| Masi1711 | 23.11.2012 22:30 |
Trojaner oder Virus oder sonst was schädliches ?
Hallo an alle helfende user ich habe da ein "kleines" , "großes" problem
(Hilfe Fenster oder Firefox tab´s werden geöffnet)
In unregelmäßigen abständen werden die windows hilfe und support fester geöffnet oder alternativ firefox tabs ( letzte mal 320 stk. ) die sich dann zu tode laden.
Ich konnte noch keinen zusammenhang mit irgendwelchen programmen finden mal passiert es nach dem "energie sparmodus" aufwecken mal einfach so dann wieder paar tage nichts ( mit oder ohne internet verbindung immer unterschiedlich)
hier mal die logfiles von OTL
OTL EXTRAS Logfile: Code:
OTL logfile created on: 23.11.2012 22:04:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Masi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,90 Gb Total Physical Memory | 13,45 Gb Available Physical Memory | 84,56% Memory free
31,80 Gb Paging File | 29,46 Gb Available in Paging File | 92,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 9,75 Gb Free Space | 13,09% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 259,87 Gb Free Space | 37,20% Space Free | Partition Type: NTFS
Computer Name: MASI-01 | User Name: Masi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.11.23 21:56:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Masi\Desktop\OTL.exe
PRC - [2012.11.15 15:50:05 | 000,384,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.10.16 18:06:12 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.10.16 17:57:04 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.04.23 06:43:32 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.04.23 06:43:15 | 002,458,944 | R--- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.04.23 06:42:58 | 000,362,840 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.04.23 06:42:57 | 000,276,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.04.23 06:42:56 | 000,162,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2012.02.01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2012.02.01 16:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.12.19 19:16:44 | 001,014,096 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
========== Modules (No Company Name) ==========
MOD - [2012.11.16 10:45:08 | 000,489,472 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\8bb44e1dd221cada48308ce5f5d20561\IAStorUtil.ni.dll
MOD - [2012.11.16 10:45:08 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\0461c2bf4c5b235c0ca1d923c10d6849\IAStorCommon.ni.dll
MOD - [2012.11.15 17:25:31 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\413288993ff690e8251d2dbe32bee01f\System.Runtime.Remoting.ni.dll
MOD - [2012.11.15 17:25:16 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.15 17:25:12 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.15 17:25:04 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.15 17:25:00 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.11.15 17:24:58 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.15 17:24:58 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.15 17:24:54 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.04.23 06:43:15 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.07.14 18:58:10 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
========== Services (SafeList) ==========
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.11.23 21:23:26 | 000,115,168 | ---- | M] (Mozilla Foundation) [Disabled | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.11.15 15:50:06 | 000,561,952 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.11.08 19:51:50 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.16 18:06:12 | 000,084,256 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.10.16 17:57:04 | 000,108,320 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.10.10 02:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.09.29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.23 20:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.04.23 06:43:34 | 002,429,544 | R--- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.04.23 06:43:15 | 002,458,944 | R--- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.04.23 06:42:58 | 000,362,840 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.04.23 06:42:57 | 000,276,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.04.23 06:42:56 | 000,162,648 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2012.02.26 05:07:52 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV - [2012.02.26 05:07:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV - [2012.02.26 05:07:32 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV - [2012.02.26 05:07:26 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2012.02.22 15:07:28 | 000,492,032 | ---- | M] () [Disabled | Stopped] -- C:\Programme\Qualcomm Atheros\Killer Network Manager\BFNService.exe -- (Qualcomm Atheros Killer Service)
