Trojaner-Board
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Avira meldet Fund von Trojaner 'TR/Crypt.XPACK.Gen', 'JAVA/Lamar.ltg.35' und 5 weitere Warnungen (https://www.trojaner-board.de/135672-avira-meldet-fund-trojaner-tr-crypt-xpack-gen-java-lamar-ltg-35-5-warnungen.html)

Sili2000 05.06.2013 12:51
So, habe jetzt mit OTL einen neuen Scan gemacht (Alter der Files auf 360 Tage erhöht). Folgendes Log hat OTL ausgespuckt:

Code:
OTL logfile created on: 05.06.2013 11:38:20 - Run 3
OTL by OldTimer - Version 3.2.69.0    Folder = D:\Benutzer\Silvan\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6002.18005)
Locale: 00000807 | Country: Schweiz | Language: DES | Date Format: dd.MM.yyyy
 
3.50 Gb Total Physical Memory | 2.41 Gb Available Physical Memory | 68.81% Memory free
7.22 Gb Paging File | 6.18 Gb Available in Paging File | 85.58% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 40.04 Gb Total Space | 6.60 Gb Free Space | 16.48% Space Free | Partition Type: NTFS
Drive D: | 257.91 Gb Total Space | 204.74 Gb Free Space | 79.38% Space Free | Partition Type: NTFS
 
