Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   whatever shit (https://www.trojaner-board.de/94193-whatever-shit.html)

paulo3d 27.12.2010 19:51
whatever shit
 
ist hier noch was zu retten???
grüße paulOTL Logfile:
Code:
OTL logfile created on: 27.12.2010 19:20:14 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Vorstand\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,54 Gb Total Space | 37,97 Gb Free Space | 32,30% Space Free | Partition Type: NTFS
Drive E: | 113,88 Gb Total Space | 104,55 Gb Free Space | 91,80% Space Free | Partition Type: NTFS
Drive F: | 6,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PRIVAT | User Name: Vorstand | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.12.27 19:18:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Vorstand\Downloads\OTL.exe
PRC - [2010.12.17 17:22:52 | 000,403,624 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2010.12.17 17:22:52 | 000,389,288 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avcenter.exe
PRC - [2010.12.17 17:22:52 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2010.12.17 17:22:52 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.17 17:22:52 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.17 17:22:52 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.07.20 18:09:00 | 000,030,192 | ---- | M] (Google) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010.03.24 16:08:39 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.07.27 03:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.26 13:48:31 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.02.10 17:01:49 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.01.01 20:49:13 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2008.10.31 22:42:46 | 000,307,712 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2008.09.10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008.04.08 16:49:18 | 000,671,796 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe
PRC - [2008.01.25 14:43:22 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008.01.25 10:22:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\SmoothView\SmoothView.exe
PRC - [2008.01.22 13:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008.01.22 10:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008.01.21 15:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.21 03:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Mail\WinMail.exe
PRC - [2008.01.17 15:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008.01.09 14:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\NDSTray.exe
PRC - [2007.12.29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007.12.25 13:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2007.12.07 14:22:54 | 000,107,824 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
PRC - [2007.12.07 14:22:52 | 001,234,320 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
PRC - [2007.12.07 14:22:52 | 000,800,152 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe
PRC - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.10.25 16:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007.07.26 15:55:16 | 000,483,393 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Common Files\Marmiko Shared\MWLaMaS.exe
PRC - [2007.06.21 15:12:03 | 000,054,576 | ---- | M] (AOL, LLC.) -- C:\Programme\AOL 9.0 VRa\shellmon.exe
PRC - [2007.06.18 10:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Programme\IDM\Desktop SMS\DesktopSMS.exe
PRC - [2007.05.24 09:15:27 | 000,039,472 | ---- | M] (AOL, LLC.) -- C:\Programme\AOL 9.0 VRa\waol.exe
PRC - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2007.01.29 17:40:44 | 000,179,016 | ---- | M] (T-Systems Enterprise Services GmbH) -- C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
PRC - [2006.11.14 14:47:54 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Common Files\aol\1225531359\ee\aolsoftware.exe
PRC - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Programme\Common Files\aol\acs\AOLacsd.exe
PRC - [2006.10.14 00:18:24 | 000,063,120 | ---- | M] (AOL LLC) -- C:\Programme\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [1997.10.17 23:00:00 | 000,111,376 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office\FINDFAST.EXE
PRC - [1997.10.17 23:00:00 | 000,051,984 | ---- | M] () -- C:\Programme\Microsoft Office\Office\OSA.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.12.27 19:18:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Vorstand\Downloads\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009.09.25 03:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2009.04.11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010.12.17 17:22:52 | 000,403,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2010.12.17 17:22:52 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2010.12.17 17:22:52 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.17 17:22:52 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.07.20 18:09:00 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.02.10 17:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.01.01 20:49:13 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2008.09.10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008.01.21 15:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007.08.01 14:36:58 | 000,290,816 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Stopped] -- C:\Program Files\T-Online\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService)
SRV - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007.01.29 17:40:44 | 000,179,016 | ---- | M] (T-Systems Enterprise Services GmbH) [Auto | Running] -- C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe -- (DFSVC)
SRV - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx)
DRV - [2010.12.17 17:22:52 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.17 17:22:52 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.09 12:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.18 18:53:06 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.02.01 11:46:08 | 000,187,904 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)
DRV - [2008.01.30 16:24:00 | 003,483,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.01.23 09:19:44 | 000,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2008.01.21 14:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008.01.15 10:34:58 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2007.12.17 10:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.12.06 10:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007.11.29 17:58:56 | 000,196,144 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.11.01 00:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007.11.01 00:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007.11.01 00:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007.10.17 22:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007.09.26 05:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.08.01 14:49:00 | 000,016,448 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\dslmnlwf.sys -- (DslMNLwf)
DRV - [2007.06.13 17:11:10 | 000,025,136 | ---- | M] (America Online) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atwpkt2.sys -- (ATWPKT2)
DRV - [2007.04.09 16:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)
DRV - [2007.01.29 17:40:14 | 000,014,536 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\Dialerschutz-Software\DFSYS.sys -- (DFSYS)
DRV - [2007.01.29 16:51:44 | 000,022,856 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SipIMNDI.sys -- (SipIMNDI)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006.11.01 21:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.09 13:46:44 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: toolbar_extras@de.yahoo.com:1.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.26 16:28:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.16 23:03:53 | 000,000,000 | ---D | M]
 