SRV - [2012.02.02 22:29:52 | 000,628,448 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2012.02.01 16:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012.01.17 16:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV - [2012.01.09 12:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV - [2011.12.19 19:16:50 | 001,104,208 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011.12.19 19:16:48 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011.12.19 19:16:44 | 001,014,096 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.11.15 15:50:18 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.11.15 15:50:18 | 000,098,888 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.11.08 20:47:39 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012.10.10 02:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.09.29 19:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.09.24 09:58:11 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012.04.23 06:43:34 | 000,340,072 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012.04.23 06:43:33 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012.04.23 06:43:32 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012.04.23 06:43:32 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012.04.23 06:43:30 | 000,143,144 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012.04.23 06:43:15 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.04.23 06:43:10 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.22 15:08:32 | 000,075,880 | ---- | M] (Bigfoot Networks, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bflwfx64.sys -- (BfLwf)
DRV:64bit: - [2012.02.22 15:08:30 | 000,159,848 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e22W7x64.sys -- (L1C)
DRV:64bit: - [2012.02.20 12:36:58 | 011,471,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Netwsw00.sys -- (NETwNs64)
DRV:64bit: - [2012.02.01 16:16:40 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012.01.09 12:32:40 | 000,195,584 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2011.12.14 14:26:56 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (ibtfltcoex)
DRV:64bit: - [2011.12.13 11:26:20 | 000,747,008 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011.12.13 11:26:18 | 000,094,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 05:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 01:37:44 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.03.24 16:40:02 | 000,113,792 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qcusbser.sys -- (qcusbser)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{F7315587-928E-455E-9F97-123A7366B32B}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=204c19c7-ab1f-4f3d-b736-07deb40e5859&apn_sauid=FC4AE1DC-EB12-4EAA-B988-CDB0AFF97601
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "google.de"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&locale=de_DE&apn_uid=204c19c7-ab1f-4f3d-b736-07deb40e5859&apn_ptnrs=%5EAGS&apn_sauid=FC4AE1DC-EB12-4EAA-B988-CDB0AFF97601&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@qq.com/TXSSO: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.11.23 21:23:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.11.08 19:07:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
[2012.11.08 19:04:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Masi\AppData\Roaming\mozilla\Extensions
[2012.11.08 19:04:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.11.23 21:23:26 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Programme\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000015 - C:\Windows\SysNative\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\SysWOW64\BfLLR.dll (Bigfoot Networks, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2BBE34B7-8F4D-492A-B51F-5D6243E3D20C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBF63013-3511-47EB-B2A0-96FA023EB23A}: DhcpNameServer = 192.168.43.1
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap11 - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.11.23 21:56:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Masi\Desktop\OTL.exe
[2012.11.23 21:27:22 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2012.11.23 13:25:00 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Malwarebytes
[2012.11.23 13:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.23 13:24:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.23 13:24:32 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.23 13:24:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.16 13:46:53 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.11.15 16:21:11 | 000,000,000 | ---D | C] -- C:\rsit
[2012.11.14 15:27:44 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\Adobe
[2012.11.14 15:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.11.14 15:24:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.11.13 23:03:47 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\ElevatedDiagnostics
[2012.11.13 23:03:44 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\Diagnostics
[2012.11.13 15:52:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.11.13 15:52:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.11.12 16:01:14 | 000,113,792 | ---- | C] (QUALCOMM Incorporated) -- C:\Windows\SysNative\drivers\qcusbser.sys
[2012.11.12 16:01:14 | 000,103,424 | ---- | C] (Thesycon GmbH) -- C:\Windows\SysWow64\MyDIT_GenClassCoInst.dll
[2012.11.12 16:01:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HSDPA USB Modem
[2012.11.12 16:01:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HSDPA USB Modem
[2012.11.12 15:48:52 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\vlc
