Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Bluscreen beim runterfahren von Win7

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.11.2010, 14:15   #1
Hesse
 
Bluscreen beim runterfahren von Win7 - Unglücklich

Bluscreen beim runterfahren von Win7



Hallo.

Ich habe Eure Seite gefunden und habe nun eine Frage.
Seit neustem hat mein Rechner mit Win 7 das Problem das er beim runterfahren kurzzeitig einen Bluescreen macht mit viel Text. Danach fährt er runter, Bildschirm geht normal aus, Rechner aber nicht. Dann fährt er PC wieder hoch und fragt ob er im normalen oder abgesicherten Modus starten soll. Ich weiß nicht mehr weiter und hoffe hier kann man mir helfen.
Anbei ein Log von HighJack This

HiJackthis Logfile:
Code:
ATTFilter
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:35, on 29.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal
 
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Stefan\Downloads\HiJackThis204.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/?pc=AVBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=mp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll
O3 - Toolbar: MessengerPlusLive Germany TB Toolbar - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB69} (Flatcast Producer 5.2) - hxxp://92.51.137.94/objects/NpFp522.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Avira AntiVir Planer (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Realtek11nSU - Realtek - C:\Program Files\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe
 
--
End of file - 7740 bytes
         
--- --- ---

Ich hoffe habe alles richtig gemacht und man kann mir helfen.

Anbei noch einmal OLT:


rmal aus, aberd er Rechner an sich nichtOTL Logfile:
Code:
ATTFilter
OTL logfile created on: 29.11.2010 15:04:37 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Users\Stefan\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 60,00% Memory free
5,00 Gb Paging File | 4,00 Gb Available in Paging File | 75,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 74,52 Gb Total Space | 39,51 Gb Free Space | 53,02% Space Free | Partition Type: NTFS
Drive D: | 74,53 Gb Total Space | 19,74 Gb Free Space | 26,49% Space Free | Partition Type: NTFS
 
