Gefunden : user_pref("CT2883880.WeatherPollDate", "Sun Oct 23 2011 20:31:19 GMT+0200");
Gefunden : user_pref("CT2883880.WeatherUnit", "C");
Gefunden : user_pref("CT2883880.alertChannelId", "1275839");
Gefunden : user_pref("CT2883880.components.1000515", true);
Gefunden : user_pref("CT2883880.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2883880.globalFirstTimeInfoLastCheckTime", "Sun Oct 23 2011 20:31:19 GMT+0200");
Gefunden : user_pref("CT2883880.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2883880.initDone", true);
Gefunden : user_pref("CT2883880.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT2883880.isFirstRadioInstallation", false);
Gefunden : user_pref("CT2883880.myStuffEnabled", true);
Gefunden : user_pref("CT2883880.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2883880.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2883880.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2883880.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2883880.oldAppsList", "129375914645931456,129375914645931457,111,129478625310412829,129[...]
Gefunden : user_pref("CT2883880.revertSettingsEnabled", true);
Gefunden : user_pref("CT2883880.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2883880.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2883880.testingCtid", "");
Gefunden : user_pref("CT2883880.toolbarAppMetaDataLastCheckTime", "Sun Oct 23 2011 20:31:19 GMT+0200");
Gefunden : user_pref("CT2883880.toolbarContextMenuLastCheckTime", "Sun Oct 23 2011 20:31:19 GMT+0200");
Gefunden : user_pref("CT2883880.usagesFlag", 2);
Gefunden : user_pref("CT3067892..clientLogIsEnabled", true);
Gefunden : user_pref("CT3067892..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT3067892..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT3067892.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT3067892.AppTrackingLastCheckTime", "Sun Oct 23 2011 20:20:59 GMT+0200");
Gefunden : user_pref("CT3067892.CT3067892", "CT3067892");
Gefunden : user_pref("CT3067892.CommunitiesChangesLastCheckTime", "0");
Gefunden : user_pref("CT3067892.CurrentServerDate", "23-10-2011");
Gefunden : user_pref("CT3067892.DSInstall", false);
Gefunden : user_pref("CT3067892.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT3067892.DialogsGetterLastCheckTime", "Sun Oct 23 2011 20:20:48 GMT+0200");
Gefunden : user_pref("CT3067892.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gefunden : user_pref("CT3067892.ExternalComponentPollDate129566818146468186", "Sun Oct 23 2011 20:24:31 GMT+020[...]
Gefunden : user_pref("CT3067892.ExternalComponentPollDate129596917596602085", "Sun Oct 23 2011 20:24:31 GMT+020[...]
Gefunden : user_pref("CT3067892.ExternalComponentPollDate129596934616067389", "Sun Oct 23 2011 20:24:31 GMT+020[...]
Gefunden : user_pref("CT3067892.FirstServerDate", "23-10-2011");
Gefunden : user_pref("CT3067892.FirstTime", true);
Gefunden : user_pref("CT3067892.FirstTimeFF3", true);
Gefunden : user_pref("CT3067892.FixPageNotFoundErrors", false);
Gefunden : user_pref("CT3067892.GroupingInvalidateCache", false);
Gefunden : user_pref("CT3067892.GroupingLastCheckTime", "0");
Gefunden : user_pref("CT3067892.GroupingLastServerUpdateTime", "0");
Gefunden : user_pref("CT3067892.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT3067892.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT3067892.HPInstall", false);
Gefunden : user_pref("CT3067892.HasUserGlobalKeys", true);
Gefunden : user_pref("CT3067892.HomePageProtectorEnabled", false);
Gefunden : user_pref("CT3067892.HomepageBeforeUnload", "resource:/browserconfig.properties");
Gefunden : user_pref("CT3067892.Initialize", true);
Gefunden : user_pref("CT3067892.InitializeCommonPrefs", true);
Gefunden : user_pref("CT3067892.InstallationAndCookieDataSentCount", 1);
Gefunden : user_pref("CT3067892.InstallationType", "DirectDownload");
Gefunden : user_pref("CT3067892.InstalledDate", "Sun Oct 23 2011 20:20:49 GMT+0200");
Gefunden : user_pref("CT3067892.InvalidateCache", false);
Gefunden : user_pref("CT3067892.IsAlertDBUpdated", true);
Gefunden : user_pref("CT3067892.IsGrouping", false);
Gefunden : user_pref("CT3067892.IsInitSetupIni", true);
Gefunden : user_pref("CT3067892.IsMulticommunity", false);
Gefunden : user_pref("CT3067892.IsOpenThankYouPage", true);
Gefunden : user_pref("CT3067892.IsOpenUninstallPage", true);
Gefunden : user_pref("CT3067892.IsProtectorsInit", true);
Gefunden : user_pref("CT3067892.LanguagePackLastCheckTime", "Sun Oct 23 2011 20:20:49 GMT+0200");