[2008.12.29 13:50:31 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\mozilla\Extensions
[2010.12.27 18:12:38 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions
[2009.07.07 16:33:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.01 09:30:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.06.17 10:27:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008.12.29 13:51:02 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\toolbar_extras@de.yahoo.com
[2010.10.22 16:02:54 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.24 22:04:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.22 21:40:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.22 16:02:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009.04.25 16:40:09 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\toolbar_extras@de.yahoo.com
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.03.15 14:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.10.13 19:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008.02.19 15:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006.12.03 16:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2008.07.15 15:23:13 | 000,000,810 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1225531359\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Cognac] C:\Users\Vorstand\AppData\Local\Temp\52.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [TOSCDSPD] File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.)
O4 - HKCU..\RunServices: [Win32Update] C:\Users\Vorstand\AppData\Local\Temp\wJQs.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro3.cce.hp.com/ChatEntry/downloads/sysinfo.cab (SysData Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\sdra64.exe) - C:\Windows\System32\sdra64.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O24 - Desktop WallPaper: C:\Toshiba\WALLPAPERS\Wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\Toshiba\WALLPAPERS\Wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.03.06 11:07:47 | 000,398,656 | R--- | M] (THQ Canada Inc.) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.02.24 02:30:48 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.07.08 18:15:09 | 000,000,000 | R--D | M] - F:\AutorunData -- [ UDF ]
O33 - MountPoints2\{2579fc37-8ca3-11dd-90df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2579fc37-8ca3-11dd-90df-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2009.03.06 11:07:47 | 000,398,656 | R--- | M] (THQ Canada Inc.)
O33 - MountPoints2\{5280ac26-a9a1-11dd-9217-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5280ac26-a9a1-11dd-9217-806e6f6e6963}\Shell\AutoRun\command - "" = D:\EasySuite.exe -- File not found
O33 - MountPoints2\{d9b81c6a-a8dc-11dd-bf0f-001e68c802af}\Shell\AutoRun\command - "" = D:\setupSNK.exe -- File not found
O33 - MountPoints2\{ee60c548-d8cf-11dd-b78a-001e68c802af}\Shell - "" = AutoRun
O33 - MountPoints2\{ee60c548-d8cf-11dd-b78a-001e68c802af}\Shell\AutoRun\command - "" = D:\EasySuite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.27 18:48:47 | 000,000,000 | ---D | C] -- C:\avrescue
[2010.12.25 09:43:34 | 000,000,000 | ---D | C] -- C:\Users\Vorstand\Documents\My Games
[2010.12.25 09:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2010.12.23 10:59:55 | 000,000,000 | ---D | C] -- C:\Users\Vorstand\Documents\Meine Projekte
[2010.12.21 17:35:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.12.21 17:18:45 | 000,000,000 | ---D | C] -- C:\Programme\THQ
[2010.12.21 17:15:17 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.27 19:16:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.27 19:00:03 | 000,000,296 | -H-- | M] () -- C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2010.12.27 19:00:01 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010.12.27 17:58:15 | 000,674,582 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.27 17:58:15 | 000,634,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.27 17:58:15 | 000,146,234 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.27 17:58:15 | 000,119,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.27 17:53:07 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.12.27 17:52:37 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.27 17:52:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 17:52:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 17:52:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.27 17:52:08 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.27 13:27:36 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{59A3F890-AC58-4510-ABC9-99777FA99D1B}.job
[2010.12.26 18:50:14 | 000,000,016 | -H-- | M] () -- C:\Users\Vorstand\Desktop\mxfilerelatedcache.mxc2
[2010.12.26 10:43:46 | 000,000,201 | ---- | M] () -- C:\Users\Vorstand\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2010.12.25 11:10:44 | 000,225,513 | ---- | M] () -- C:\Users\Vorstand\Documents\SchlittenfahrtimWald.jpg
[2010.12.25 10:39:56 | 000,068,608 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.25 09:43:49 | 000,000,680 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\d3d9caps.dat
[2010.12.23 11:45:12 | 000,000,484 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\wklnhst.dat
[2010.12.21 18:09:40 | 262,068,595 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.12.17 17:22:52 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.12.17 17:22:52 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.12.17 11:39:58 | 000,322,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.03 12:12:06 | 003,882,262 | ---- | M] () -- C:\Users\Vorstand\Documents\dsc07054.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.26 18:50:06 | 000,000,016 | -H-- | C] () -- C:\Users\Vorstand\Desktop\mxfilerelatedcache.mxc2
[2010.12.26 10:43:46 | 000,000,201 | ---- | C] () -- C:\Users\Vorstand\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2010.12.25 11:10:38 | 000,225,513 | ---- | C] () -- C:\Users\Vorstand\Documents\SchlittenfahrtimWald.jpg
[2010.12.21 17:34:57 | 262,068,595 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.12.03 12:11:12 | 003,882,262 | ---- | C] () -- C:\Users\Vorstand\Documents\dsc07054.jpg
[2010.10.22 15:47:38 | 000,000,009 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\mdb.bin
[2009.10.24 11:52:23 | 000,000,680 | ---- | C] () -- C:\Users\Vorstand\AppData\Local\d3d9caps.dat
[2009.08.09 21:17:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.05.20 13:28:05 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009.02.03 18:36:03 | 000,000,484 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\wklnhst.dat
[2008.11.06 16:49:38 | 000,024,206 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\UserTile.png
[2008.10.24 09:06:23 | 000,000,010 | ---- | C] () -- C:\Windows\msoffice.ini
[2008.10.15 09:32:40 | 000,000,235 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\devices.xml
[2008.10.15 09:32:40 | 000,000,012 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\settings.xml
[2008.10.15 08:56:15 | 000,000,573 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.10.10 18:19:30 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.10.01 17:31:31 | 000,000,016 | -H-- | C] () -- C:\Users\Vorstand\AppData\Roaming\mxfilerelatedcache.mxc2
[2008.10.01 17:31:21 | 000,000,016 | -H-- | C] () -- C:\Users\Vorstand\AppData\Local\mxfilerelatedcache.mxc2
[2008.10.01 10:00:55 | 000,000,096 | ---- | C] () -- C:\Users\Vorstand\AppData\Local\fusioncache.dat
[2008.09.29 18:32:09 | 000,068,608 | ---- | C] () -- C:\Users\Vorstand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.26 14:48:47 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008.02.15 18:02:27 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.02.15 17:55:15 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.02.15 17:55:15 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.02.15 17:55:15 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.02.15 17:55:15 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.02.15 17:55:15 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.02.15 17:55:15 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.02.15 17:36:06 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008.02.15 17:36:06 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008.02.15 17:36:06 | 000,009,480 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008.02.15 17:36:06 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008.02.15 17:29:11 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.15 17:22:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.02.15 16:52:27 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008.02.15 16:52:24 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2008.01.28 17:01:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008.01.28 17:01:06 | 000,471,040 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008.01.28 16:53:02 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008.01.28 16:53:02 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008.01.28 16:53:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008.01.28 16:52:28 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2007.12.21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.07.22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[1997.10.17 23:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997.10.17 23:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
 
========== LOP Check ==========
 
[2010.05.31 15:20:53 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Canon
[2010.11.27 16:50:43 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\com.prezi.PreziDesktop
[2010.12.16 23:03:58 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Defense Center
[2009.04.06 17:19:12 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\DesktopSMS
[2009.12.07 23:19:49 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\LG Electronics
[2009.01.20 18:39:56 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\MAGIX
[2010.08.25 20:16:46 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\myphotobook
[2008.11.06 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\PeerNetworking
[2009.01.01 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\ProtectDisc
[2009.05.20 13:33:29 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Red Alert 3
[2008.10.01 09:56:44 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\T-Online
[2009.02.03 18:36:46 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Template
[2008.11.17 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\TOSHIBA
[2010.08.13 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Ulead Systems
[2008.10.03 15:43:12 | 000,000,016 | -H-- | M] () -- C:\Windows\Tasks\mxfilerelatedcache.mxc2
[2010.12.27 15:19:12 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.27 13:27:36 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{59A3F890-AC58-4510-ABC9-99777FA99D1B}.job
[2010.12.27 19:00:01 | 000,000,302 | -H-- | M] () -- C:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010.12.27 19:00:03 | 000,000,296 | -H-- | M] () -- C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 761 bytes -> C:\Users\Vorstand\Documents\Fw_Threeships.eml:OECustomProperty
 
