| Alesana91 | 24.07.2011 12:20 |
Hallo kira, erstmal danke das du dir meine Probleme annimmst :)
Punkt 1. Proxyserver ist auf "Kein Proxy" gestellt.
2. Malwarebytes Log hab ich nur eins von vorgestern, einen Quickscan, wo es auch einen Trojaner gefunden hat, was ich oben vergessen hab zu erwähnen und als es mir einfiel war die Editierzeit vorbei und Doppelpost ist ja verboten. Und einen Vollscan von gestern. Hier das erste Log von vorgestern mit Virus: (ich hoffe ich bekomm den Tag hin) Code:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7234
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
22.07.2011 23:25:26
mbam-log-2011-07-22 (23-25-26).txt
Art des Suchlaufs: Quick-Scan
Durchsuchte Objekte: 170203
Laufzeit: 5 Minute(n), 10 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 1
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
HKEY_CURRENT_USER\SOFTWARE\Invictus (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Und hier das Zweite, der Fullscan: Code:
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Datenbank Version: 7234
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
23.07.2011 18:24:30
mbam-log-2011-07-23 (18-24-30).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)
Durchsuchte Objekte: 320435
Laufzeit: 1 Stunde(n), 17 Minute(n), 32 Sekunde(n)
Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0
Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)
Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
Punkt 3 ist auch erledigt.
Punkt 4. Log von HJTScanlist: Code:
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
º º
hjtscanlist v2.0
º º
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Microsoft Windows [Version 6.1.7601]
C:
C:\pagefile.sys ---------
C:\hiberfil.sys ---------
24.07.2011 04:04 C:\Program Files --------- 32768
24.07.2011 04:03 C:\System Volume Information --------- 32768
24.07.2011 04:01 C:\Windows --------- 32768
24.07.2011 03:51 C:\ProgramData --------- 8192
10.03.2011 16:43 C:\Boot --------- 4096
26.01.2011 19:19 C:\.rnd --------- 1024
05.01.2011 01:11 C:\test.log --------- 54204
20.11.2010 14:40 C:\bootmgr --------- 383786
18.11.2010 03:51 C:\ATI --------- 0
17.11.2010 21:56 C:\$Recycle.Bin --------- 0
17.11.2010 21:55 C:\Users --------- 4096
17.11.2010 21:53 C:\w7ldr --------- 171136
17.11.2010 21:52 C:\Recovery --------- 0
17.11.2010 21:45 C:\BOOTSECT.BAK --------- 8192
17.11.2010 21:45 C:\Boot.ini.saved --------- 469
17.11.2010 17:34 C:\IO.SYS --------- 0
17.11.2010 17:34 C:\MSDOS.SYS --------- 0
17.11.2010 17:29 C:\Boot.BAK --------- 325
14.07.2009 04:37 C:\PerfLogs --------- 0
10.06.2009 23:42 C:\autoexec.bat --------- 24
10.06.2009 23:42 C:\config.sys --------- 10
14.04.2008 00:01 C:\ntldr --------- 251712
13.04.2008 22:13 C:\NTDETECT.COM --------- 47564
23.08.2001 14:00 C:\bootfont.bin --------- 4952
----------------------------------------
C:\Windows
24.07.2011 12:46 C:\Windows\setupact.log --------- 21269
24.07.2011 12:45 C:\Windows\bootstat.dat --------- 67584
24.07.2011 12:49 C:\Windows\WindowsUpdate.log --------- 1491832
24.07.2011 03:58 C:\Windows\PFRO.log --------- 103144
24.07.2011 02:50 C:\Windows\ODBCINST.INI --------- 23
14.07.2011 18:36 C:\Windows\DirectX.log --------- 490352
20.04.2011 17:59 C:\Windows\IE9_main.log --------- 4591
12.04.2011 16:58 C:\Windows\AVMInstall.Log --------- 16437
12.04.2011 16:58 C:\Windows\avmacc.log --------- 8827
12.04.2011 16:58 C:\Windows\avmadd32.log --------- 2254
12.04.2011 16:58 C:\Windows\avmsetup.log --------- 6424
12.04.2011 16:58 C:\Windows\avmfwlanci.log --------- 19841
25.02.2011 07:30 C:\Windows\explorer.exe --------- 2616320
04.02.2011 02:26 C:\Windows\setuperr.log --------- 0
21.01.2011 22:13 C:\Windows\TADSUINS.EXE --------- 65536
12.12.2010 05:02 C:\Windows\iun6002.exe --------- 737280
20.11.2010 14:21 C:\Windows\twain_32.dll --------- 51200
20.11.2010 14:16 C:\Windows\bfsvc.exe --------- 65024
17.11.2010 21:48 C:\Windows\ativpsrm.bin --------- 0
28.10.2010 11:46 C:\Windows\RtlExUpd.dll --------- 1251944
14.07.2009 06:54 C:\Windows\win.ini --------- 403
14.07.2009 06:41 C:\Windows\WindowsShell.Manifest --------- 749