Computer Name: SILVAN-LAPTOP | User Name: Silvan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 360 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.05.27 22:10:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Benutzer\Silvan\Desktop\OTL.exe
PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.05.07 15:01:27 | 000,345,312 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.04.01 23:01:02 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2013.04.01 23:00:47 | 000,079,584 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2013.04.01 23:00:44 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.08.05 13:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Programme\Zune\ZuneLauncher.exe
PRC - [2009.12.10 19:40:08 | 000,128,296 | R--- | M] (Swisscom) -- C:\Programme\Swisscom\Unlimited Data Manager\DashBoardS.exe
PRC - [2009.11.16 12:41:02 | 001,414,440 | ---- | M] (Swisscom) -- C:\Programme\Swisscom\Sesam\BIN\SecMIPService.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.09.01 14:41:26 | 000,668,960 | ---- | M] () -- C:\Programme\uniFLOW_Client\momclnt.exe
PRC - [2008.02.28 02:01:20 | 000,221,239 | ---- | M] (IDT, Inc.) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\stacsv.exe
PRC - [2008.02.28 01:58:34 | 000,442,433 | ---- | M] (IDT, Inc.) -- C:\Programme\IDT\WDM\sttray.exe
PRC - [2008.02.13 10:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\AEstSrv.exe
PRC - [2008.02.08 16:18:16 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Programme\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 04:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007.10.11 23:49:14 | 000,163,840 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\Apoint.exe
PRC - [2007.06.06 17:44:44 | 000,049,152 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApntEx.exe
PRC - [2007.05.22 15:18:56 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\ApMsgFwd.exe
PRC - [2006.09.08 16:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Programme\DellTPad\hidfind.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.06.04 10:21:19 | 011,800,576 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\27b0a88bfa56a9390f516b0fa55f3dcb\System.Web.ni.dll
MOD - [2013.06.04 10:21:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e515919524c6be56f55ad12fbdd23c19\System.Runtime.Remoting.ni.dll
MOD - [2013.06.04 10:18:21 | 012,430,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\b0be4ac8da47fbf783dabd1505e6c55e\System.Windows.Forms.ni.dll
MOD - [2013.06.04 10:17:49 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\07e39e61fd6133a92333a2c98f2ffeb7\System.Drawing.ni.dll
MOD - [2013.06.04 10:17:31 | 005,450,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\49431ce6d568de0bafdb1b25d3942723\System.Xml.ni.dll
MOD - [2013.06.04 10:16:09 | 007,868,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\34942db56010e4225825bfae8a27559f\System.ni.dll
MOD - [2013.06.04 10:14:31 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\3aac7b97549d4ccf0c7dca3d1777f9b4\mscorlib.ni.dll
MOD - [2011.12.21 00:14:49 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2977.39064__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:49 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2977.39118__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2011.12.21 00:14:49 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2977.39097__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2011.12.21 00:14:49 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2977.39084__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:48 | 001,679,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2977.39104__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2011.12.21 00:14:48 | 000,483,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2977.39334__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2011.12.21 00:14:48 | 000,135,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2977.39340__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:48 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2977.39300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:48 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2977.39076__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:48 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2977.39263__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:48 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2977.39217__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:47 | 000,352,256 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2977.39271__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:47 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2977.39332__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:47 | 000,090,112 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2977.39277__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2011.12.21 00:14:47 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2977.39270__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:47 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2977.39331__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:46 | 000,802,816 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2977.39227__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:46 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2977.39292__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2011.12.21 00:14:46 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2977.39226__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:45 | 000,585,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2977.39131__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:45 | 000,479,232 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2977.39219__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:45 | 000,442,368 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2977.39211__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:45 | 000,438,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2977.39085__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:45 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2977.39256__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:45 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2977.39138__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2011.12.21 00:14:45 | 000,217,088 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2977.39124__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:45 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2977.39244__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2011.12.21 00:14:45 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2977.39218__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2977.39137__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:45 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2977.39226__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:45 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2977.39243__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:45 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2977.39255__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2011.12.21 00:14:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2011.12.21 00:14:45 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2939.23679__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2011.12.21 00:14:45 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2939.23710__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2011.12.21 00:14:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2939.23767__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2011.12.21 00:14:44 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2939.23768__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2011.12.21 00:14:44 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2011.12.21 00:14:43 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2939.23668__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2011.12.21 00:14:43 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2939.23689__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2011.12.21 00:14:43 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2011.12.21 00:14:43 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2939.23662__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2011.12.21 00:14:43 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2939.23802__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2011.12.21 00:14:43 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2939.23667__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2011.12.21 00:14:43 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2939.23717__90ba9c70f846762e\DEM.OS.I0602.dll