< End of report >
--- --- ---




















OTL Logfile:
Code:
OTL logfile created on: 27.12.2010 19:20:14 - Run 1
OTL by OldTimer - Version 3.2.18.0 Folder = C:\Users\Vorstand\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18999)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 58,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 76,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,54 Gb Total Space | 37,97 Gb Free Space | 32,30% Space Free | Partition Type: NTFS
Drive E: | 113,88 Gb Total Space | 104,55 Gb Free Space | 91,80% Space Free | Partition Type: NTFS
Drive F: | 6,82 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: PRIVAT | User Name: Vorstand | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2010.12.27 19:18:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Vorstand\Downloads\OTL.exe
PRC - [2010.12.17 17:22:52 | 000,403,624 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2010.12.17 17:22:52 | 000,389,288 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avcenter.exe
PRC - [2010.12.17 17:22:52 | 000,339,624 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2010.12.17 17:22:52 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.12.17 17:22:52 | 000,267,944 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.12.17 17:22:52 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2010.07.20 18:09:00 | 000,030,192 | ---- | M] (Google) -- C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
PRC - [2010.03.24 16:08:39 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.07.27 03:10:00 | 001,983,816 | ---- | M] (CANON INC.) -- C:\Programme\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.04.11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2009.02.26 13:48:31 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
PRC - [2009.02.10 17:01:49 | 000,116,104 | ---- | M] () -- C:\Programme\Canon\IJPLM\ijplmsvc.exe
PRC - [2009.01.01 20:49:13 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe
PRC - [2008.10.31 22:42:46 | 000,307,712 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2008.09.10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) -- C:\Programme\Lavasoft\Ad-Aware\aawservice.exe
PRC - [2008.04.08 16:49:18 | 000,671,796 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\T-Online\WLAN-Access Finder\ToWLaAcF.exe
PRC - [2008.01.25 14:43:22 | 000,716,800 | ---- | M] (TOSHIBA Corporation.) -- C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe
PRC - [2008.01.25 10:22:14 | 000,509,816 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\SmoothView\SmoothView.exe
PRC - [2008.01.22 13:25:26 | 000,712,704 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\FlashCards\TCrdMain.exe
PRC - [2008.01.22 10:00:30 | 004,624,384 | ---- | M] () -- C:\Programme\Camera Assistant Software for Toshiba\CEC_MAIN.exe
PRC - [2008.01.21 15:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
PRC - [2008.01.21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008.01.21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2008.01.21 03:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Defender\MSASCui.exe
PRC - [2008.01.21 03:23:32 | 000,397,312 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Mail\WinMail.exe
PRC - [2008.01.17 15:27:52 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TPwrMain.exe
PRC - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\Power Saver\TosCoSrv.exe
PRC - [2008.01.09 14:02:08 | 001,056,768 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\NDSTray.exe
PRC - [2007.12.29 09:06:02 | 000,430,080 | ---- | M] () -- C:\Programme\Toshiba\TOSCDSPD\TOSCDSPD.exe
PRC - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSvcs.exe
PRC - [2007.12.25 13:06:52 | 000,405,504 | ---- | M] (TOSHIBA CORPORATION) -- C:\Programme\Toshiba\ConfigFree\CFSwMgr.exe
PRC - [2007.12.07 14:22:54 | 000,107,824 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\sc_watch.exe
PRC - [2007.12.07 14:22:52 | 001,234,320 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\kernel.exe
PRC - [2007.12.07 14:22:52 | 000,800,152 | ---- | M] (Deutsche Telekom AG) -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis2\profilemgr.exe
PRC - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) -- C:\Programme\Toshiba\SMARTLogService\TosIPCSrv.exe
PRC - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) -- C:\Windows\System32\TODDSrv.exe
PRC - [2007.10.25 16:41:18 | 000,413,696 | ---- | M] (Chicony) -- C:\Programme\Camera Assistant Software for Toshiba\traybar.exe
PRC - [2007.07.26 15:55:16 | 000,483,393 | ---- | M] (Deutsche Telekom AG, Marmiko IT-Solutions GmbH) -- C:\Programme\Common Files\Marmiko Shared\MWLaMaS.exe
PRC - [2007.06.21 15:12:03 | 000,054,576 | ---- | M] (AOL, LLC.) -- C:\Programme\AOL 9.0 VRa\shellmon.exe
PRC - [2007.06.18 10:51:10 | 001,507,328 | ---- | M] (Interactive Digital Media) -- C:\Programme\IDM\Desktop SMS\DesktopSMS.exe
PRC - [2007.05.24 09:15:27 | 000,039,472 | ---- | M] (AOL, LLC.) -- C:\Programme\AOL 9.0 VRa\waol.exe
PRC - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) -- C:\Programme\O2Micro Flash Memory Card Driver\o2flash.exe
PRC - [2007.01.29 17:40:44 | 000,179,016 | ---- | M] (T-Systems Enterprise Services GmbH) -- C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe
PRC - [2006.11.14 14:47:54 | 000,050,736 | ---- | M] (America Online, Inc.) -- C:\Programme\Common Files\aol\1225531359\ee\aolsoftware.exe
PRC - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Programme\Common Files\aol\acs\AOLacsd.exe
PRC - [2006.10.14 00:18:24 | 000,063,120 | ---- | M] (AOL LLC) -- C:\Programme\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe
PRC - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [1997.10.17 23:00:00 | 000,111,376 | ---- | M] (Microsoft Corporation) -- C:\Programme\Microsoft Office\Office\FINDFAST.EXE
PRC - [1997.10.17 23:00:00 | 000,051,984 | ---- | M] () -- C:\Programme\Microsoft Office\Office\OSA.EXE
 