Computer Name: STEFAN-PC | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.11.29 15:03:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan\Downloads\OTL.exe
PRC - [2010.11.03 16:35:14 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2010.11.03 16:35:13 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.11.03 16:35:13 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.11.01 22:36:03 | 000,974,904 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2010.10.05 19:56:48 | 009,742,952 | ---- | M] (Realtek Semiconductor) -- C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
PRC - [2010.09.22 22:28:10 | 000,025,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Contacts\wlcomm.exe
PRC - [2010.09.16 21:04:06 | 001,164,584 | ---- | M] () -- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
PRC - [2010.07.12 17:32:48 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2010.06.08 15:41:22 | 001,118,208 | ---- | M] (Sitecom Corp.) -- C:\Program Files\SITECOM\300N USB Wireless LAN Utility\RtWLan.exe
PRC - [2010.04.16 15:10:58 | 000,036,864 | ---- | M] (Realtek) -- C:\Program Files\SITECOM\300N USB Wireless LAN Utility\RtlService.exe
PRC - [2010.01.14 21:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 02:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2008.01.22 10:13:32 | 001,201,448 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2008.01.22 10:13:20 | 000,152,872 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007.08.02 21:08:00 | 000,095,504 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.11.29 15:03:44 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan\Downloads\OTL.exe
MOD - [2010.08.21 06:21:32 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16661_none_420fe3fa2b8113bd\comctl32.dll
MOD - [2009.07.14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
MOD - [2009.07.14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
MOD - [2009.07.14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
MOD - [2009.07.14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
MOD - [2009.07.14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
MOD - [2009.07.14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
MOD - [2009.07.14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
MOD - [2009.07.14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
MOD - [2009.07.14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
MOD - [2009.07.14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - [2010.11.03 16:35:14 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.11.03 16:35:13 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.10.19 13:29:03 | 002,011,944 | ---- | M] (TeamViewer GmbH) [On_Demand | Stopped] -- C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe -- (TeamViewer5)
SRV - [2010.09.22 23:21:24 | 001,493,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Live\Family Safety\fsssvc.exe -- (fsssvc)
SRV - [2010.09.22 15:33:04 | 000,051,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.04.16 15:10:58 | 000,036,864 | ---- | M] (Realtek) [Auto | Running] -- C:\Program Files\SITECOM\300N USB Wireless LAN Utility\RtlService.exe -- (Realtek11nSU)
SRV - [2009.07.14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
SRV - [2009.07.14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
SRV - [2009.07.14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
SRV - [2009.07.14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
SRV - [2009.07.14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
SRV - [2009.07.14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
SRV - [2009.07.14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
SRV - [2009.07.14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
SRV - [2009.07.14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
SRV - [2009.07.14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.07.14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
SRV - [2009.07.14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
SRV - [2009.07.14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
SRV - [2009.07.14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)
SRV - [2009.07.14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
SRV - [2009.07.14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2010.11.03 16:35:14 | 000,126,856 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.11.03 16:35:14 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2010.10.05 19:57:10 | 003,211,432 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RTKVHDA.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2010.09.22 23:21:24 | 000,039,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fssfltr.sys -- (fssfltr)
DRV - [2010.05.12 16:29:32 | 000,600,096 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rtl8192su.sys -- (RTL8192su)
DRV - [2009.12.11 08:44:02 | 000,133,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)
DRV - [2009.07.14 02:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)
DRV - [2009.07.14 02:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)
DRV - [2009.07.14 02:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)
DRV - [2009.07.14 02:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)
DRV - [2009.07.14 02:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)
DRV - [2009.07.14 02:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)
DRV - [2009.07.14 02:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)
DRV - [2009.07.14 02:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)
DRV - [2009.07.14 02:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)
DRV - [2009.07.14 02:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)
DRV - [2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)
DRV - [2009.07.14 02:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)
DRV - [2009.07.14 02:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)
DRV - [2009.07.14 02:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)
DRV - [2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)
DRV - [2009.07.14 02:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)
DRV - [2009.07.14 02:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2009.07.14 02:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)
DRV - [2009.07.14 02:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)
DRV - [2009.07.14 02:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)
DRV - [2009.07.14 02:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)
DRV - [2009.07.14 02:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)
DRV - [2009.07.14 02:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)
DRV - [2009.07.14 02:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)
DRV - [2009.07.14 02:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)
DRV - [2009.07.14 02:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)
DRV - [2009.07.14 02:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.14 02:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)
DRV - [2009.07.14 02:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)
DRV - [2009.07.14 02:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)
DRV - [2009.07.14 02:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)
DRV - [2009.07.14 02:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)
DRV - [2009.07.14 02:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)
DRV - [2009.07.14 02:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)
DRV - [2009.07.14 02:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)
DRV - [2009.07.14 02:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)
DRV - [2009.07.14 01:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC-Seriellschnittstellentreiber (WDM)
DRV - [2009.07.14 01:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)
DRV - [2009.07.14 01:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)
DRV - [2009.07.14 00:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)
DRV - [2009.07.14 00:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)
DRV - [2009.07.14 00:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)
DRV - [2009.07.14 00:52:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\vwififlt.sys -- (vwififlt)
DRV - [2009.07.14 00:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)
DRV - [2009.07.14 00:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\1394ohci.sys -- (1394ohci)
DRV - [2009.07.14 00:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)
DRV - [2009.07.14 00:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV - [2009.07.14 00:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)
DRV - [2009.07.14 00:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)
DRV - [2009.07.14 00:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)
DRV - [2009.07.14 00:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)
DRV - [2009.07.14 00:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)
DRV - [2009.07.14 00:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)
DRV - [2009.07.13 23:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2009.07.13 23:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm) Brother MFC-nur-Fax-Modem (USB)
DRV - [2009.07.13 23:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer) Brother MFC-WDM-Treiber (USB,seriell)
DRV - [2009.07.13 23:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm) Brother WDM-Treiber (seriell)
DRV - [2009.07.13 23:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)
DRV - [2009.07.13 23:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)
DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.07.13 23:02:50 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2009.07.13 23:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)
DRV - [2009.07.13 23:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)
DRV - [2009.07.13 23:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)
DRV - [2009.06.10 22:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2009.05.11 09:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2008.01.19 04:55:22 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\irsir.sys -- (irsir)
DRV - [2005.01.19 10:14:38 | 000,211,712 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LV561AV.SYS -- (PID_0928) Labtec WebCam(PID_0928)
DRV - [2005.01.19 10:11:16 | 000,022,016 | ---- | M] (Labtec Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LVUSBSta.sys -- (LVUSBSta)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/?pc=AVBR
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?ocid=mp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 89 5B FF D9 91 67 CB 01 [binary data]
IE - HKCU\..\URLSearchHook: {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2431245&SearchSource=3&q={searchTerms}"
FF - prefs.js..browser.search.selectedEngine: "softonic-de3 Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://de.msn.com/?ocid=mp"
FF - prefs.js..extensions.enabledItems: {0b38152b-1b20-484d-a11f-5e04a9b0661f}:5.6.12.1
FF - prefs.js..extensions.enabledItems: {12e4c684-c03e-4e4d-85bc-0c065e7a9489}:5.23.2.10
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.6.13.184
FF - prefs.js..extensions.enabledItems: {76aeea42-e04a-4b62-83ab-df4b2be2541e}:2.7.1.3
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.11.02 15:04:52 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.12\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.11.21 13:57:08 | 000,000,000 | ---D | M]
 