MOD - [2011.12.21 00:14:43 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2939.23693__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2011.12.21 00:14:43 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2939.23687__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2011.12.21 00:14:43 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2939.23679__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2939.23707__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2939.23717__90ba9c70f846762e\DEM.OS.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2939.23718__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2939.23688__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2939.23734__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2011.12.21 00:14:43 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2939.23718__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2011.12.21 00:14:42 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2939.23743__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2011.12.21 00:14:42 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2939.23764__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2011.12.21 00:14:42 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2939.23763__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2965.22300__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2939.23739__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2939.23740__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2939.23738__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2939.23742__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2939.23708__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2939.23735__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2939.23741__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2939.23711__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2939.23665__90ba9c70f846762e\AEM.Foundation.dll
MOD - [2011.12.21 00:14:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2939.23719__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2011.12.21 00:14:41 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2939.23709__90ba9c70f846762e\APM.Foundation.dll
MOD - [2011.12.21 00:14:41 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2939.23687__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2011.12.21 00:14:40 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
MOD - [2011.12.21 00:14:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2977.39353__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2011.12.21 00:14:39 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2939.23677__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
MOD - [2011.12.21 00:14:39 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2977.39056__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2011.12.21 00:14:38 | 001,507,328 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2977.39071__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2011.12.21 00:14:38 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2977.39091__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2011.12.21 00:14:38 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2977.39324__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2011.12.21 00:14:38 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2977.39056__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2011.12.21 00:14:38 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2977.39057__90ba9c70f846762e\ATIDEMOS.dll
MOD - [2011.12.21 00:14:38 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2977.39322__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2011.12.21 00:14:38 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2939.23713__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2011.12.21 00:14:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2939.23678__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2011.12.21 00:14:38 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2939.23689__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2011.12.21 00:14:38 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2939.23679__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2011.12.21 00:14:38 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2977.39323__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2011.12.21 00:14:38 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2939.23694__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2011.12.21 00:14:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2939.23712__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2011.12.21 00:14:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2939.23711__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2011.12.21 00:14:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2939.23746__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2011.12.21 00:14:37 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2977.39055__90ba9c70f846762e\APM.Server.dll
MOD - [2011.12.21 00:14:37 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2977.39055__90ba9c70f846762e\AEM.Server.dll
MOD - [2011.12.21 00:14:37 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2009.03.30 06:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 06:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 06:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2008.09.01 14:41:26 | 000,668,960 | ---- | M] () -- C:\Programme\uniFLOW_Client\momclnt.exe
MOD - [2008.03.12 18:34:50 | 000,055,808 | ---- | M] () -- C:\Windows\System32\bcmwlrmt.dll
MOD - [2008.02.25 23:10:12 | 000,159,744 | ---- | M] () -- C:\Windows\System32\atitmmxx.dll
MOD - [2008.02.08 15:44:32 | 000,126,976 | ---- | M] () -- C:\Programme\WIDCOMM\Bluetooth Software\BTKeyInd.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.04.01 23:01:02 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.04.01 23:00:44 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.08.05 13:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011.08.05 13:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011.08.05 13:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009.12.10 19:40:08 | 000,128,296 | R--- | M] (Swisscom) [Auto | Running] -- C:\Programme\Swisscom\Unlimited Data Manager\DashBoardS.exe -- (UDM Service)
SRV - [2009.11.16 12:41:02 | 001,414,440 | ---- | M] (Swisscom) [Auto | Running] -- C:\Programme\Swisscom\Sesam\BIN\SecMIPService.exe -- (SesamService)
SRV - [2008.02.28 02:01:20 | 000,221,239 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\stacsv.exe -- (STacSV)
SRV - [2008.02.13 10:05:54 | 000,073,728 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_c204e27d\AEstSrv.exe -- (AESTFilters)
SRV - [2008.01.21 04:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006.10.26 20:49:34 | 000,441,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE -- (odserv)
SRV - [2006.10.26 15:03:08 | 000,145,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\frmupgr.sys -- (DFUBTUSB)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Silvan\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013.04.01 23:01:07 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2013.04.01 23:01:07 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2013.04.01 23:01:07 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2013.03.26 21:37:15 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.12.10 18:06:28 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.12.10 18:06:28 | 000,103,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.12.10 18:06:28 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.07.20 16:32:06 | 000,286,760 | ---- | M] (Swisscom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wtsmpflt.sys -- (WtSmpFlt)
DRV - [2009.07.20 16:32:06 | 000,039,720 | ---- | M] (Swisscom) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wtsmpadap.sys -- (wtsmpadap)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2008.03.12 18:34:48 | 000,018,424 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\bcm42rly.sys -- (BCM42RLY)
DRV - [2008.02.28 02:06:32 | 000,374,784 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\stwrt.sys -- (STHDA)
DRV - [2008.02.26 01:53:22 | 003,520,512 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.02.16 02:00:00 | 000,277,624 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Vid.sys -- (OA001Vid)
DRV - [2008.02.15 19:01:18 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.01.31 16:37:04 | 000,149,208 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\OA001Ufd.sys -- (OA001Ufd)
DRV - [2008.01.29 21:08:46 | 000,203,264 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\k57nd60x.sys -- (k57nd60x)
DRV - [2007.12.12 19:01:30 | 000,164,400 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007.07.30 12:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 11:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.16 23:29:33 | 000,017,432 | ---- | M] (Hewlett Packard) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hpfxbulk.sys -- (HPFXBULK)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "www.google.ch"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{E4D8AFFF-DA7C-412F-A976-05ED142C7806}: C:\Program Files\Swisscom\Unlimited Data Manager\FireFox_Remote\ [2012.06.30 15:22:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.01.02 21:16:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silvan\AppData\Roaming\mozilla\Extensions
[2012.12.24 10:52:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Silvan\AppData\Roaming\mozilla\Firefox\Profiles\m70kb871.default\extensions
[2013.05.29 11:20:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions
[2013.05.29 11:20:10 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2013.05.28 09:40:22 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [MOMCLIENT] C:\Programme\uniFLOW_Client\momclnt.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Programme\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{93D1DB22-F6A3-43C1-98F9-C218A236305B}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Silvan\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Silvan\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 360 Days ==========
 