 
========== Modules (SafeList) ==========
 
MOD - [2010.12.27 19:18:04 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Users\Vorstand\Downloads\OTL.exe
MOD - [2010.08.31 16:43:52 | 001,686,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3\comctl32.dll
MOD - [2009.09.25 03:10:10 | 000,974,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WindowsCodecs.dll
MOD - [2009.04.11 07:28:19 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\EhStorShell.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
SRV - [2010.12.17 17:22:52 | 000,403,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2010.12.17 17:22:52 | 000,339,624 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2010.12.17 17:22:52 | 000,267,944 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2010.12.17 17:22:52 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010.07.20 18:09:00 | 000,030,192 | ---- | M] (Google) [On_Demand | Stopped] -- C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe -- (GoogleDesktopManager-051210-111108)
SRV - [2010.03.18 13:16:28 | 000,753,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe -- (WPFFontCache_v0400)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.09.25 02:27:04 | 000,793,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
SRV - [2009.02.10 17:01:49 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Programme\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2009.01.01 20:49:13 | 000,187,456 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Programme\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)
SRV - [2008.09.10 13:01:28 | 000,611,664 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe -- (aawservice)
SRV - [2008.01.21 15:54:46 | 000,083,312 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Programme\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe -- (TNaviSrv)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.17 15:27:34 | 000,431,456 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe -- (TosCoSrv)
SRV - [2007.12.25 13:07:14 | 000,040,960 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
SRV - [2007.12.03 16:03:52 | 000,126,976 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe -- (TOSHIBA SMART Log Service)
SRV - [2007.11.21 17:23:32 | 000,129,632 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\System32\TODDSrv.exe -- (TODDSrv)
SRV - [2007.08.01 14:36:58 | 000,290,816 | ---- | M] (T-Systems Enterprise Services GmbH) [On_Demand | Stopped] -- C:\Program Files\T-Online\DSL-Manager\DslMgrSvc.exe -- (TDslMgrService)
SRV - [2007.02.12 16:43:44 | 000,065,536 | ---- | M] (O2Micro International) [Auto | Running] -- C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe -- (o2flash)
SRV - [2007.01.29 17:40:44 | 000,179,016 | ---- | M] (T-Systems Enterprise Services GmbH) [Auto | Running] -- C:\Programme\T-Online\Dialerschutz-Software\DFInject.exe -- (DFSVC)
SRV - [2006.10.23 13:50:35 | 000,046,640 | R--- | M] (AOL LLC) [Auto | Running] -- C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe -- (AOL ACS)
SRV - [2006.08.23 16:39:48 | 000,049,152 | ---- | M] (Ulead Systems, Inc.) [Auto | Running] -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\SymIM.sys -- (SymIMMP)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel(R)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\System32\DRIVERS\igdkmd32.sys -- (igfx)
DRV - [2010.12.17 17:22:52 | 000,135,096 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2010.12.17 17:22:52 | 000,061,960 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2009.06.09 12:27:24 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.03.18 18:53:06 | 000,011,608 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Programme\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2008.02.01 11:46:08 | 000,187,904 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CHDART.sys -- (CnxtHdAudAddService)
DRV - [2008.01.30 16:24:00 | 003,483,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2008.01.23 09:19:44 | 000,501,560 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\ACEDRV11.sys -- (acedrv11)
DRV - [2008.01.21 14:42:24 | 000,285,184 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\tos_sps32.sys -- (tos_sps32)
DRV - [2008.01.21 03:23:27 | 000,386,616 | ---- | M] (LSI Corporation, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasr.sys -- (MegaSR)
DRV - [2008.01.21 03:23:27 | 000,149,560 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu320.sys -- (adpu320)
DRV - [2008.01.21 03:23:27 | 000,031,288 | ---- | M] (LSI Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\megasas.sys -- (megasas)
DRV - [2008.01.21 03:23:26 | 000,101,432 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpu160m.sys -- (adpu160m)
DRV - [2008.01.21 03:23:26 | 000,074,808 | ---- | M] (Silicon Integrated Systems) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sisraid4.sys -- (SiSRaid4)
DRV - [2008.01.21 03:23:26 | 000,040,504 | ---- | M] (Hewlett-Packard Company) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\hpcisss.sys -- (HpCISSs)
DRV - [2008.01.21 03:23:25 | 000,300,600 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adpahci.sys -- (adpahci)
DRV - [2008.01.21 03:23:25 | 000,089,656 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_sas.sys -- (LSI_SAS)
DRV - [2008.01.21 03:23:24 | 001,122,360 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql2300.sys -- (ql2300)
DRV - [2008.01.21 03:23:24 | 000,118,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\E1G60I32.sys -- (E1G60) Intel(R)
DRV - [2008.01.21 03:23:24 | 000,079,928 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arcsas.sys -- (arcsas)
DRV - [2008.01.21 03:23:23 | 000,235,064 | ---- | M] (Intel Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iastorv.sys -- (iaStorV)
DRV - [2008.01.21 03:23:23 | 000,130,616 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\vsmraid.sys -- (vsmraid)
DRV - [2008.01.21 03:23:23 | 000,115,816 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata2.sys -- (ulsata2)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_scsi.sys -- (LSI_SCSI)
DRV - [2008.01.21 03:23:23 | 000,096,312 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\lsi_fc.sys -- (LSI_FC)
DRV - [2008.01.21 03:23:23 | 000,079,416 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\arc.sys -- (arc)
DRV - [2008.01.21 03:23:22 | 000,342,584 | ---- | M] (Emulex) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\elxstor.sys -- (elxstor)
DRV - [2008.01.21 03:23:21 | 000,422,968 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\adp94xx.sys -- (adp94xx)
DRV - [2008.01.21 03:23:21 | 000,102,968 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvraid.sys -- (nvraid)
DRV - [2008.01.21 03:23:21 | 000,045,112 | ---- | M] (NVIDIA Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nvstor.sys -- (nvstor)
DRV - [2008.01.21 03:23:20 | 000,238,648 | ---- | M] (ULi Electronics Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\uliahci.sys -- (uliahci)
DRV - [2008.01.21 03:23:00 | 000,020,024 | ---- | M] (VIA Technologies, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\viaide.sys -- (viaide)
DRV - [2008.01.21 03:23:00 | 000,019,000 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\cmdide.sys -- (cmdide)
DRV - [2008.01.21 03:23:00 | 000,017,464 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\aliide.sys -- (aliide)
DRV - [2008.01.15 10:34:58 | 000,048,472 | ---- | M] (O2Micro ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\o2media.sys -- (O2MDRDR)
DRV - [2007.12.17 10:45:20 | 000,018,432 | ---- | M] (Chicony Electronics Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\UVCFTR_S.SYS -- (UVCFTR)
DRV - [2007.12.06 10:51:00 | 000,298,496 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk60x86.sys -- (yukonwlh)
DRV - [2007.11.29 17:58:56 | 000,196,144 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SynTP.sys -- (SynTP)
DRV - [2007.11.09 13:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)
DRV - [2007.11.01 00:51:26 | 000,985,600 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_DPV.sys -- (HSF_DPV)
DRV - [2007.11.01 00:47:54 | 000,208,896 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSXHWAZL.sys -- (HSXHWAZL)
DRV - [2007.11.01 00:47:08 | 000,661,504 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HSX_CNXT.sys -- (winachsf)
DRV - [2007.10.17 22:36:54 | 000,008,704 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\XAudio.sys -- (XAudio)
DRV - [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\iaStor.sys -- (iaStor)
DRV - [2007.09.26 05:12:22 | 002,251,776 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw4v32.sys -- (NETw4v32) Intel(R)
DRV - [2007.08.01 14:49:00 | 000,016,448 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\dslmnlwf.sys -- (DslMNLwf)
DRV - [2007.06.13 17:11:10 | 000,025,136 | ---- | M] (America Online) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atwpkt2.sys -- (ATWPKT2)
DRV - [2007.04.09 16:13:00 | 000,008,192 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\QIOMem.sys -- (QIOMem)
DRV - [2007.01.29 17:40:14 | 000,014,536 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\Dialerschutz-Software\DFSYS.sys -- (DFSYS)
DRV - [2007.01.29 16:51:44 | 000,022,856 | ---- | M] (T-Systems Enterprise Services GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SipIMNDI.sys -- (SipIMNDI)
DRV - [2006.11.02 10:50:35 | 000,106,088 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ql40xx.sys -- (ql40xx)
DRV - [2006.11.02 10:50:35 | 000,098,408 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ulsata.sys -- (UlSata)
DRV - [2006.11.02 10:50:19 | 000,045,160 | ---- | M] (IBM Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\nfrd960.sys -- (nfrd960)
DRV - [2006.11.02 10:50:17 | 000,041,576 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iirsp.sys -- (iirsp)
DRV - [2006.11.02 10:50:11 | 000,071,272 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\djsvs.sys -- (aic78xx)
DRV - [2006.11.02 10:50:09 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteraid.sys -- (iteraid)
DRV - [2006.11.02 10:50:07 | 000,035,944 | ---- | M] (Integrated Technology Express, Inc.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\iteatapi.sys -- (iteatapi)
DRV - [2006.11.02 10:50:05 | 000,035,944 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\symc8xx.sys -- (Symc8xx)
DRV - [2006.11.02 10:50:03 | 000,034,920 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_u3.sys -- (Sym_u3)
DRV - [2006.11.02 10:49:59 | 000,033,384 | ---- | M] (LSI Logic Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\mraid35x.sys -- (Mraid35x)
DRV - [2006.11.02 10:49:56 | 000,031,848 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\sym_hi.sys -- (Sym_hi)
DRV - [2006.11.02 09:25:24 | 000,071,808 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)
DRV - [2006.11.02 09:24:47 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brusbser.sys -- (BrUsbSer)
DRV - [2006.11.02 09:24:46 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltup.sys -- (BrFiltUp)
DRV - [2006.11.02 09:24:45 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\brfiltlo.sys -- (BrFiltLo)
DRV - [2006.11.02 09:24:44 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brserwdm.sys -- (BrSerWdm)
DRV - [2006.11.02 09:24:44 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\brusbmdm.sys -- (BrUsbMdm)
DRV - [2006.11.02 08:36:50 | 000,020,608 | ---- | M] (N-trig Innovative Technologies) [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\ntrigdigi.sys -- (ntrigdigi)
DRV - [2006.11.02 08:30:52 | 000,467,456 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2006.11.01 21:18:15 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - [2006.10.23 16:32:20 | 000,009,216 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tosrfec.sys -- (tosrfec)
DRV - [2006.10.18 11:50:04 | 000,016,128 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tdcmdpst.sys -- (tdcmdpst)
DRV - [2006.10.09 13:46:44 | 000,017,536 | ---- | M] (Deutsche Telekom AG AG, Marmiko IT-Solutions GmbH) [Kernel | On_Demand | Stopped] -- C:\Programme\T-Online\T-Online_Software_6\Basis-Software\Basis1\MTOnlPktAlyx.sys -- (MTOnlPktAlyX)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.0.2
FF - prefs.js..extensions.enabledItems: toolbar_extras@de.yahoo.com:1.4
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
 