[2010.10.09 10:56:44 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\mozilla\Extensions
[2010.11.29 01:06:50 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\onka5vqc.default\extensions
[2010.10.23 22:38:42 | 000,000,000 | ---D | M] (Winamp Toolbar) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\onka5vqc.default\extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f}
[2010.11.02 18:51:41 | 000,000,000 | ---D | M] (SHOUTcast Radio Toolbar) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\onka5vqc.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}
[2010.11.13 00:52:58 | 000,000,000 | ---D | M] (MessengerPlusLive Germany TB Toolbar) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\onka5vqc.default\extensions\{76aeea42-e04a-4b62-83ab-df4b2be2541e}
[2010.11.21 22:36:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Stefan\AppData\Roaming\mozilla\Firefox\Profiles\onka5vqc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2010.06.08 10:29:10 | 000,000,927 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Mozilla\FireFox\Profiles\onka5vqc.default\searchplugins\conduit.xml
[2010.11.28 15:41:51 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2010.11.03 21:48:32 | 002,340,280 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFp522.dll
[2009.09.21 11:00:44 | 001,447,328 | ---- | M] (1 mal 1 Software GmbH) -- C:\Program Files\Mozilla Firefox\plugins\NpFv522.dll
[2010.07.12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
[2010.09.14 22:32:39 | 000,001,392 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2010.09.14 22:32:39 | 000,002,344 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-de.xml
[2010.09.14 22:32:39 | 000,006,805 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2010.09.14 22:32:39 | 000,001,178 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2010.09.14 22:32:39 | 000,001,105 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O2 - BHO: (Windows Live Messenger Companion Helper) - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (MessengerPlusLive Germany TB Toolbar) - {76aeea42-e04a-4b62-83ab-df4b2be2541e} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (MessengerPlusLive Germany TB Toolbar) - {76AEEA42-E04A-4B62-83AB-DF4B2BE2541E} - C:\Program Files\MessengerPlusLive_Germany_TB\tbMess.dll (Conduit Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Ulead AutoDetector v2] C:\Program Files\Common Files\Ulead Systems\AutoDetector\Monitor.exe (Ulead Systems, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O9 - Extra Button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe (PokerStars)
O13 - gopher Prefix: missing
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {A672558F-A878-4D5A-A921-627C091CEB69} hxxp://92.51.137.94/objects/NpFp522.dll (Flatcast Producer 5.2)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\System32\livessp.dll (Microsoft Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{af525333-ebff-11df-a6c7-00196669a539}\Shell - "" = AutoRun
O33 - MountPoints2\{af525333-ebff-11df-a6c7-00196669a539}\Shell\AutoRun\command - "" = F:\Startme.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.11.29 15:05:39 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Malwarebytes
[2010.11.29 15:05:26 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010.11.29 15:05:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.11.29 14:33:52 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\Vista_Win7_R253
[2010.11.28 15:43:23 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2010.11.28 15:43:19 | 000,000,000 | R--D | C] -- C:\Program Files\Skype
[2010.11.28 14:58:42 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.11.27 00:01:15 | 000,000,000 | ---D | C] -- C:\Program Files\Norton Security Scan
[2010.11.27 00:01:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2010.11.27 00:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Symantec
[2010.11.27 00:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2010.11.27 00:01:03 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2010.11.24 23:26:24 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\Onkelz Event
[2010.11.23 22:39:21 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\AlcaTech
[2010.11.23 22:38:55 | 000,000,000 | ---D | C] -- C:\ProgramData\AlcaTech
[2010.11.23 22:38:54 | 000,000,000 | ---D | C] -- C:\Program Files\AlcaTech
[2010.11.23 20:43:33 | 000,102,400 | ---- | C] (ECX Programming / CCRP) -- C:\Windows\System32\Ccrpprg6.ocx
[2010.11.23 20:43:30 | 000,027,648 | ---- | C] (<none>) -- C:\Windows\System32\Ssubtmr.dll
[2010.11.23 17:14:30 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\michaelkaesper.de Software
[2010.11.23 17:10:21 | 000,000,000 | ---D | C] -- C:\Program Files\michaelkaesper.de Software
[2010.11.21 23:58:29 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Publish Providers
[2010.11.21 23:57:52 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\Vegas Movie Studio PE 9.0 Projekte
[2010.11.21 23:57:52 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Sony
[2010.11.21 23:51:36 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Sony
[2010.11.21 23:46:04 | 000,000,000 | ---D | C] -- C:\Program Files\Sony Setup
[2010.11.21 22:36:55 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.11.21 22:36:51 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\DVDVideoSoft
[2010.11.21 22:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2010.11.21 22:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2010.11.21 22:07:15 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\MAGIX Downloads