14.07.2009 03:14 C:\Windows\write.exe --------- 9216
14.07.2009 03:14 C:\Windows\winhlp32.exe --------- 9728
14.07.2009 03:14 C:\Windows\twunk_32.exe --------- 31232
14.07.2009 03:14 C:\Windows\regedit.exe --------- 398336
14.07.2009 03:14 C:\Windows\notepad.exe --------- 179712
14.07.2009 03:14 C:\Windows\hh.exe --------- 15360
14.07.2009 03:14 C:\Windows\HelpPane.exe --------- 497152
14.07.2009 03:14 C:\Windows\fveupdate.exe --------- 13824
14.07.2009 00:58 C:\Windows\mib.bin --------- 43131
17.06.2009 08:53 C:\Windows\atiogl.xml --------- 18333
10.06.2009 23:46 C:\Windows\system.ini --------- 219
10.06.2009 23:42 C:\Windows\_default.pif --------- 707
10.06.2009 23:42 C:\Windows\winhelp.exe --------- 256192
10.06.2009 23:41 C:\Windows\twunk_16.exe --------- 49680
10.06.2009 23:41 C:\Windows\twain.dll --------- 94784
10.06.2009 23:34 C:\Windows\WMSysPr9.prx --------- 316640
10.06.2009 23:19 C:\Windows\msdfmap.ini --------- 1405
10.06.2009 23:14 C:\Windows\Ultimate.xml --------- 51867
10.06.2009 23:14 C:\Windows\Starter.xml --------- 48201
05.09.2008 03:01 C:\Windows\instwcli.dex --------- 480560
05.09.2008 03:01 C:\Windows\instwcli.inf --------- 12976
----------------------------------------
C:\Windows\System
13.07.2009 23:41 C:\Windows\System\OLESVR.DLL --------- 24064
13.07.2009 23:41 C:\Windows\System\WFWNET.DRV --------- 12704
13.07.2009 23:41 C:\Windows\System\COMMDLG.DLL --------- 32816
13.07.2009 23:41 C:\Windows\System\TIMER.DRV --------- 4048
13.07.2009 23:41 C:\Windows\System\MMSYSTEM.DLL --------- 68992
13.07.2009 23:41 C:\Windows\System\mmtask.tsk --------- 1152
13.07.2009 23:41 C:\Windows\System\mouse.drv --------- 2032
13.07.2009 23:41 C:\Windows\System\vga.drv --------- 2176
13.07.2009 23:41 C:\Windows\System\sound.drv --------- 1744
13.07.2009 23:41 C:\Windows\System\keyboard.drv --------- 2000
13.07.2009 23:41 C:\Windows\System\SHELL.DLL --------- 5120
13.07.2009 23:41 C:\Windows\System\system.drv --------- 3360
10.06.2009 23:42 C:\Windows\System\ver.dll --------- 9008
10.06.2009 23:42 C:\Windows\System\olecli.dll --------- 82944
10.06.2009 23:42 C:\Windows\System\lzexpand.dll --------- 9936
10.06.2009 23:25 C:\Windows\System\stdole.tlb --------- 5532
10.06.2009 23:21 C:\Windows\System\msvideo.dll --------- 126912
10.06.2009 23:21 C:\Windows\System\mciwave.drv --------- 28160
10.06.2009 23:21 C:\Windows\System\mciseq.drv --------- 25264
10.06.2009 23:21 C:\Windows\System\mciavi.drv --------- 73376
10.06.2009 23:21 C:\Windows\System\avifile.dll --------- 109456
10.06.2009 23:21 C:\Windows\System\avicap.dll --------- 69584
09.11.2007 06:10 C:\Windows\System\rtl8187B.sys --------- 288768
----------------------------------------
C:\Windows\System32
24.07.2011 12:51 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 14016
24.07.2011 12:51 C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 14016
24.07.2011 12:46 C:\Windows\system32\config --------- 24576
24.07.2011 04:03 C:\Windows\system32\catroot2 --------- 20480
24.07.2011 03:59 C:\Windows\system32\FNTCACHE.DAT --------- 3742456
24.07.2011 03:39 C:\Windows\system32\heroglyph-protocol.txt --------- 3184
23.07.2011 01:12 C:\Windows\system32\drivers --------- 65536
23.07.2011 01:12 C:\Windows\system32\catroot --------- 4096
23.07.2011 01:12 C:\Windows\system32\DriverStore --------- 4096
22.07.2011 01:37 C:\Windows\system32\DRVSTORE --------- 0
14.07.2011 03:01 C:\Windows\system32\MRT.exe --------- 49089992
12.07.2011 17:47 C:\Windows\system32\wrap_oal.dll --------- 444952
12.07.2011 17:47 C:\Windows\system32\OpenAL32.dll --------- 109080
05.07.2011 14:23 C:\Windows\system32\perfh009.dat --------- 616682
05.07.2011 14:23 C:\Windows\system32\perfc009.dat --------- 107062
05.07.2011 14:23 C:\Windows\system32\perfh007.dat --------- 655842
05.07.2011 14:23 C:\Windows\system32\perfc007.dat --------- 130722
05.07.2011 14:23 C:\Windows\system32\PerfStringBackup.INI --------- 1498506
29.06.2011 01:17 C:\Windows\system32\Tasks --------- 4096
28.06.2011 16:03 C:\Windows\system32\initdebug.nfo --------- 45
18.06.2011 13:04 C:\Windows\system32\FlashPlayerCPLApp.cpl --------- 404640