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.08.26 16:28:38 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.0.4\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.12.16 23:03:53 | 000,000,000 | ---D | M]
 
[2008.12.29 13:50:31 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\mozilla\Extensions
[2010.12.27 18:12:38 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions
[2009.07.07 16:33:56 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.05.01 09:30:55 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2009.06.17 10:27:05 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2008.12.29 13:51:02 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\mozilla\Firefox\Profiles\b6xed38h.default\extensions\toolbar_extras@de.yahoo.com
[2010.10.22 16:02:54 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions
[2010.05.24 22:04:23 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.22 21:40:47 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.10.22 16:02:54 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2009.04.25 16:40:09 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox\extensions\toolbar_extras@de.yahoo.com
[2010.04.12 16:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Programme\Mozilla Firefox\plugins\npdeployJava1.dll
[2008.03.15 14:56:14 | 000,001,392 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\amazondotcom-de.xml
[2008.10.13 19:34:40 | 000,002,344 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\eBay-de.xml
[2008.02.19 15:40:48 | 000,006,805 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\leo_ende_de.xml
[2006.12.03 16:59:22 | 000,000,986 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\wikipedia-de.xml
[2008.07.15 15:23:13 | 000,000,810 | ---- | M] () -- C:\Programme\Mozilla Firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Programme\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Programme\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [00TCrdMain] C:\Programme\Toshiba\FlashCards\TCrdMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [Camera Assistant Software] C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe (Chicony)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe (Interactive Digital Media)
O4 - HKLM..\Run: [Google Desktop Search] C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe (Google)
O4 - HKLM..\Run: [HDMICtrlMan] C:\Programme\Toshiba\HDMICtrlMan\HDMICtrlMan.exe (TOSHIBA Corporation.)
O4 - HKLM..\Run: [HostManager] C:\Programme\Common Files\aol\1225531359\ee\aolsoftware.exe (America Online, Inc.)
O4 - HKLM..\Run: [HSON] C:\Programme\Toshiba\TBS\HSON.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [ITSecMng] C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe File not found
O4 - HKLM..\Run: [NDSTray.exe] File not found
O4 - HKLM..\Run: [SmoothView] C:\Programme\Toshiba\SmoothView\SmoothView.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe ()
O4 - HKLM..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe (TOSHIBA)
O4 - HKLM..\Run: [Toshiba Registration] C:\Programme\Toshiba\Registration\ToshibaRegistration.exe (Toshiba)
O4 - HKLM..\Run: [TPwrMain] C:\Programme\Toshiba\Power Saver\TPwrMain.exe (TOSHIBA Corporation)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Cognac] C:\Users\Vorstand\AppData\Local\Temp\52.exe File not found
O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)
O4 - HKCU..\Run: [T-Online_Software_6\WLAN-Access Finder] C:\Program Files\T-Online\WLAN-Access Finder\ToWLaAcF.exe (Deutsche Telekom AG, Marmiko IT-Solutions GmbH)
O4 - HKCU..\Run: [TOSCDSPD] File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\System32\Macromed\Flash\FlashUtil10h_ActiveX.exe (Adobe Systems, Inc.)
O4 - HKCU..\RunServices: [Win32Update] C:\Users\Vorstand\AppData\Local\Temp\wJQs.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online Marktplatz - {76577871-04EC-495E-A12B-91F7C3600AFA} - File not found
O9 - Extra Button: Amazon.de - {8A918C1D-E123-4E36-B562-5C1519E434CE} - File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O15 - HKCU\..Trusted Domains: localhost ([]http in Lokales Intranet)
O15 - HKCU\..Trusted Ranges: GD ([http] in Lokales Intranet)
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} https://wimpro3.cce.hp.com/ChatEntry/downloads/sysinfo.cab (SysData Class)
O16 - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection.cab (GMNRev Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} hxxp://game.zylom.com/activex/zylomgamesplayer.cab (Zylom Games Player)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Java Plug-in 1.6.0_03)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\sdra64.exe) - C:\Windows\System32\sdra64.exe File not found
O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - File not found
O24 - Desktop WallPaper: C:\Toshiba\WALLPAPERS\Wallpaper1.jpg
O24 - Desktop BackupWallPaper: C:\Toshiba\WALLPAPERS\Wallpaper1.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.03.06 11:07:47 | 000,398,656 | R--- | M] (THQ Canada Inc.) - F:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2009.02.24 02:30:48 | 000,000,047 | R--- | M] () - F:\autorun.inf -- [ UDF ]
O32 - AutoRun File - [2010.07.08 18:15:09 | 000,000,000 | R--D | M] - F:\AutorunData -- [ UDF ]
O33 - MountPoints2\{2579fc37-8ca3-11dd-90df-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{2579fc37-8ca3-11dd-90df-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Autorun.exe -- [2009.03.06 11:07:47 | 000,398,656 | R--- | M] (THQ Canada Inc.)
O33 - MountPoints2\{5280ac26-a9a1-11dd-9217-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5280ac26-a9a1-11dd-9217-806e6f6e6963}\Shell\AutoRun\command - "" = D:\EasySuite.exe -- File not found
O33 - MountPoints2\{d9b81c6a-a8dc-11dd-bf0f-001e68c802af}\Shell\AutoRun\command - "" = D:\setupSNK.exe -- File not found
O33 - MountPoints2\{ee60c548-d8cf-11dd-b78a-001e68c802af}\Shell - "" = AutoRun
O33 - MountPoints2\{ee60c548-d8cf-11dd-b78a-001e68c802af}\Shell\AutoRun\command - "" = D:\EasySuite.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\Windows\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2010.12.27 18:48:47 | 000,000,000 | ---D | C] -- C:\avrescue
[2010.12.25 09:43:34 | 000,000,000 | ---D | C] -- C:\Users\Vorstand\Documents\My Games
[2010.12.25 09:43:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
[2010.12.23 10:59:55 | 000,000,000 | ---D | C] -- C:\Users\Vorstand\Documents\Meine Projekte
[2010.12.21 17:35:05 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.12.21 17:18:45 | 000,000,000 | ---D | C] -- C:\Programme\THQ
[2010.12.21 17:15:17 | 000,000,000 | -HSD | C] -- C:\Windows\ftpcache