[2012.11.11 09:47:56 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.11.11 09:37:30 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012.11.11 09:37:16 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012.11.11 09:35:37 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.11.10 10:24:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012.11.10 10:24:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.11.10 10:24:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.11.08 21:03:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2012.11.08 21:03:54 | 000,000,000 | ---D | C] -- C:\Program Files\TeamSpeak 3 Client
[2012.11.08 21:03:24 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\WinRAR
[2012.11.08 21:03:24 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.08 21:03:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.11.08 21:03:21 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2012.11.08 21:03:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.11.08 21:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.11.08 20:57:13 | 000,000,000 | ---D | C] -- C:\Users\Masi\Application Data
[2012.11.08 20:55:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
[2012.11.08 20:55:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2012.11.08 20:55:19 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2012.11.08 20:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.11.08 20:55:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2012.11.08 20:52:53 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tencent
[2012.11.08 20:52:43 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tencent Software
[2012.11.08 20:52:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Tencent
[2012.11.08 20:52:41 | 000,000,000 | ---D | C] -- C:\Users\Masi\Documents\Tencent Files
[2012.11.08 20:52:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tencent
[2012.11.08 20:52:27 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Tencent
[2012.11.08 20:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.11.08 20:47:39 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.11.08 20:47:37 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\DAEMON Tools Lite
[2012.11.08 20:47:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.11.08 20:46:35 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.11.08 20:33:52 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2012.11.08 19:51:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2012.11.08 19:51:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2012.11.08 19:51:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2012.11.08 19:22:22 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Macromedia
[2012.11.08 19:22:22 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\Macromedia
[2012.11.08 19:22:22 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Adobe
[2012.11.08 19:22:10 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.11.08 19:22:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.11.08 19:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.11.08 19:15:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.11.08 19:15:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.11.08 19:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.11.08 19:11:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.11.08 19:07:55 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Thunderbird
[2012.11.08 19:07:55 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\Thunderbird
[2012.11.08 19:07:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2012.11.08 19:04:49 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Mozilla
[2012.11.08 19:04:49 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\Mozilla
[2012.11.08 19:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.11.08 19:04:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.08 19:04:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.11.08 19:00:36 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Avira
[2012.11.08 18:58:39 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\DoNotTrackPlus
[2012.11.08 18:55:42 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\AskToolbar
[2012.11.08 18:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ask.com
[2012.11.08 18:55:31 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.11.08 18:55:31 | 000,098,888 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.11.08 18:55:31 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.11.08 18:55:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.11.08 18:55:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.11.08 18:33:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dolby Home Theater v4
[2012.11.08 18:33:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
[2012.11.08 18:31:47 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\WLANProfiles
[2012.11.08 18:31:38 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Intel
[2012.11.08 18:31:32 | 000,000,000 | ---D | C] -- C:\Users\Masi\Roaming
[2012.11.08 18:31:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Roaming
[2012.11.08 18:30:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
[2012.11.08 18:30:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cisco