[2010.11.21 22:07:07 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\MAGIX
[2010.11.21 22:04:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Shared
[2010.11.21 22:04:45 | 000,909,312 | ---- | C] (MAGIX AG) -- C:\Windows\System32\MXRestore.exe
[2010.11.21 22:04:45 | 000,278,528 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRES32.dll
[2010.11.21 22:04:45 | 000,090,112 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRF32.dll
[2010.11.21 22:04:45 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\STRING32.dll
[2010.11.21 22:04:45 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPTL32.dll
[2010.11.21 22:04:45 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLTPO32.dll
[2010.11.21 22:04:45 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPRJ32.dll
[2010.11.21 22:04:45 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msxml4a.dll
[2010.11.21 22:04:45 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLRD32.dll
[2010.11.21 22:04:45 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTIC32.dll
[2010.11.21 22:04:45 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\TTI32.dll
[2010.11.21 22:04:44 | 000,724,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLAV32.dll
[2010.11.21 22:04:44 | 000,221,184 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDRV32.dll
[2010.11.21 22:04:44 | 000,212,992 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDEV32.dll
[2010.11.21 22:04:44 | 000,147,456 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCPY32.dll
[2010.11.21 22:04:44 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDA32.dll
[2010.11.21 22:04:44 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIO32.dll
[2010.11.21 22:04:44 | 000,077,824 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLPNT32.dll
[2010.11.21 22:04:44 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLCDF32.dll
[2010.11.21 22:04:44 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIMG32.dll
[2010.11.21 22:04:44 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLMSC32.dll
[2010.11.21 22:04:44 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLISO32.dll
[2010.11.21 22:04:44 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLDIR32.dll
[2010.11.21 22:04:44 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\System32\DLLIX.dll
[2010.11.21 22:03:51 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\MAGIX_Video_deluxe_16_Download-Version
[2010.11.21 22:02:04 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2010.11.21 22:00:33 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\MAGIX Services
[2010.11.21 21:51:17 | 000,719,872 | ---- | C] (Abysmal Software) -- C:\Windows\System32\devil.dll
[2010.11.21 21:51:17 | 000,369,152 | ---- | C] (The Public) -- C:\Windows\System32\avisynth.dll
[2010.11.21 21:51:16 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\yv12vfw.dll
[2010.11.21 21:51:16 | 000,070,656 | ---- | C] (www.helixcommunity.org) -- C:\Windows\System32\i420vfw.dll
[2010.11.21 21:51:15 | 000,000,000 | ---D | C] -- C:\Program Files\AviSynth 2.5
[2010.11.21 21:40:03 | 000,000,000 | ---D | C] -- C:\Program Files\eRightSoft
[2010.11.17 14:50:02 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\Any Video Converter
[2010.11.17 14:49:26 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\AnvSoft
[2010.11.17 14:49:21 | 000,000,000 | ---D | C] -- C:\Program Files\AnvSoft
[2010.11.17 14:46:34 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll
[2010.11.16 21:58:29 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\TubeBox!
[2010.11.16 21:58:29 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\TubeBox
[2010.11.13 01:01:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Messenger Plus!
[2010.11.13 00:57:15 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\Messenger Plus! Live
[2010.11.13 00:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\MessengerPlusLive_Germany_TB
[2010.11.13 00:52:47 | 000,000,000 | ---D | C] -- C:\Program Files\Messenger Plus! Live
[2010.11.10 16:13:16 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\Nero Home
[2010.11.09 23:35:12 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Artisteer
[2010.11.09 21:56:25 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\Joomla
[2010.11.09 17:34:23 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\MetaGeek,_LLC
[2010.11.09 17:33:54 | 000,000,000 | ---D | C] -- C:\Program Files\MetaGeek
[2010.11.08 18:20:44 | 000,501,912 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK2.dll
[2010.11.08 18:20:44 | 000,120,992 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EpPicPrt.dll
[2010.11.08 18:20:44 | 000,108,704 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICEntry.dll
[2010.11.08 18:20:44 | 000,080,024 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\PICSDK.dll
[2010.11.08 18:20:44 | 000,071,840 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\EPPicMgr.dll
[2010.11.08 18:17:03 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\OneNote-Notizbücher
[2010.11.08 18:12:53 | 000,000,000 | ---D | C] -- C:\Program Files\epson
[2010.11.08 18:12:52 | 000,061,952 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\escwiad.dll
[2010.11.08 00:00:44 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\FileZilla
[2010.11.08 00:00:35 | 000,000,000 | ---D | C] -- C:\Program Files\FileZilla FTP Client
[2010.11.06 02:33:07 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Ulead Systems
[2010.11.06 02:31:28 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\InstallShield