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2010.12.27 19:16:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.27 19:00:03 | 000,000,296 | -H-- | M] () -- C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2010.12.27 19:00:01 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010.12.27 17:58:15 | 000,674,582 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.27 17:58:15 | 000,634,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.27 17:58:15 | 000,146,234 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.27 17:58:15 | 000,119,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.27 17:53:07 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.12.27 17:52:37 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.27 17:52:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 17:52:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 17:52:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.27 17:52:08 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.27 13:27:36 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{59A3F890-AC58-4510-ABC9-99777FA99D1B}.job
[2010.12.26 18:50:14 | 000,000,016 | -H-- | M] () -- C:\Users\Vorstand\Desktop\mxfilerelatedcache.mxc2
[2010.12.26 10:43:46 | 000,000,201 | ---- | M] () -- C:\Users\Vorstand\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2010.12.25 11:10:44 | 000,225,513 | ---- | M] () -- C:\Users\Vorstand\Documents\SchlittenfahrtimWald.jpg
[2010.12.25 10:39:56 | 000,068,608 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.25 09:43:49 | 000,000,680 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\d3d9caps.dat
[2010.12.23 11:45:12 | 000,000,484 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\wklnhst.dat
[2010.12.21 18:09:40 | 262,068,595 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.12.17 17:22:52 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.12.17 17:22:52 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.12.17 11:39:58 | 000,322,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.03 12:12:06 | 003,882,262 | ---- | M] () -- C:\Users\Vorstand\Documents\dsc07054.jpg
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2010.12.26 18:50:06 | 000,000,016 | -H-- | C] () -- C:\Users\Vorstand\Desktop\mxfilerelatedcache.mxc2
[2010.12.26 10:43:46 | 000,000,201 | ---- | C] () -- C:\Users\Vorstand\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2010.12.25 11:10:38 | 000,225,513 | ---- | C] () -- C:\Users\Vorstand\Documents\SchlittenfahrtimWald.jpg
[2010.12.21 17:34:57 | 262,068,595 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2010.12.03 12:11:12 | 003,882,262 | ---- | C] () -- C:\Users\Vorstand\Documents\dsc07054.jpg
[2010.10.22 15:47:38 | 000,000,009 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\mdb.bin
[2009.10.24 11:52:23 | 000,000,680 | ---- | C] () -- C:\Users\Vorstand\AppData\Local\d3d9caps.dat
[2009.08.09 21:17:45 | 000,117,248 | ---- | C] () -- C:\Windows\System32\EhStorAuthn.dll
[2009.08.03 14:07:42 | 000,403,816 | ---- | C] () -- C:\Windows\System32\OGACheckControl.dll
[2009.05.20 13:28:05 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2009.02.03 18:36:03 | 000,000,484 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\wklnhst.dat
[2008.11.06 16:49:38 | 000,024,206 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\UserTile.png
[2008.10.24 09:06:23 | 000,000,010 | ---- | C] () -- C:\Windows\msoffice.ini
[2008.10.15 09:32:40 | 000,000,235 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\devices.xml
[2008.10.15 09:32:40 | 000,000,012 | ---- | C] () -- C:\Users\Vorstand\AppData\Roaming\settings.xml
[2008.10.15 08:56:15 | 000,000,573 | ---- | C] () -- C:\ProgramData\hpzinstall.log
[2008.10.10 18:19:30 | 000,000,016 | -H-- | C] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.10.01 17:31:31 | 000,000,016 | -H-- | C] () -- C:\Users\Vorstand\AppData\Roaming\mxfilerelatedcache.mxc2
[2008.10.01 17:31:21 | 000,000,016 | -H-- | C] () -- C:\Users\Vorstand\AppData\Local\mxfilerelatedcache.mxc2
[2008.10.01 10:00:55 | 000,000,096 | ---- | C] () -- C:\Users\Vorstand\AppData\Local\fusioncache.dat
[2008.09.29 18:32:09 | 000,068,608 | ---- | C] () -- C:\Users\Vorstand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008.02.26 14:48:47 | 000,000,000 | ---- | C] () -- C:\Windows\NDSTray.INI
[2008.02.15 18:02:27 | 000,006,642 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2008.02.15 17:55:15 | 000,204,800 | ---- | C] () -- C:\Windows\System32\IVIresizeW7.dll
[2008.02.15 17:55:15 | 000,200,704 | ---- | C] () -- C:\Windows\System32\IVIresizeA6.dll
[2008.02.15 17:55:15 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeP6.dll
[2008.02.15 17:55:15 | 000,192,512 | ---- | C] () -- C:\Windows\System32\IVIresizeM6.dll
[2008.02.15 17:55:15 | 000,188,416 | ---- | C] () -- C:\Windows\System32\IVIresizePX.dll
[2008.02.15 17:55:15 | 000,020,480 | ---- | C] () -- C:\Windows\System32\IVIresize.dll
[2008.02.15 17:36:06 | 000,128,113 | ---- | C] () -- C:\Windows\System32\csellang.ini
[2008.02.15 17:36:06 | 000,045,056 | ---- | C] () -- C:\Windows\System32\csellang.dll
[2008.02.15 17:36:06 | 000,009,480 | ---- | C] () -- C:\Windows\System32\tosmreg.ini
[2008.02.15 17:36:06 | 000,007,671 | ---- | C] () -- C:\Windows\System32\cseltbl.ini
[2008.02.15 17:29:11 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
[2008.02.15 17:22:40 | 000,159,744 | ---- | C] () -- C:\Windows\System32\atitmmxx.dll
[2008.02.15 16:52:27 | 000,004,608 | ---- | C] () -- C:\Windows\System32\HdmiCoin.dll
[2008.02.15 16:52:24 | 000,147,456 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1329.dll
[2008.01.28 17:01:42 | 000,057,344 | ---- | C] () -- C:\Windows\System32\SmartFaceVCapt.dll
[2008.01.28 17:01:06 | 000,471,040 | ---- | C] () -- C:\Windows\System32\SmartFaceVCP.dll
[2008.01.28 16:53:02 | 006,701,056 | ---- | C] () -- C:\Windows\System32\FaceHI.dll
[2008.01.28 16:53:02 | 000,995,328 | ---- | C] () -- C:\Windows\System32\FaceRec.dll
[2008.01.28 16:53:02 | 000,126,976 | ---- | C] () -- C:\Windows\System32\SmartFaceVCtrl.dll
[2008.01.28 16:52:28 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IppLib.dll
[2007.12.21 16:46:32 | 000,118,784 | ---- | C] () -- C:\Windows\System32\TosBtAcc.dll
[2006.11.02 13:35:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll
[2006.11.02 11:25:26 | 000,557,568 | ---- | C] () -- C:\Windows\System32\hpotscl1.dll
[2006.11.02 08:40:29 | 000,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini
[2005.07.22 21:30:18 | 000,065,536 | ---- | C] () -- C:\Windows\System32\TosCommAPI.dll
[1997.10.17 23:00:00 | 000,022,016 | ---- | C] () -- C:\Windows\System32\DOCOBJ.DLL
[1997.10.17 23:00:00 | 000,012,288 | ---- | C] () -- C:\Windows\System32\HLINKPRX.DLL
 