[2012.11.08 18:30:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel.sav
[2012.11.08 18:28:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\sda
[2012.11.08 18:27:34 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012.11.08 18:27:33 | 005,018,408 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\ETDUI.cpl
[2012.11.08 18:27:33 | 000,143,144 | ---- | C] (ELAN Microelectronics Corp.) -- C:\Windows\SysNative\drivers\ETD.sys
[2012.11.08 18:27:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2012.11.08 18:26:31 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Intel Corporation
[2012.11.08 18:24:01 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2012.11.08 18:24:01 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2012.11.08 18:23:04 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012.11.08 18:23:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012.11.08 18:22:56 | 002,604,376 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012.11.08 18:22:56 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012.11.08 18:22:56 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012.11.08 18:22:56 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012.11.08 18:22:56 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012.11.08 18:22:55 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2012.11.08 18:22:55 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2012.11.08 18:22:55 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2012.11.08 18:22:55 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012.11.08 18:22:52 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012.11.08 18:22:52 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012.11.08 18:22:52 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012.11.08 18:22:52 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012.11.08 18:22:52 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012.11.08 18:22:52 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012.11.08 18:22:49 | 003,308,376 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2012.11.08 18:22:49 | 000,702,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek2.dll
[2012.11.08 18:22:49 | 000,426,328 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2012.11.08 18:22:49 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2012.11.08 18:22:49 | 000,136,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2012.11.08 18:22:49 | 000,118,104 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2012.11.08 18:22:49 | 000,074,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2012.11.08 18:22:48 | 003,768,152 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2012.11.08 18:22:48 | 002,132,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012.11.08 18:22:48 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2012.11.08 18:22:48 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2012.11.08 18:22:48 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012.11.08 18:22:45 | 002,528,832 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012.11.08 18:22:45 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012.11.08 18:22:45 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2012.11.08 18:22:45 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012.11.08 18:22:45 | 000,527,872 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2012.11.08 18:22:45 | 000,515,584 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2012.11.08 18:22:45 | 000,439,808 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2012.11.08 18:22:44 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012.11.08 18:22:44 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012.11.08 18:22:44 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012.11.08 18:22:44 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012.11.08 18:22:44 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012.11.08 18:22:44 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012.11.08 18:22:44 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012.11.08 18:22:44 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012.11.08 18:22:44 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2012.11.08 18:22:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012.11.08 18:22:37 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2012.11.08 18:22:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012.11.08 18:21:55 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012.11.08 18:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012.11.08 18:21:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012.11.08 18:20:39 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012.11.08 18:20:01 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012.11.08 18:19:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012.11.08 18:19:45 | 000,056,832 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.11.08 18:19:45 | 000,056,320 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012.11.08 18:18:04 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012.11.08 18:17:43 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\InstallShield