[2010.11.06 02:28:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ulead Systems
[2010.11.06 02:28:01 | 000,000,000 | ---D | C] -- C:\Program Files\Corel
[2010.11.05 12:22:20 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2010.11.05 01:12:09 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Ahead
[2010.11.05 01:11:02 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Ahead
[2010.11.05 01:10:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Ahead
[2010.11.05 01:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Nero
[2010.11.05 01:08:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Ahead
[2010.11.05 01:06:21 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll
[2010.11.05 01:06:20 | 002,323,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_28.dll
[2010.11.05 00:24:43 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2010.11.05 00:18:58 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Nero
[2010.11.05 00:18:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Nero
[2010.11.04 15:05:47 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\SpacialAudio
[2010.11.04 15:04:43 | 000,000,000 | ---D | C] -- C:\Program Files\Firebird
[2010.11.04 15:04:24 | 000,000,000 | ---D | C] -- C:\Program Files\SpacialAudio
[2010.11.04 14:58:58 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Documents\VirtualDJ
[2010.11.04 00:09:46 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\pokerth
[2010.11.04 00:09:23 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\PokerTH
[2010.11.04 00:08:50 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\WinRAR
[2010.11.04 00:08:34 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2010.11.03 23:37:15 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\TS3Client
[2010.11.03 23:35:41 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2010.11.03 21:34:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\RTCOM
[2010.11.03 21:34:06 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\WavesLib.dll
[2010.11.03 21:34:06 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSXT.dll
[2010.11.03 21:34:06 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSTSHD.dll
[2010.11.03 21:34:06 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSHP360.dll
[2010.11.03 21:34:06 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\System32\SRSWOW.dll
[2010.11.03 21:34:05 | 003,610,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkAPO.dll
[2010.11.03 21:34:05 | 003,211,432 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\drivers\RTKVHDA.sys
[2010.11.03 21:34:05 | 001,843,816 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkPgExt.dll
[2010.11.03 21:34:05 | 001,084,008 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RTSndMgr.cpl
[2010.11.03 21:34:05 | 000,453,224 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkApoApi.dll
[2010.11.03 21:34:05 | 000,066,152 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\System32\RtkCoInst.dll
[2010.11.03 21:34:04 | 000,739,416 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBAPO32.dll
[2010.11.03 21:34:04 | 000,357,576 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEP32A.dll
[2010.11.03 21:34:04 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DHT32.dll
[2010.11.03 21:34:04 | 000,293,584 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RP3DAA32.dll
[2010.11.03 21:34:04 | 000,168,648 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEED32A.dll
[2010.11.03 21:34:04 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEL32A.dll
[2010.11.03 21:34:04 | 000,070,232 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBWrp32.dll
[2010.11.03 21:34:04 | 000,062,664 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\System32\RTEEG32A.dll
[2010.11.03 21:34:04 | 000,053,848 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBppld32.dll
[2010.11.03 21:34:04 | 000,050,776 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\System32\MBPPCn32.dll
[2010.11.03 21:34:03 | 001,938,704 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioEQ.dll
[2010.11.03 21:34:03 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO20.dll
[2010.11.03 21:34:03 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\System32\MaxxAudioAPO.dll
[2010.11.03 21:34:02 | 000,305,568 | ---- | C] (Fortemedia Corporation) -- C:\Windows\System32\FMAPO.dll
[2010.11.03 21:34:01 | 000,175,200 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTACap.dll
[2010.11.03 21:34:01 | 000,096,160 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\System32\AERTARen.dll
[2010.11.03 21:34:00 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2010.11.03 21:33:57 | 000,000,000 | -H-D | C] -- C:\Program Files\Temp
[2010.11.03 21:33:56 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2010.11.03 20:51:57 | 000,000,000 | ---D | C] -- C:\Program Files\Lavalys
[2010.11.03 19:13:58 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Nvu
[2010.11.03 19:13:40 | 000,000,000 | ---D | C] -- C:\Program Files\Nvu
[2010.11.01 12:14:52 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\TeamViewer
[2010.11.01 12:14:46 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
[2010.11.01 10:57:28 | 000,026,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\Diskdump.sys
[2010.11.01 10:57:18 | 000,417,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdri.dll
[2010.11.01 10:57:17 | 000,641,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CPFilters.dll
[2010.11.01 10:57:15 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2010.11.01 10:57:15 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mpg2splt.ax
 