========== LOP Check ==========
 
[2010.05.31 15:20:53 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Canon
[2010.11.27 16:50:43 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\com.prezi.PreziDesktop
[2010.12.16 23:03:58 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Defense Center
[2009.04.06 17:19:12 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\DesktopSMS
[2009.12.07 23:19:49 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\LG Electronics
[2009.01.20 18:39:56 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\MAGIX
[2010.08.25 20:16:46 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\myphotobook
[2008.11.06 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\PeerNetworking
[2009.01.01 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\ProtectDisc
[2009.05.20 13:33:29 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Red Alert 3
[2008.10.01 09:56:44 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\T-Online
[2009.02.03 18:36:46 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Template
[2008.11.17 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\TOSHIBA
[2010.08.13 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Ulead Systems
[2008.10.03 15:43:12 | 000,000,016 | -H-- | M] () -- C:\Windows\Tasks\mxfilerelatedcache.mxc2
[2010.12.27 15:19:12 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.27 13:27:36 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{59A3F890-AC58-4510-ABC9-99777FA99D1B}.job
[2010.12.27 19:00:01 | 000,000,302 | -H-- | M] () -- C:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010.12.27 19:00:03 | 000,000,296 | -H-- | M] () -- C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 761 bytes -> C:\Users\Vorstand\Documents\Fw_Threeships.eml:OECustomProperty
 
< End of report >
--- --- ---
[2010.12.27 19:23:47 | 002,883,584 | -HS- | M] () -- C:\Users\Vorstand\ntuser.dat
[2010.12.27 19:23:47 | 000,262,144 | -H-- | M] () -- C:\Users\Vorstand\ntuser.dat.LOG1
[2010.12.27 19:23:32 | 000,000,000 | R--D | M] -- C:\Users\Vorstand\Downloads
[2010.12.27 19:22:12 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Local\Temp
[2010.12.27 19:16:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.27 19:10:03 | 000,000,000 | R--D | M] -- C:\Users\Vorstand\Desktop
[2010.12.27 19:00:03 | 000,000,296 | -H-- | M] () -- C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2010.12.27 19:00:01 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010.12.27 17:58:15 | 001,568,228 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
[2010.12.27 17:58:15 | 000,674,582 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.27 17:58:15 | 000,634,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.27 17:58:15 | 000,146,234 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.27 17:58:15 | 000,119,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.27 17:53:07 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.12.27 17:52:37 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.27 17:52:25 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
[2010.12.27 17:52:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.27 15:19:10 | 000,524,288 | -HS- | M] () -- C:\Users\Vorstand\ntuser.dat{fc6e9761-0904-11e0-b0d2-ee7324ffcfc3}.TMContainer00000000000000000001.regtrans-ms
[2010.12.27 15:19:10 | 000,065,536 | -HS- | M] () -- C:\Users\Vorstand\ntuser.dat{fc6e9761-0904-11e0-b0d2-ee7324ffcfc3}.TM.blf
[2010.12.27 15:19:02 | 002,912,637 | -H-- | M] () -- C:\Users\Vorstand\AppData\Local\IconCache.db
[2010.12.27 13:27:36 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{59A3F890-AC58-4510-ABC9-99777FA99D1B}.job
[2010.12.26 18:50:14 | 000,000,016 | -H-- | M] () -- C:\Users\Vorstand\Desktop\mxfilerelatedcache.mxc2
[2010.12.26 10:43:46 | 000,000,201 | ---- | M] () -- C:\Users\Vorstand\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2010.12.25 11:10:44 | 000,225,513 | ---- | M] () -- C:\Users\Vorstand\Documents\SchlittenfahrtimWald.jpg
[2010.12.25 11:10:38 | 000,000,000 | R--D | M] -- C:\Users\Vorstand\Documents
[2010.12.25 10:39:56 | 000,068,608 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.25 09:43:49 | 000,000,680 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\d3d9caps.dat
[2010.12.25 09:43:08 | 000,000,000 | ---D | M] -- C:\ProgramData\Media Center Programs
[2010.12.23 11:45:12 | 000,000,484 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\wklnhst.dat
[2010.12.22 15:42:07 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\2009-04-27, Montag
[2010.12.22 14:51:30 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJ
[2010.12.22 14:41:26 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonIJPLM
[2010.12.21 18:28:44 | 000,000,000 | ---D | M] -- C:\Programme\Mozilla Firefox
[2010.12.21 18:27:37 | 000,000,000 | ---D | M] -- C:\Programme\Java
[2010.12.21 18:09:40 | 262,068,595 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.12.21 17:18:45 | 000,000,000 | ---D | M] -- C:\Programme\THQ
[2010.12.17 11:39:58 | 000,322,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.17 11:37:22 | 000,000,000 | ---D | M] -- C:\Programme\Windows Media Player
[2010.12.17 11:37:22 | 000,000,000 | ---D | M] -- C:\Programme\Windows Mail
[2010.12.17 11:37:22 | 000,000,000 | ---D | M] -- C:\Programme\Movie Maker
[2010.12.17 11:37:22 | 000,000,000 | ---D | M] -- C:\Programme\Internet Explorer
[2010.12.17 11:17:13 | 000,000,000 | ---D | M] -- C:\ProgramData\Microsoft Help
[2010.12.17 11:10:49 | 000,000,000 | ---D | M] -- C:\Programme\Microsoft Works
[2010.12.16 23:04:03 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\Services
[2010.12.16 23:03:59 | 000,000,000 | R--D | M] -- C:\Users\Vorstand\Links
[2010.12.16 23:03:58 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Defense Center
[2010.12.16 23:03:56 | 000,000,000 | -H-D | M] -- C:\ProgramData\CanonIJEGV
[2010.12.16 23:03:56 | 000,000,000 | ---D | M] -- C:\Programme\Top50 V4
[2010.12.16 23:03:55 | 000,000,000 | ---D | M] -- C:\Programme\QuickTime
[2010.12.16 23:03:41 | 000,000,000 | ---D | M] -- C:\Programme\AOL 9.0 VRa
[2010.12.16 23:03:41 | 000,000,000 | ---D | M] -- C:\Programme\AOL 9.0 VR
[2010.12.16 23:03:41 | 000,000,000 | ---D | M] -- C:\Programme\5_Field_Kuno
[2010.12.16 23:03:13 | 000,000,000 | ---D | M] -- C:\Programme\Common Files\Java
[2010.12.16 23:00:24 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2010.12.16 16:43:59 | 000,524,288 | -HS- | M] () -- C:\Users\Vorstand\ntuser.dat{fc6e9761-0904-11e0-b0d2-ee7324ffcfc3}.TMContainer00000000000000000002.regtrans-ms
[2010.12.16 13:46:42 | 000,524,288 | -HS- | M] () -- C:\Users\Vorstand\ntuser.dat{69ff2200-c688-11df-b572-95313e9566ce}.TMContainer00000000000000000001.regtrans-ms
[2010.12.16 13:46:42 | 000,065,536 | -HS- | M] () -- C:\Users\Vorstand\ntuser.dat{69ff2200-c688-11df-b572-95313e9566ce}.TM.blf
[2010.12.03 12:12:06 | 003,882,262 | ---- | M] () -- C:\Users\Vorstand\Documents\dsc07054.jpg
[2010.12.02 04:35:18 | 004,280,320 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[2010.10.22 15:47:38 | 000,000,009 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\mdb.bin
[2010.05.01 10:30:55 | 000,000,573 | ---- | M] () -- C:\ProgramData\hpzinstall.log
[2010.02.26 16:36:19 | 000,083,672 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\GDIPFONTCACHEV1.DAT
[2009.11.08 18:00:23 | 000,000,040 | ---- | M] () -- C:\ProgramData\ra3.ini
[2008.11.06 16:49:38 | 000,024,206 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\UserTile.png
[2008.10.20 16:59:38 | 000,000,235 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\devices.xml
[2008.10.20 16:59:38 | 000,000,012 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\settings.xml
[2008.10.10 18:19:30 | 000,000,016 | -H-- | M] () -- C:\ProgramData\mxfilerelatedcache.mxc2
[2008.10.01 17:31:31 | 000,000,016 | -H-- | M] () -- C:\Users\Vorstand\AppData\Roaming\mxfilerelatedcache.mxc2
[2008.10.01 17:31:31 | 000,000,016 | -H-- | M] () -- C:\Users\Vorstand\AppData\Local\mxfilerelatedcache.mxc2
[2008.10.01 10:00:55 | 000,000,096 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\fusioncache.dat
[2008.01.21 03:43:21 | 000,000,174 | -HS- | M] () -- C:\Programme\desktop.ini
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2010.12.27 19:16:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.12.27 19:00:03 | 000,000,296 | -H-- | M] () -- C:\Windows\tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job
[2010.12.27 19:00:01 | 000,000,302 | -H-- | M] () -- C:\Windows\tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010.12.27 17:58:15 | 000,674,582 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2010.12.27 17:58:15 | 000,634,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2010.12.27 17:58:15 | 000,146,234 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2010.12.27 17:58:15 | 000,119,964 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2010.12.27 17:53:07 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2010.12.27 17:52:37 | 000,001,092 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.12.27 17:52:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 17:52:22 | 000,003,616 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2010.12.27 17:52:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2010.12.27 17:52:08 | 3219,578,880 | -HS- | M] () -- C:\hiberfil.sys
[2010.12.27 13:27:36 | 000,000,424 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{59A3F890-AC58-4510-ABC9-99777FA99D1B}.job
[2010.12.26 18:50:14 | 000,000,016 | -H-- | M] () -- C:\Users\Vorstand\Desktop\mxfilerelatedcache.mxc2
[2010.12.26 10:43:46 | 000,000,201 | ---- | M] () -- C:\Users\Vorstand\Desktop\CD-Laufwerk - Verknüpfung.lnk
[2010.12.25 11:10:44 | 000,225,513 | ---- | M] () -- C:\Users\Vorstand\Documents\SchlittenfahrtimWald.jpg
[2010.12.25 10:39:56 | 000,068,608 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.12.25 09:43:49 | 000,000,680 | ---- | M] () -- C:\Users\Vorstand\AppData\Local\d3d9caps.dat
[2010.12.23 11:45:12 | 000,000,484 | ---- | M] () -- C:\Users\Vorstand\AppData\Roaming\wklnhst.dat
[2010.12.21 18:09:40 | 262,068,595 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2010.12.17 17:22:52 | 000,135,096 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2010.12.17 17:22:52 | 000,061,960 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2010.12.17 11:39:58 | 000,322,048 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2010.12.03 12:12:06 | 003,882,262 | ---- | M] () -- C:\Users\Vorstand\Documents\dsc07054.jpg
[2010.12.02 04:35:18 | 004,280,320 | ---- | M] (Google Inc.) -- C:\Windows\System32\GPhotos.scr
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== LOP Check ==========