[2013.06.04 10:03:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\eu-ES
[2013.06.04 10:03:52 | 000,000,000 | ---D | C] -- C:\Windows\System32\ca-ES
[2013.06.04 10:03:50 | 000,000,000 | ---D | C] -- C:\Windows\System32\vi-VN
[2013.05.29 16:11:15 | 000,760,723 | ---- | C] (Farbar) -- D:\Benutzer\Silvan\Desktop\MiniToolBox.exe
[2013.05.29 11:24:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2013.05.29 11:23:38 | 000,866,720 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.05.29 11:23:38 | 000,263,584 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.05.29 11:23:27 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.05.29 11:23:27 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.05.29 11:23:27 | 000,094,112 | ---- | C] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.05.29 11:23:06 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.05.29 11:20:11 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2013.05.29 11:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.05.28 16:41:15 | 002,347,384 | ---- | C] (ESET) -- D:\Benutzer\Silvan\Desktop\esetsmartinstaller_enu.exe
[2013.05.28 10:57:57 | 000,354,297 | ---- | C] (Farbar) -- D:\Benutzer\Silvan\Desktop\FSS.exe
[2013.05.28 10:42:41 | 000,000,000 | ---D | C] -- C:\FRST
[2013.05.28 10:32:38 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.05.28 10:32:16 | 000,000,000 | ---D | C] -- C:\JRT
[2013.05.28 10:20:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Local
[2013.05.28 10:10:42 | 000,545,954 | ---- | C] (Oleg N. Scherbakov) -- D:\Benutzer\Silvan\Desktop\JRT.exe
[2013.05.28 10:08:01 | 001,355,295 | ---- | C] (Farbar) -- D:\Benutzer\Silvan\Desktop\FRST.exe
[2013.05.28 10:04:12 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- D:\Benutzer\Silvan\Desktop\tdsskiller.exe
[2013.05.28 09:42:45 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.05.28 09:42:42 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.05.28 09:31:24 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.05.28 09:31:24 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.05.28 09:31:24 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.05.28 09:31:18 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.05.28 09:29:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.05.28 09:28:57 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.05.28 09:27:50 | 005,073,708 | R--- | C] (Swearware) -- D:\Benutzer\Silvan\Desktop\ComboFix.exe
[2013.05.27 22:10:47 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Benutzer\Silvan\Desktop\OTL.exe
[2013.05.24 13:19:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2013.05.15 17:12:04 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Terzi-Schmid%20Ursula
[2013.05.13 15:54:10 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Local\Macromedia
[2013.04.08 17:35:17 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Documents\LehrerOffice
[2013.04.08 17:34:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LehrerOffice
[2013.04.08 17:33:48 | 000,000,000 | ---D | C] -- C:\ProgramData\LehrerOffice
[2013.04.08 17:33:48 | 000,000,000 | ---D | C] -- C:\Program Files\LehrerOffice
[2013.04.01 14:47:22 | 000,000,000 | ---D | C] -- C:\found.001
[2013.03.26 22:32:38 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Roaming\Avira
[2013.03.26 22:27:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.03.26 22:26:48 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.03.26 22:26:47 | 000,135,136 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.03.26 22:26:47 | 000,084,744 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.03.26 22:26:47 | 000,037,352 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.03.26 22:26:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.03.26 22:26:37 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.03.26 11:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2013.03.21 23:04:27 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Roaming\Mp3tag
[2013.03.21 23:03:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
[2013.03.21 23:02:20 | 000,000,000 | ---D | C] -- C:\Program Files\Mp3tag
[2013.03.21 15:30:11 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Roaming\U3
[2013.02.07 10:52:30 | 000,000,000 | ---D | C] -- C:\Program Files\On s'entraîne 6
[2013.01.30 14:32:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.01.30 14:30:47 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft
[2013.01.30 14:30:47 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft
[2013.01.30 09:22:23 | 000,000,000 | ---D | C] -- C:\found.000
[2013.01.16 22:19:10 | 000,000,000 | ---D | C] -- C:\Windows\System32\ms-MY
[2013.01.09 20:53:43 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\STV Reutlingen