========== Files - Modified Within 30 Days ==========
 
[2010.11.29 15:05:33 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.29 14:29:00 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.11.29 13:06:24 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2010.11.29 13:06:24 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2010.11.29 13:01:01 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.11.29 13:00:57 | 000,000,316 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2010.11.29 13:00:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.11.29 13:00:18 | 258,153,658 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.11.29 13:00:13 | 2214,043,648 | -HS- | M] () -- C:\hiberfil.sys
[2010.11.28 17:58:50 | 000,079,104 | ---- | M] () -- C:\Users\Stefan\Desktop\hg grau.jpg
[2010.11.28 15:43:23 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.27 21:15:29 | 000,014,763 | ---- | M] () -- C:\Users\Stefan\Desktop\FC Tanz.docx
[2010.11.22 15:51:34 | 000,223,486 | ---- | M] () -- C:\Users\Stefan\Documents\ts3_clientui-win32-12815-2010-11-22 15_51_34.130859.dmp
[2010.11.22 15:06:48 | 000,466,008 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.11.21 13:57:09 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.18 15:29:11 | 000,002,206 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.11.16 21:11:07 | 000,643,628 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.11.16 21:11:07 | 000,606,992 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.11.16 21:11:07 | 000,126,188 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.11.16 21:11:07 | 000,103,370 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.11.15 23:29:58 | 000,001,571 | ---- | M] () -- C:\Windows\unins000.dat
[2010.11.15 23:29:55 | 000,695,578 | ---- | M] () -- C:\Windows\unins000.exe
[2010.11.08 20:28:31 | 000,000,162 | -H-- | M] () -- C:\Users\Stefan\Desktop\~$ankreich Test.docx
[2010.11.08 18:17:03 | 000,001,286 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2010.11.08 18:12:53 | 000,000,934 | ---- | M] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2010.11.08 00:00:41 | 000,001,910 | ---- | M] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010.11.06 02:30:40 | 000,001,944 | ---- | M] () -- C:\Users\Public\Desktop\PhotoImpact X3.lnk
[2010.11.05 01:11:51 | 000,002,682 | ---- | M] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.11.05 01:11:51 | 000,002,552 | ---- | M] () -- C:\Users\Public\Desktop\Nero Home.lnk
[2010.11.04 17:42:03 | 000,000,000 | ---- | M] () -- C:\Users\Stefan\AppData\Roaming\AVSMediaPlayer.m3u
[2010.11.03 23:35:47 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.11.03 20:52:00 | 000,001,036 | ---- | M] () -- C:\Users\Stefan\Desktop\EVEREST Home Edition.lnk
[2010.11.03 16:35:14 | 000,126,856 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.11.03 16:35:14 | 000,060,936 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.11.02 19:01:41 | 000,000,901 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2010.11.01 12:14:51 | 000,001,084 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
 