[2010.05.31 15:20:53 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Canon
[2010.11.27 16:50:43 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\com.prezi.PreziDesktop
[2010.12.16 23:03:58 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Defense Center
[2009.04.06 17:19:12 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\DesktopSMS
[2009.12.07 23:19:49 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\LG Electronics
[2009.01.20 18:39:56 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\MAGIX
[2010.08.25 20:16:46 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\myphotobook
[2008.11.06 16:49:38 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\PeerNetworking
[2009.01.01 20:52:57 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\ProtectDisc
[2009.05.20 13:33:29 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Red Alert 3
[2008.10.01 09:56:44 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\T-Online
[2009.02.03 18:36:46 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Template
[2008.11.17 16:25:42 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\TOSHIBA
[2010.08.13 23:28:45 | 000,000,000 | ---D | M] -- C:\Users\Vorstand\AppData\Roaming\Ulead Systems
[2008.10.03 15:43:12 | 000,000,016 | -H-- | M] () -- C:\Windows\Tasks\mxfilerelatedcache.mxc2
[2010.12.27 15:19:12 | 000,032,538 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2010.12.27 13:27:36 | 000,000,424 | -H-- | M] () -- C:\Windows\Tasks\User_Feed_Synchronization-{59A3F890-AC58-4510-ABC9-99777FA99D1B}.job
[2010.12.27 19:00:01 | 000,000,302 | -H-- | M] () -- C:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job
[2010.12.27 19:00:03 | 000,000,296 | -H-- | M] () -- C:\Windows\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 761 bytes -> C:\Users\Vorstand\Documents\Fw_Threeships.eml:OECustomProperty

< End of report >

cosinus 27.12.2010 20:52
Zitat:
whatever shit
ist hier noch was zu retten???
Unter eine detailierte Fehlerbeschreibung stell ich mir aber was anderes vor :pfeiff:

paulo3d 27.12.2010 21:46
andauernd spring avira auf und sagt, dass es TR/Crypt.XPACK.Gen3' auf dem rechner gibt.
kann man den wieder los werden????

cosinus 27.12.2010 22:56
Immer die genauen Schädlingsnamen und Pfadangaben notieren und posten!

Aus den Regeln:

5. Beschreibe Dein Problem in einigen Sätzen und arbeite diese Anleitung ab Punkt 2. durch
Auch Funde von deiner Sicherheitssoftware bitte im Thema nennen: (z.B. c:\windows\virus.exe)
Fehlen diese Angaben, kann und wird dir hier niemand helfen.

paulo3d 28.12.2010 17:06
ok hier ist die exakte meldung von avira

Die Datei 'C:\Windows\PRAGMAtmidnueixc\PRAGMAc.dll'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26003.
Die Datei konnte nicht gelöscht werden!
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Fehler in der ARK Library.

cosinus 28.12.2010 19:19
Bitte routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss!

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!


Alle Zeitangaben in WEZ +1. Es ist jetzt 00:54 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129