[2012.12.19 23:22:32 | 000,000,000 | ---D | C] -- C:\Users\Silvan\FOTO_com
[2012.12.19 22:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\tmp
[2012.12.19 22:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\hps
[2012.12.19 22:23:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\posterjack CEWE Fotobuch und Kalender
[2012.12.19 22:14:43 | 000,000,000 | ---D | C] -- C:\Program Files\CEWE
[2012.12.19 22:13:57 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Local\assembly
[2012.12.19 22:13:49 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Documents\ifolor
[2012.12.19 22:13:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ifolor
[2012.12.19 22:12:54 | 000,000,000 | ---D | C] -- C:\Program Files\ifolor
[2012.12.19 21:28:35 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Fotos Oma
[2012.12.12 12:48:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hamster Soft
[2012.12.12 12:48:52 | 000,000,000 | ---D | C] -- C:\Program Files\Hamster Soft
[2012.12.03 23:13:13 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Documents\VideoPad Projekte
[2012.12.03 19:18:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NCH Software
[2012.12.03 19:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Related Programs
[2012.12.03 19:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite
[2012.12.03 19:18:20 | 000,000,000 | ---D | C] -- C:\Program Files\NCH Software
[2012.12.03 19:18:15 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Roaming\NCH Software
[2012.12.03 13:16:41 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.11.30 16:33:27 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Roaming\VideoConverterPackages
[2012.11.30 16:23:45 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Documents\Pinnacle VideoSpin
[2012.11.30 15:21:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Pinnacle
[2012.11.30 15:21:14 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Local\Downloaded Installations
[2012.10.21 18:34:12 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Engadin
[2012.10.18 16:52:53 | 000,692,104 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.10.03 11:59:20 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Karte
[2012.10.02 17:43:35 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Bilder Silvan
[2012.10.02 16:42:32 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Balkan Beat Box - Give [2012] 320KbPs
[2012.09.25 08:42:47 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Roaming\dvdcss
[2012.09.18 16:12:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.09.18 16:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2012.09.18 10:18:41 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Documents\Reisen
[2012.09.18 09:36:26 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\LaBrassBanda
[2012.09.18 09:19:45 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Alt-J
[2012.09.18 08:56:06 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Roaming\Ciamti
[2012.09.09 22:13:09 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Siat
[2012.09.09 20:35:33 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.09.09 20:35:29 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Local\Google
[2012.09.05 15:02:09 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Alice Russell
[2012.09.05 09:59:17 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Quantic and Alice Russell with the Combo Bárbaro (2012)
[2012.08.27 17:31:15 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\MC Xander
[2012.06.30 15:25:13 | 000,000,000 | ---D | C] -- C:\ProgramData\UDM
[2012.06.30 15:22:57 | 000,112,128 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbnet.sys
[2012.06.30 15:22:56 | 000,102,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbmdm.sys
[2012.06.30 15:22:41 | 000,103,040 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\System32\drivers\ewusbfake.sys
[2012.06.30 15:22:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unlimited Data Manager
[2012.06.30 15:21:57 | 000,000,000 | ---D | C] -- C:\ProgramData\WtDashboard
[2012.06.30 15:21:57 | 000,000,000 | ---D | C] -- C:\Program Files\Swisscom
[2012.06.30 15:20:56 | 000,000,000 | ---D | C] -- C:\ProgramData\UDM_17491
[2012.06.28 15:19:21 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Local\fontconfig
[2012.06.28 15:19:17 | 000,000,000 | ---D | C] -- C:\Users\Silvan\AppData\Local\gegl-0.2
[2012.06.28 15:19:17 | 000,000,000 | ---D | C] -- C:\Users\Silvan\.gimp-2.8
[2012.06.28 15:13:30 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012.06.28 15:12:51 | 000,000,000 | ---D | C] -- D:\Benutzer\Silvan\Desktop\Fotos Südafrika
[2 D:\Benutzer\Silvan\Desktop\*.tmp files -> D:\Benutzer\Silvan\Desktop\*.tmp -> ]
 