[2012.11.08 18:16:51 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012.11.08 18:15:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012.11.08 18:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012.11.08 18:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2012.11.08 18:15:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012.11.08 18:15:24 | 000,000,000 | ---D | C] -- C:\Intel
[2012.11.08 18:14:48 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.11.08 18:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
[2012.11.08 18:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Bigfoot Networks
[2012.11.08 18:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\Qualcomm Atheros
[2012.11.08 18:14:17 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.11.08 18:11:45 | 000,000,000 | R--D | C] -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.11.08 18:11:45 | 000,000,000 | R--D | C] -- C:\Users\Masi\Searches
[2012.11.08 18:11:45 | 000,000,000 | R--D | C] -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.11.08 18:11:39 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Identities
[2012.11.08 18:11:38 | 000,000,000 | R--D | C] -- C:\Users\Masi\Contacts
[2012.11.08 18:11:37 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\VirtualStore
[2012.11.08 18:11:33 | 000,000,000 | --SD | C] -- C:\Users\Masi\AppData\Roaming\Microsoft
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Videos
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Saved Games
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Pictures
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Music
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Links
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Favorites
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Downloads
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Documents
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\Desktop
[2012.11.08 18:11:33 | 000,000,000 | R--D | C] -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Vorlagen
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\AppData\Local\Verlauf
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\AppData\Local\Temporary Internet Files
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Startmenü
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\SendTo
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Recent
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Netzwerkumgebung
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Lokale Einstellungen
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Documents\Eigene Videos
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Documents\Eigene Musik
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Eigene Dateien
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Documents\Eigene Bilder
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Druckumgebung
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Cookies
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\AppData\Local\Anwendungsdaten
[2012.11.08 18:11:33 | 000,000,000 | -HSD | C] -- C:\Users\Masi\Anwendungsdaten
[2012.11.08 18:11:33 | 000,000,000 | -H-D | C] -- C:\Users\Masi\AppData
[2012.11.08 18:11:33 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\Temp
[2012.11.08 18:11:33 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Local\Microsoft
[2012.11.08 18:11:33 | 000,000,000 | ---D | C] -- C:\Users\Masi\AppData\Roaming\Media Center Programs
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2012.11.08 18:09:33 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.11.08 18:09:30 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.11.08 18:06:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.11.08 18:06:46 | 000,000,000 | ---D | C] -- C:\Windows\CSC
========== Files - Modified Within 30 Days ==========
[2012.11.23 22:02:39 | 000,000,168 | ---- | M] () -- C:\Users\Masi\defogger_reenable
[2012.11.23 21:56:36 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Masi\Desktop\OTL.exe
[2012.11.23 21:56:23 | 000,050,477 | ---- | M] () -- C:\Users\Masi\Desktop\Defogger.exe
[2012.11.23 21:40:05 | 000,010,410 | ---- | M] () -- C:\Users\Masi\Documents\hijackthis2
[2012.11.23 21:19:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.23 13:24:33 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.23 13:14:56 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.23 13:14:56 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.23 13:14:56 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.23 13:14:56 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.23 13:14:56 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.23 13:13:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.23 13:13:51 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.23 13:08:42 | 4213,768,190 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.15 17:17:57 | 000,287,600 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.15 16:17:17 | 000,880,274 | ---- | M] () -- C:\Users\Masi\AppData\Local\census.cache
[2012.11.15 16:17:10 | 000,100,253 | ---- | M] () -- C:\Users\Masi\AppData\Local\ars.cache
[2012.11.15 16:11:48 | 000,000,036 | ---- | M] () -- C:\Users\Masi\AppData\Local\housecall.guid.cache