Gefunden : user_pref("CT3067892.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT3067892.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT3067892.LastLogin_3.7.0.6", "Sun Oct 23 2011 20:21:22 GMT+0200");
Gefunden : user_pref("CT3067892.LatestVersion", "3.7.0.6");
Gefunden : user_pref("CT3067892.Locale", "en-US");
Gefunden : user_pref("CT3067892.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT3067892.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT3067892.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT3067892.MyStuffEnabledAtInstallation", false);
Gefunden : user_pref("CT3067892.OriginalFirstVersion", "3.7.0.6");
Gefunden : user_pref("CT3067892.RadioLastCheckTime", "0");
Gefunden : user_pref("CT3067892.RadioLastUpdateIPServer", "0");
Gefunden : user_pref("CT3067892.RadioLastUpdateServer", "0");
Gefunden : user_pref("CT3067892.SearchCaption", "Miniclip Customized Web Search");
Gefunden : user_pref("CT3067892.SearchEngineBeforeUnload", "Google");
Gefunden : user_pref("CT3067892.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT3067892.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT306[...]
Gefunden : user_pref("CT3067892.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT3067892.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT3067892.SearchInNewTabLastCheckTime", "Sun Oct 23 2011 20:21:22 GMT+0200");
Gefunden : user_pref("CT3067892.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT3067892.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Gefunden : user_pref("CT3067892.SearchProtectorEnabled", false);
Gefunden : user_pref("CT3067892.SearchProtectorToolbarDisabled", false);
Gefunden : user_pref("CT3067892.SendProtectorDataViaLogin", true);
Gefunden : user_pref("CT3067892.ServiceMapLastCheckTime", "Sun Oct 23 2011 20:20:44 GMT+0200");
Gefunden : user_pref("CT3067892.SettingsLastCheckTime", "Sun Oct 23 2011 20:24:31 GMT+0200");
Gefunden : user_pref("CT3067892.SettingsLastUpdate", "1319012827");
Gefunden : user_pref("CT3067892.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT3067892&SearchSource=13");
Gefunden : user_pref("CT3067892.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT3067892.ThirdPartyComponentsLastCheck", "Sun Oct 23 2011 20:20:44 GMT+0200");
Gefunden : user_pref("CT3067892.ThirdPartyComponentsLastUpdate", "1312887586");
Gefunden : user_pref("CT3067892.ToolbarShrinkedFromSetup", false);
Gefunden : user_pref("CT3067892.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3067892");
Gefunden : user_pref("CT3067892.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT3067892.Uninstall", true);
Gefunden : user_pref("CT3067892.UserID", "UN99041919898422279");
Gefunden : user_pref("CT3067892.ValidationData_Toolbar", 2);
Gefunden : user_pref("CT3067892.alertChannelId", "1459387");
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610743761394763000000paramsgk1", "7B22757064617465526[...]
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610743761394763000000twittertemplate_notify_followers[...]
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610743761394763000000twittertemplate_notify_followers[...]
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610743761394763000000twittertemplate_notify_following[...]
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610743761394763000000twittertemplate_notify_following[...]
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610743761394763000000twittertemplate_notify_home", "3[...]
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610743761394763000000twittertemplate_notify_home_coun[...]
Gefunden : user_pref("CT3067892.backendstorage.3067892a129610745415638139000000paramsgk1", "7B22757064617465526[...]
Gefunden : user_pref("CT3067892.backendstorage.twittertemplate_3067892a129610743761394763000000_dailyactivity",[...]
Gefunden : user_pref("CT3067892.backendstorage.twittertemplate_3067892a129610743761394763000000_lifetimesent", [...]
Gefunden : user_pref("CT3067892.backendstorage.youtubetemplate_3067892a129610745415638139000000_lang", "4445");
Gefunden : user_pref("CT3067892.backendstorage.youtubetemplate_lastopenappdate3067892a129610745415638139000000"[...]
Gefunden : user_pref("CT3067892.backendstorage.youtubetemplate_param_f", "30");
Gefunden : user_pref("CT3067892.backendstorage.youtubetemplate_username_3067892a129610745415638139000000", "6D6[...]
Gefunden : user_pref("CT3067892.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT3067892.globalFirstTimeInfoLastCheckTime", "Sun Oct 23 2011 20:20:48 GMT+0200");