========== Files - Modified Within 360 Days ==========
 
[2013.06.05 10:56:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.05 10:52:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.05 10:52:47 | 000,003,712 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.05 08:59:25 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.06.05 08:59:25 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.06.05 08:59:25 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.06.05 08:59:25 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.06.05 08:53:00 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.05 08:52:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.05 08:52:15 | 3755,974,656 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.04 10:09:22 | 000,265,000 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.06.04 08:29:15 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.06.04 08:29:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.05.30 09:51:17 | 000,001,356 | ---- | M] () -- C:\Users\Silvan\AppData\Local\d3d9caps.dat
[2013.05.29 20:01:35 | 000,063,488 | ---- | M] () -- C:\Users\Silvan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.05.29 16:11:15 | 000,760,723 | ---- | M] (Farbar) -- D:\Benutzer\Silvan\Desktop\MiniToolBox.exe
[2013.05.29 15:59:29 | 000,016,384 | ---- | M] () -- D:\Benutzer\Silvan\Documents\Resultate_6.v12
[2013.05.29 11:35:07 | 000,001,898 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.05.29 11:23:13 | 000,094,112 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\WindowsAccessBridge.dll
[2013.05.29 11:23:10 | 000,866,720 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\npDeployJava1.dll
[2013.05.29 11:23:10 | 000,788,896 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\deployJava1.dll
[2013.05.29 11:23:10 | 000,263,584 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaws.exe
[2013.05.29 11:23:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\javaw.exe
[2013.05.29 11:23:10 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\System32\java.exe
[2013.05.29 11:20:15 | 000,000,852 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.29 08:55:02 | 000,890,825 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\SecurityCheck.exe
[2013.05.28 16:41:16 | 002,347,384 | ---- | M] (ESET) -- D:\Benutzer\Silvan\Desktop\esetsmartinstaller_enu.exe
[2013.05.28 10:57:57 | 000,354,297 | ---- | M] (Farbar) -- D:\Benutzer\Silvan\Desktop\FSS.exe
[2013.05.28 10:10:42 | 000,545,954 | ---- | M] (Oleg N. Scherbakov) -- D:\Benutzer\Silvan\Desktop\JRT.exe
[2013.05.28 10:08:01 | 001,355,295 | ---- | M] (Farbar) -- D:\Benutzer\Silvan\Desktop\FRST.exe
[2013.05.28 10:05:50 | 000,632,031 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\adwcleaner.exe
[2013.05.28 10:04:24 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- D:\Benutzer\Silvan\Desktop\tdsskiller.exe
[2013.05.28 09:40:22 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013.05.28 09:28:00 | 005,073,708 | R--- | M] (Swearware) -- D:\Benutzer\Silvan\Desktop\ComboFix.exe
[2013.05.27 22:35:56 | 000,377,856 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\gmer_2.1.19163.exe
[2013.05.27 22:10:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Benutzer\Silvan\Desktop\OTL.exe
[2013.05.27 22:09:46 | 000,000,000 | ---- | M] () -- C:\Users\Silvan\defogger_reenable
[2013.05.27 22:09:12 | 000,050,477 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\Defogger.exe
[2013.04.15 15:25:26 | 002,101,417 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\masterarbeit-tobias-rodenkirch_web.pdf
[2013.04.08 17:34:03 | 000,000,685 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\LehrerOffice Easy.lnk