========== Files Created - No Company Name ==========
 
[2010.11.29 15:05:32 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2010.11.28 17:39:41 | 000,079,104 | ---- | C] () -- C:\Users\Stefan\Desktop\hg grau.jpg
[2010.11.28 15:43:23 | 000,002,505 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2010.11.28 14:58:29 | 258,153,658 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.11.27 19:47:15 | 000,014,763 | ---- | C] () -- C:\Users\Stefan\Desktop\FC Tanz.docx
[2010.11.22 15:51:34 | 000,223,486 | ---- | C] () -- C:\Users\Stefan\Documents\ts3_clientui-win32-12815-2010-11-22 15_51_34.130859.dmp
[2010.11.21 22:04:44 | 000,038,492 | ---- | C] () -- C:\Windows\System32\DLLAV32.lib
[2010.11.21 22:00:50 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2010.11.21 21:51:16 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.11.21 13:57:09 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.11.18 15:29:11 | 000,002,206 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2010.11.08 20:28:31 | 000,000,162 | -H-- | C] () -- C:\Users\Stefan\Desktop\~$ankreich Test.docx
[2010.11.08 18:20:44 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.11.08 18:20:44 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.11.08 18:20:44 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.11.08 18:20:44 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.11.08 18:20:44 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.11.08 18:20:44 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.11.08 18:20:44 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.11.08 18:20:44 | 000,013,732 | ---- | C] () -- C:\Windows\System32\EPPICLocal_EN.cfg
[2010.11.08 18:20:44 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.11.08 18:20:44 | 000,006,442 | ---- | C] () -- C:\Windows\System32\EPPICLocal_IT.cfg
[2010.11.08 18:20:44 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_PT.cfg
[2010.11.08 18:20:44 | 000,006,347 | ---- | C] () -- C:\Windows\System32\EPPICLocal_BP.cfg
[2010.11.08 18:20:44 | 000,006,335 | ---- | C] () -- C:\Windows\System32\EPPICLocal_GE.cfg
[2010.11.08 18:20:44 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_FR.cfg
[2010.11.08 18:20:44 | 000,006,195 | ---- | C] () -- C:\Windows\System32\EPPICLocal_CF.cfg
[2010.11.08 18:20:44 | 000,006,122 | ---- | C] () -- C:\Windows\System32\EPPICLocal_DU.cfg
[2010.11.08 18:20:44 | 000,006,103 | ---- | C] () -- C:\Windows\System32\EPPICLocal_ES.cfg
[2010.11.08 18:20:44 | 000,005,817 | ---- | C] () -- C:\Windows\System32\EPPICLocal_KO.cfg
[2010.11.08 18:20:44 | 000,005,436 | ---- | C] () -- C:\Windows\System32\EPPICLocal_SC.cfg
[2010.11.08 18:20:44 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.11.08 18:20:44 | 000,002,889 | ---- | C] () -- C:\Windows\System32\EPPICLocal_RU.cfg
[2010.11.08 18:20:44 | 000,002,426 | ---- | C] () -- C:\Windows\System32\EPPICLocal_TC.cfg
[2010.11.08 18:20:44 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.11.08 18:20:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.11.08 18:20:44 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.11.08 18:20:44 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.11.08 18:20:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.11.08 18:20:44 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.11.08 18:20:44 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.11.08 18:20:44 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.11.08 18:20:44 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.11.08 18:20:44 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.11.08 18:17:03 | 000,001,286 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk
[2010.11.08 18:12:53 | 000,000,934 | ---- | C] () -- C:\Users\Public\Desktop\EPSON Scan.lnk
[2010.11.08 00:00:41 | 000,001,910 | ---- | C] () -- C:\Users\Public\Desktop\FileZilla Client.lnk
[2010.11.06 02:30:40 | 000,001,944 | ---- | C] () -- C:\Users\Public\Desktop\PhotoImpact X3.lnk
[2010.11.05 01:11:51 | 000,002,682 | ---- | C] () -- C:\Users\Public\Desktop\Nero StartSmart.lnk
[2010.11.05 01:11:51 | 000,002,552 | ---- | C] () -- C:\Users\Public\Desktop\Nero Home.lnk
[2010.11.03 23:35:47 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2010.11.03 20:52:00 | 000,001,036 | ---- | C] () -- C:\Users\Stefan\Desktop\EVEREST Home Edition.lnk
[2010.11.01 12:14:51 | 000,001,084 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 5.lnk
[2010.10.21 00:23:39 | 000,000,000 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\AVSMediaPlayer.m3u
[2010.10.21 00:22:36 | 000,524,288 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2010.10.21 00:22:36 | 000,139,264 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
[2010.10.10 13:54:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.07.14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2005.01.19 08:30:54 | 000,009,255 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini
[2002.03.17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000096.DLL
[2002.03.17 01:00:00 | 000,007,420 | ---- | C] () -- C:\Windows\UA000091.DLL
 