[2012.11.15 15:50:18 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.11.15 15:50:18 | 000,098,888 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.11.14 15:24:55 | 000,002,019 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.11.13 17:16:29 | 000,000,222 | ---- | M] () -- C:\Users\Masi\Desktop\Call of Duty Black Ops II.url
[2012.11.13 17:16:29 | 000,000,222 | ---- | M] () -- C:\Users\Masi\Desktop\Call of Duty Black Ops II - Zombies.url
[2012.11.13 17:16:29 | 000,000,222 | ---- | M] () -- C:\Users\Masi\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2012.11.13 15:52:22 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.12 16:01:14 | 000,001,065 | ---- | M] () -- C:\Users\Masi\Desktop\USB Modem.lnk
[2012.11.09 14:37:50 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.11.09 14:37:50 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.11.08 21:03:55 | 000,000,967 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.11.08 21:03:07 | 000,000,871 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.11.08 20:57:00 | 000,002,703 | ---- | M] () -- C:\Users\Masi\Desktop\Microsoft Office Word 2003.lnk
[2012.11.08 20:56:55 | 000,002,735 | ---- | M] () -- C:\Users\Masi\Desktop\Microsoft Office Excel 2003.lnk
[2012.11.08 20:55:34 | 000,000,400 | ---- | M] () -- C:\Windows\ODBC.INI
[2012.11.08 20:52:44 | 000,002,243 | ---- | M] () -- C:\Users\Masi\Desktop\Tencent QQ.lnk
[2012.11.08 20:52:26 | 000,018,760 | ---- | M] () -- C:\Windows\SysWow64\QQVistaHelper.dll
[2012.11.08 20:51:29 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.08 20:48:02 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.08 20:47:39 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.11.08 20:33:52 | 000,000,221 | ---- | M] () -- C:\Users\Masi\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2012.11.08 19:04:46 | 000,001,151 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.08 18:35:18 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.11.08 18:35:16 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.11.08 18:32:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2012.11.08 18:28:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.11.08 18:24:22 | 000,019,580 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012.11.08 18:14:46 | 000,002,238 | ---- | M] () -- C:\Users\Public\Desktop\Qualcomm Atheros Killer Network Manager.lnk
[2012.11.08 18:07:32 | 000,057,050 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.11.08 18:07:32 | 000,057,050 | ---- | M] () -- C:\Windows\SysNative\license.rtf
========== Files Created - No Company Name ==========
[2012.11.23 22:02:39 | 000,000,168 | ---- | C] () -- C:\Users\Masi\defogger_reenable
[2012.11.23 21:56:22 | 000,050,477 | ---- | C] () -- C:\Users\Masi\Desktop\Defogger.exe
[2012.11.23 21:40:05 | 000,010,410 | ---- | C] () -- C:\Users\Masi\Documents\hijackthis2
[2012.11.23 13:24:33 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.15 16:54:02 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.15 16:46:22 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.15 16:17:17 | 000,880,274 | ---- | C] () -- C:\Users\Masi\AppData\Local\census.cache
[2012.11.15 16:17:10 | 000,100,253 | ---- | C] () -- C:\Users\Masi\AppData\Local\ars.cache
[2012.11.15 16:11:48 | 000,000,036 | ---- | C] () -- C:\Users\Masi\AppData\Local\housecall.guid.cache
[2012.11.14 15:24:54 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.11.14 15:24:54 | 000,002,019 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.11.13 17:16:29 | 000,000,222 | ---- | C] () -- C:\Users\Masi\Desktop\Call of Duty Black Ops II.url
[2012.11.13 17:16:29 | 000,000,222 | ---- | C] () -- C:\Users\Masi\Desktop\Call of Duty Black Ops II - Zombies.url
[2012.11.13 17:16:29 | 000,000,222 | ---- | C] () -- C:\Users\Masi\Desktop\Call of Duty Black Ops II - Multiplayer.url
[2012.11.13 15:52:22 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.11.12 16:01:14 | 000,001,065 | ---- | C] () -- C:\Users\Masi\Desktop\USB Modem.lnk
[2012.11.11 09:37:38 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012.11.11 09:37:30 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012.11.11 09:37:20 | 000,095,744 | ---- | C] () -- C:\Windows\SysNative\RDVGHelper.exe
[2012.11.11 09:37:18 | 000,146,389 | ---- | C] () -- C:\Windows\SysWow64\printmanagement.msc
[2012.11.11 09:37:18 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012.11.11 09:37:17 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012.11.11 09:37:17 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012.11.09 14:37:50 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.11.09 14:37:50 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.11.08 21:03:55 | 000,000,967 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2012.11.08 21:03:07 | 000,000,871 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.11.08 20:57:00 | 000,002,703 | ---- | C] () -- C:\Users\Masi\Desktop\Microsoft Office Word 2003.lnk
[2012.11.08 20:56:55 | 000,002,735 | ---- | C] () -- C:\Users\Masi\Desktop\Microsoft Office Excel 2003.lnk
[2012.11.08 20:55:34 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.11.08 20:52:44 | 000,002,243 | ---- | C] () -- C:\Users\Masi\Desktop\Tencent QQ.lnk
[2012.11.08 20:52:26 | 000,018,760 | ---- | C] () -- C:\Windows\SysWow64\QQVistaHelper.dll