[2013.04.01 23:01:07 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.04.01 23:01:07 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.04.01 23:01:07 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.03.26 21:37:15 | 000,028,520 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.03.26 11:54:15 | 000,002,079 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.03.21 23:10:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2013.03.21 23:10:43 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.03.01 00:12:27 | 259,676,048 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\Leben unter Grizzlies.m4v
[2013.02.28 19:44:14 | 000,530,255 | ---- | M] () -- D:\Benutzer\Silvan\Documents\4. Was sind Gezeiten neu.pdf
[2013.02.27 19:13:39 | 000,378,346 | ---- | M] () -- D:\Benutzer\Silvan\Documents\(Tagesverlauf Wortschatz für WT).pdf
[2013.02.07 10:55:39 | 000,000,707 | ---- | M] () -- C:\Users\Public\Desktop\On s'entraîne 6.lnk
[2013.01.30 22:57:22 | 000,000,861 | ---- | M] () -- C:\Windows\hpntwksetup.ini
[2013.01.09 20:43:26 | 247,835,763 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.19 22:23:21 | 000,001,253 | ---- | M] () -- C:\Users\Public\Desktop\posterjack CEWE Fotobuch und Kalender.lnk
[2012.12.19 22:13:38 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\ifolor Designer.lnk
[2012.12.12 12:50:13 | 000,000,393 | ---- | M] () -- C:\Users\Silvan\AppData\Local\HamsterVideoConverterSettings.cfg
[2012.10.25 19:53:01 | 118,444,064 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\Balkanica Vol.3.mp3
[2012.10.13 16:45:15 | 001,209,672 | ---- | M] () -- D:\Benutzer\Silvan\Desktop\Photography_people_103163.jpg
[2012.09.18 20:32:32 | 000,002,651 | ---- | M] () -- C:\Users\Silvan\AppData\Local\recently-used.xbel
[2 D:\Benutzer\Silvan\Desktop\*.tmp files -> D:\Benutzer\Silvan\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.29 11:35:07 | 000,001,898 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.05.29 11:35:07 | 000,001,804 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.05.29 11:20:15 | 000,000,864 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.05.29 11:20:15 | 000,000,852 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.29 08:55:02 | 000,890,825 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\SecurityCheck.exe
[2013.05.28 10:05:50 | 000,632,031 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\adwcleaner.exe
[2013.05.28 09:31:24 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.05.28 09:31:24 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.05.28 09:31:24 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.05.28 09:31:24 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.05.28 09:31:24 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.05.27 22:35:56 | 000,377,856 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\gmer_2.1.19163.exe
[2013.05.27 22:09:46 | 000,000,000 | ---- | C] () -- C:\Users\Silvan\defogger_reenable
[2013.05.27 22:09:12 | 000,050,477 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\Defogger.exe
[2013.04.15 15:25:26 | 002,101,417 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\masterarbeit-tobias-rodenkirch_web.pdf
[2013.04.08 17:34:03 | 000,000,685 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\LehrerOffice Easy.lnk
[2013.03.26 11:54:15 | 000,002,079 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2013.03.21 23:10:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2013.03.21 23:10:43 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2013.03.01 00:04:14 | 259,676,048 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\Leben unter Grizzlies.m4v
[2013.02.28 19:44:11 | 000,530,255 | ---- | C] () -- D:\Benutzer\Silvan\Documents\4. Was sind Gezeiten neu.pdf
[2013.02.27 19:13:36 | 000,378,346 | ---- | C] () -- D:\Benutzer\Silvan\Documents\(Tagesverlauf Wortschatz für WT).pdf
[2013.02.07 10:56:21 | 000,016,384 | ---- | C] () -- D:\Benutzer\Silvan\Documents\Resultate_6.v12
[2013.02.07 10:55:39 | 000,000,719 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\On s'entraîne 6.lnk
[2013.02.07 10:55:39 | 000,000,707 | ---- | C] () -- C:\Users\Public\Desktop\On s'entraîne 6.lnk