< End of report >
         
--- --- ---

Antwort

Themen zu Bluscreen beim runterfahren von Win7
antivir, antivir guard, avgntflt.sys, avira, bho, bildschirm, bluescreen, bluscreen, browser, conduit, corp./icp, desktop, firefox, fontcache, google, hijack, hijackthis, langs, location, mozilla, nvlddmkm.sys, nvstor.sys, oldtimer, otl logfile, problem, programdata, realtek, registry, searchplugins, security, senden, software, start menu, starten, studio, system, teamspeak, tubebox, usb, vista, webcheck, windows, windows 7



Ähnliche Themen: Bluscreen beim runterfahren von Win7


  1. exe datei ist noch offen beim runterfahren seiht 4 tagen!
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (81)
  2. WIN XP bleibt beim Runterfahren hängen
    Alles rund um Windows - 08.04.2013 (9)
  3. pup.adware.agent gefunden, probleme beim starten/runterfahren
    Log-Analyse und Auswertung - 10.09.2012 (2)
  4. Google ruft falsche Seiten auf & Bluescreen beim runterfahren.
    Log-Analyse und Auswertung - 25.12.2010 (9)
  5. Laptop ist unglaublich langsam, svchost.exe, Fehler beim Runterfahren. Prüfungszeit!
    Log-Analyse und Auswertung - 27.01.2010 (5)
  6. svchost.exe und services.exe fehler beim runterfahren
    Log-Analyse und Auswertung - 18.11.2009 (4)
  7. avguard.exe - Fehler in Anwendung (beim Runterfahren)
    Antiviren-, Firewall- und andere Schutzprogramme - 30.01.2009 (16)
  8. Pc hat Probleme beim runterfahren !
    Log-Analyse und Auswertung - 07.10.2008 (9)
  9. explorer hängt oft und absturz der dwwin.exe beim runterfahren
    Log-Analyse und Auswertung - 28.08.2008 (0)
  10. Fehler beim Runterfahren!
    Alles rund um Windows - 08.06.2008 (5)
  11. Computer startet beim runterfahren neu
    Alles rund um Windows - 02.12.2007 (1)
  12. explorer.exe problem beim runterfahren!
    Log-Analyse und Auswertung - 14.08.2007 (8)
  13. Probleme beim starten und runterfahren...
    Plagegeister aller Art und deren Bekämpfung - 23.05.2006 (15)
  14. Beim hochfahren und runterfahren fehler meldungen
    Log-Analyse und Auswertung - 31.03.2006 (8)
  15. Habe probleme beim runterfahren des PCs
    Plagegeister aller Art und deren Bekämpfung - 13.11.2004 (1)
  16. pv.exe und cmd.exe- Fehler beim Runterfahren
    Plagegeister aller Art und deren Bekämpfung - 26.09.2004 (7)
  17. Fehlermeldung beim runterfahren
    Alles rund um Mac OSX & Linux - 27.10.2002 (8)

Zum Thema Bluscreen beim runterfahren von Win7 - Hallo. Ich habe Eure Seite gefunden und habe nun eine Frage. Seit neustem hat mein Rechner mit Win 7 das Problem das er beim runterfahren kurzzeitig einen Bluescreen macht mit - Bluscreen beim runterfahren von Win7...
Archiv
Du betrachtest: Bluscreen beim runterfahren von Win7 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.