[2012.11.08 20:51:29 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.11.08 20:48:02 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.08 20:33:52 | 000,000,221 | ---- | C] () -- C:\Users\Masi\Desktop\Call of Duty Modern Warfare 3 - Multiplayer.url
[2012.11.08 19:07:52 | 000,002,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2012.11.08 19:04:46 | 000,001,163 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.08 19:04:46 | 000,001,151 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.08 18:35:18 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btmaux_01009.Wdf
[2012.11.08 18:35:16 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iBtFltCoex_01009.Wdf
[2012.11.08 18:32:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_AMPPAL_01009.Wdf
[2012.11.08 18:28:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2012.11.08 18:24:22 | 000,019,580 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012.11.08 18:22:52 | 000,202,904 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2012.11.08 18:21:51 | 002,487,744 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2012.11.08 18:21:39 | 000,011,770 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012.11.08 18:19:45 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2012.11.08 18:19:45 | 000,735,796 | ---- | C] () -- C:\Windows\SysWow64\igkrng700.bin
[2012.11.08 18:19:45 | 000,735,796 | ---- | C] () -- C:\Windows\SysNative\igkrng700.bin
[2012.11.08 18:19:45 | 000,561,508 | ---- | C] () -- C:\Windows\SysWow64\igfcg700m.bin
[2012.11.08 18:19:45 | 000,561,508 | ---- | C] () -- C:\Windows\SysNative\igfcg700m.bin
[2012.11.08 18:19:45 | 000,094,208 | ---- | C] () -- C:\Windows\SysNative\IccLibDll_x64.dll
[2012.11.08 18:19:45 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2012.11.08 18:19:45 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2012.11.08 18:19:45 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2012.11.08 18:19:45 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2012.11.08 18:19:45 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2012.11.08 18:19:45 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2012.11.08 18:15:57 | 000,015,128 | R--- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2012.11.08 18:14:46 | 000,002,238 | ---- | C] () -- C:\Users\Public\Desktop\Qualcomm Atheros Killer Network Manager.lnk
[2012.11.08 18:11:48 | 000,001,409 | ---- | C] () -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.11.08 18:11:46 | 000,001,443 | ---- | C] () -- C:\Users\Masi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.11.08 18:06:42 | 4213,768,190 | -HS- | C] () -- C:\hiberfil.sys
[2012.10.10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.10.10 02:22:32 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.10.10 02:22:16 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.13 15:54:26 | 000,000,000 | ---D | M] -- C:\Users\Masi\AppData\Roaming\DAEMON Tools Lite
[2012.11.08 20:52:42 | 000,000,000 | ---D | M] -- C:\Users\Masi\AppData\Roaming\Tencent
[2012.11.08 19:07:55 | 000,000,000 | ---D | M] -- C:\Users\Masi\AppData\Roaming\Thunderbird
========== Purity Check ==========
< End of report >
--- --- ---
und hier die Extra file
OTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 23.11.2012 22:04:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Masi\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
15,90 Gb Total Physical Memory | 13,45 Gb Available Physical Memory | 84,56% Memory free
31,80 Gb Paging File | 29,46 Gb Available in Paging File | 92,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,43 Gb Total Space | 9,75 Gb Free Space | 13,09% Space Free | Partition Type: NTFS
Drive D: | 698,63 Gb Total Space | 259,87 Gb Free Space | 37,20% Space Free | Partition Type: NTFS
Computer Name: MASI-01 | User Name: Masi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{024A6E9B-D9D3-4673-B290-605FE386E205}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{07EECE55-5FBC-4EF9-A6D9-E44FBE1576F4}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{0C4219F5-7279-4550-8C0B-CD85AD55B8A5}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqintl\bin\auclt.exe |
"{0FFB0488-7256-4B11-92BF-889B95E00F9C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{121A1439-5F67-4B54-9487-4E538DABFBD8}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{1BA27DDA-5FED-4A79-BE93-B6746F9E7819}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{1E93798B-814D-4660-95CC-BD9342404FD5}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqintl\bin\auclt.exe |
"{1EFB82AA-0D85-4CA4-BAC7-611C372FA9B1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{48A50637-1ECB-4077-9464-6DE5503F1C0A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{4A95A141-CE55-4F54-8A31-408A3DE6191F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
"{52B735D4-67B6-4C03-8ED3-E3D80A543C69}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqintl\bin\txupd.exe |
"{77395009-B7F1-46A1-9444-AE03C7A1459C}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{7B6B58B0-4C64-40A1-8BBB-E058095B1563}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqintl\bin\txupd.exe |
"{7B8D5F47-97CD-49C8-BA5D-8EF91289C57B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{84F14710-98B9-443D-8C31-4451737F1ACE}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6mp.exe |