[2013.01.16 22:24:15 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01009_Inbox_Critical.Wdf
[2012.12.19 22:23:21 | 000,001,253 | ---- | C] () -- C:\Users\Public\Desktop\posterjack CEWE Fotobuch und Kalender.lnk
[2012.12.19 22:13:38 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\ifolor Designer.lnk
[2012.12.12 12:50:12 | 000,000,393 | ---- | C] () -- C:\Users\Silvan\AppData\Local\HamsterVideoConverterSettings.cfg
[2012.12.03 19:18:22 | 000,000,993 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Videobearbeitungs-Software.lnk
[2012.10.25 19:46:59 | 118,444,064 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\Balkanica Vol.3.mp3
[2012.10.13 16:45:15 | 001,209,672 | ---- | C] () -- D:\Benutzer\Silvan\Desktop\Photography_people_103163.jpg
[2012.09.20 11:12:01 | 3755,974,656 | -HS- | C] () -- C:\hiberfil.sys
[2012.09.18 20:32:32 | 000,002,651 | ---- | C] () -- C:\Users\Silvan\AppData\Local\recently-used.xbel
[2012.09.09 20:35:40 | 000,001,098 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.09.09 20:35:38 | 000,001,094 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.28 15:17:47 | 000,000,886 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012.01.27 12:18:04 | 000,116,224 | ---- | C] () -- C:\Windows\System32\pdfcmnnt.dll
[2012.01.08 14:09:20 | 000,095,406 | ---- | C] () -- C:\Users\Silvan\Antrag Strafregisterauszug.pdf
[2012.01.02 18:40:16 | 000,000,608 | -HS- | C] () -- C:\Windows\System32\winzvprt5.sys
[2012.01.02 18:33:11 | 000,000,861 | ---- | C] () -- C:\Windows\hpntwksetup.ini
[2012.01.02 18:05:05 | 000,000,000 | ---- | C] () -- C:\Windows\HPMProp.INI
[2011.12.24 12:59:11 | 000,063,488 | ---- | C] () -- C:\Users\Silvan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.23 15:57:02 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2011.12.23 15:57:02 | 000,107,612 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchema.bin
[2011.12.22 10:41:03 | 000,018,904 | ---- | C] () -- C:\Windows\System32\StructuredQuerySchemaTrivial.bin
[2011.12.21 08:43:59 | 000,628,742 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2011.12.21 08:43:59 | 000,290,748 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2011.12.21 08:43:59 | 000,126,454 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2011.12.21 08:43:59 | 000,036,916 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2011.12.21 00:25:36 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.12.21 00:11:48 | 003,107,788 | ---- | C] () -- C:\Windows\System32\atiumdva.dat
[2011.12.21 00:11:47 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2011.12.21 00:11:46 | 000,166,450 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.12.21 00:07:34 | 000,055,808 | ---- | C] () -- C:\Windows\System32\bcmwlrmt.dll
[2011.12.21 00:07:33 | 000,024,064 | ---- | C] () -- C:\Windows\System32\WLTRYSVC.EXE
[2011.12.20 23:56:10 | 000,001,356 | ---- | C] () -- C:\Users\Silvan\AppData\Local\d3d9caps.dat
 
========== ZeroAccess Check ==========
 
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2011.01.21 18:35:22 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
OTL spuckte diesmal jedoch kein File "Extras" mehr aus. Ist das normal?

Gruss

schrauber 05.06.2013 14:50
Ja das ist normal. Rechner ist sauber.

Mach bitte mal AV Programm aus, immer noch Abbrüche?

Sili2000 05.06.2013 15:01
Verbindung ist im Moment gerade seit ca. 30 Minuten ohne Abbrüche. (Ohne dass ich das AV Programm ausgeschaltet hätte...). Hab dafür bei der Firewall des Laptops bei den Ausnahmen noch 2-3 Haken entfernt... Ich schau mal, wie sich das weiter entwickelt...

Toll, dass der Rechner jetzt "sauber" ist. Was bleibt da jetzt noch zu tun? Soll ich all die Tools deinstallieren?

Gruss

schrauber 05.06.2013 16:17
Wir warten jetzt erstmal wie sich die Verbindung verhält, gib mir Morgen oder so nochmal Rückmeldung, dann räumen wir auf :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:06 Uhr.
Seite 3 von 3 12 3
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132