Gefunden : user_pref("CT3067892.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT3067892.initDone", true);
Gefunden : user_pref("CT3067892.isAppTrackingManagerOn", true);
Gefunden : user_pref("CT3067892.myStuffEnabled", true);
Gefunden : user_pref("CT3067892.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT3067892.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT3067892.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT3067892.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT3067892.revertSettingsEnabled", true);
Gefunden : user_pref("CT3067892.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT3067892.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT3067892.testingCtid", "");
Gefunden : user_pref("CT3067892.toolbarAppMetaDataLastCheckTime", "Sun Oct 23 2011 20:20:48 GMT+0200");
Gefunden : user_pref("CT3067892.toolbarContextMenuLastCheckTime", "Sun Oct 23 2011 20:20:49 GMT+0200");
Gefunden : user_pref("CT3067892.usagesFlag", 2);
Gefunden : user_pref("CommunityToolbar.ConduitSearchList", "Abacho Customized Web Search");
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1275839/1271511/DE", "\"0\"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1459387/1455042/DE", "\"0\"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2883880", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3067892", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2883880",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3067892",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2883880&octid=[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3067892&octid=[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/Idle.GIF", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/mini.gif", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/play.gif", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/stop.gif", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Chrome/volume.gif"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de-de", "\"[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-US", "\"[...]
Gefunden : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jannik\\AppData\\Roaming\\Mozilla\\[...]
Gefunden : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.google.com/search?sourceid=na[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2883880,CT3067892");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2883880,CT3067892");
Gefunden : user_pref("CommunityToolbar.ToolbarsList4", "CT2883880,CT3067892");
Gefunden : user_pref("CommunityToolbar.globalUserId", "06040807-8fbc-4017-bbbc-b51a8f6f51bb");
Gefunden : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gefunden : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2883880");
Gefunden : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Oct 23 2011 20:20:4[...]
Gefunden : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Gefunden : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Oct 23 2011 20:20:54 GMT+020[...]
Gefunden : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.locale", "en");
Gefunden : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Oct 23 2011 20:20:46 GMT+0200");
Gefunden : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gefunden : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.notifications.userId", "00dd2e7c-042b-485b-b13b-717c8929265d");
Gefunden : user_pref("CommunityToolbar.originalHomepage", "resource:/browserconfig.properties");
Gefunden : user_pref("CommunityToolbar.originalSearchEngine", "Google");
Gefunden : user_pref("browser.search.defaultthis.engineName", "Abacho Customized Web Search");
Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2883880&Sea[...]
Gefunden : user_pref("extensions.BabylonToolbar.bbDpng", 11);
Gefunden : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gefunden : user_pref("extensions.BabylonToolbar.firstRun", false);
Gefunden : user_pref("extensions.BabylonToolbar.hdrMd5", "ECA5605A94C4AC66B120302BFBEF59D6");
Gefunden : user_pref("extensions.BabylonToolbar.lastActv", "11");
Gefunden : user_pref("extensions.BabylonToolbar.lastDP", 11);

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\Jannik\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [28117 octets] - [02/01/2013 01:58:40]

########## EOF - C:\AdwCleaner[R1].txt - [28178 octets] ##########

MFG Jamaico

800000cb.@ und 80000000.@ Trojaner

Plagegeister aller Art und deren Bekämpfung: 800000cb.@ und 80000000.@ Trojaner