"{9355AA0F-FDA9-4675-A1BF-5FF4EC2E8142}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{AB88809F-B4EF-46B0-98D4-1BF00ED7CF70}" = protocol=6 | dir=in | app=c:\program files (x86)\tencent\qqintl\bin\qq.exe |
"{BFD0D70A-0AD8-4E1C-AA09-1301391CA9D9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{CBB29B15-7F62-4E49-8FA4-FCAD494EE2AB}" = protocol=17 | dir=in | app=c:\program files (x86)\tencent\qqintl\bin\qq.exe |
"{DD33E6AF-C95C-4577-AF49-088282AB5166}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6zm.exe |
"{E29B251E-F733-40B7-A6E7-454B9D5749BD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{E2E1DFC1-119E-45B9-A70E-566785427D91}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty black ops ii\t6sp.exe |
"{E61D8955-27AF-438E-9335-3CE2CC97B691}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\call of duty modern warfare 3\iw5mp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{37EC048A-81A2-452A-8D1F-3BE2018E767D}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 295.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.7.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"{E97F409F-9E1C-42A0-B72D-765A78DF3696}" = Intel® PROSet/Wireless WiFi-Software
"{F0932859-AA60-459E-B843-0BDECA34E2C7}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 8.0.5.7_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"ProInst" = Intel PROSet Wireless
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{3CA54984-A14B-42FE-9FF1-7EA90151D725}" = Tencent QQ
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"DAEMON Tools Lite" = DAEMON Tools Lite
"HSDPA USB Modem Normal Version_is1" = HSDPA USB Modem version 4.752
"InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}" = Qualcomm Atheros Killer Network Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Mozilla Firefox 17.0 (x86 de)" = Mozilla Firefox 17.0 (x86 de)
"Mozilla Thunderbird 16.0.2 (x86 de)" = Mozilla Thunderbird 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Steam App 202970" = Call of Duty: Black Ops II
"Steam App 202990" = Call of Duty: Black Ops II - Multiplayer
"Steam App 212910" = Call of Duty: Black Ops II - Zombies
"Steam App 42690" = Call of Duty: Modern Warfare 3 - Multiplayer
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 11.11.2012 04:51:22 | Computer Name = Masi-01 | Source = ESENT | ID = 215
Description = WinMail (3920) WindowsMail0: Die Sicherung wurde abgebrochen, weil
sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen
wurde.
Error - 11.11.2012 04:51:25 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 12.11.2012 10:50:38 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 13.11.2012 10:01:41 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 13.11.2012 10:04:00 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 13.11.2012 10:19:22 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 14.11.2012 10:25:05 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 15.11.2012 11:24:36 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.11.2012 08:48:10 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 16.11.2012 08:48:27 | Computer Name = Masi-01 | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files
(x86)\Tencent\QQIntl\Bin\QQ.exe". Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.4053""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 18.11.2012 16:42:39 | Computer Name = Masi-01 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Bluetooth OBEX Service" ist vom Dienst "Bluetooth-Unterstützungsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 19.11.2012 23:42:04 | Computer Name = Masi-01 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Bluetooth OBEX Service" ist vom Dienst "Bluetooth-Unterstützungsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 19.11.2012 23:43:23 | Computer Name = Masi-01 | Source = DCOM | ID = 10005
Description =
Error - 19.11.2012 23:43:23 | Computer Name = Masi-01 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Bluetooth OBEX Service" ist vom Dienst "Bluetooth-Unterstützungsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 20.11.2012 10:22:58 | Computer Name = Masi-01 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Bluetooth OBEX Service" ist vom Dienst "Bluetooth-Unterstützungsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 20.11.2012 10:25:50 | Computer Name = Masi-01 | Source = DCOM | ID = 10005
Description =
Error - 20.11.2012 10:25:50 | Computer Name = Masi-01 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Bluetooth OBEX Service" ist vom Dienst "Bluetooth-Unterstützungsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 21.11.2012 09:11:29 | Computer Name = Masi-01 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Bluetooth OBEX Service" ist vom Dienst "Bluetooth-Unterstützungsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
Error - 21.11.2012 09:11:49 | Computer Name = Masi-01 | Source = DCOM | ID = 10005
Description =
Error - 21.11.2012 09:11:49 | Computer Name = Masi-01 | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Bluetooth OBEX Service" ist vom Dienst "Bluetooth-Unterstützungsdienst"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058
< End of report >
--- --- --- |
AdwCleaner auf deinen Desktop.