11.06.2011 21:04 C:\Windows\system32\jupdate-1.6.0_26-b03.log --------- 3886
11.06.2011 04:29 C:\Windows\system32\win32k.sys --------- 2334208
03.06.2011 08:01 C:\Windows\system32\winsrv.dll --------- 169984
03.06.2011 07:59 C:\Windows\system32\KernelBase.dll --------- 290816
03.06.2011 07:56 C:\Windows\system32\conhost.exe --------- 271872
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll --------- 4096
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll --------- 4096
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll --------- 4608
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll --------- 3584
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll --------- 3584
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll --------- 4096
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll --------- 3584
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll --------- 4096
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll --------- 4096
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll --------- 3584
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll --------- 3584
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll --------- 3584
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll --------- 5120
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll --------- 3072
03.06.2011 07:47 C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll --------- 3072
03.06.2011 05:48 C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll --------- 3584
03.06.2011 05:48 C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll --------- 3072
03.06.2011 05:48 C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll --------- 4608
03.06.2011 05:48 C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll --------- 6144
24.05.2011 23:44 C:\Windows\system32\OVDecode.dll --------- 59904
24.05.2011 23:44 C:\Windows\system32\OpenCL.dll --------- 51712
24.05.2011 23:43 C:\Windows\system32\amdocl.dll --------- 12798976
24.05.2011 19:14 C:\Windows\system32\MpSigStub.exe --------- 222080
24.05.2011 12:44 C:\Windows\system32\umpnpmgr.dll --------- 293376
14.05.2011 08:26 C:\Windows\system32\kernel32.dll --------- 868352
04.05.2011 06:34 C:\Windows\system32\tquery.dll --------- 1549312
04.05.2011 06:32 C:\Windows\system32\mssvp.dll --------- 666624
04.05.2011 06:32 C:\Windows\system32\mssrch.dll --------- 1401344
04.05.2011 06:32 C:\Windows\system32\mssphtb.dll --------- 197120
04.05.2011 06:32 C:\Windows\system32\mssph.dll --------- 337408
04.05.2011 06:32 C:\Windows\system32\msscntrs.dll --------- 59392
04.05.2011 06:28 C:\Windows\system32\SearchProtocolHost.exe --------- 164352
04.05.2011 06:28 C:\Windows\system32\SearchIndexer.exe --------- 427520
04.05.2011 06:28 C:\Windows\system32\SearchFilterHost.exe --------- 86528
04.05.2011 04:52 C:\Windows\system32\javaws.exe --------- 157472
04.05.2011 04:52 C:\Windows\system32\javaw.exe --------- 145184
04.05.2011 04:52 C:\Windows\system32\java.exe --------- 145184
04.05.2011 04:52 C:\Windows\system32\deployJava1.dll --------- 472808
03.05.2011 06:30 C:\Windows\system32\inetcomm.dll --------- 741376
27.04.2011 18:55 C:\Windows\system32\de-DE --------- 393216
25.04.2011 19:27 C:\Windows\system32\NDF --------- 0
23.04.2011 01:36 C:\Windows\system32\mshtml.dll --------- 12269056
23.04.2011 01:35 C:\Windows\system32\jscript9.dll --------- 1797632
23.04.2011 01:32 C:\Windows\system32\ieframe.dll --------- 9703936
23.04.2011 01:30 C:\Windows\system32\urlmon.dll --------- 1102336
23.04.2011 01:26 C:\Windows\system32\jscript.dll --------- 716800
23.04.2011 01:26 C:\Windows\system32\iertutil.dll --------- 1785344
23.04.2011 01:26 C:\Windows\system32\mshtmled.dll --------- 72704
23.04.2011 01:25 C:\Windows\system32\mshtml.tlb --------- 2382848
23.04.2011 01:24 C:\Windows\system32\ieui.dll --------- 176640
20.04.2011 18:00 C:\Windows\system32\migration --------- 0
20.04.2011 18:00 C:\Windows\system32\wbem --------- 65536
20.04.2011 18:00 C:\Windows\system32\en-US --------- 49152
20.04.2011 17:58 C:\Windows\system32\RegisterIEPKEYs.exe --------- 74752
20.04.2011 17:58 C:\Windows\system32\msls31.dll --------- 161792
20.04.2011 17:58 C:\Windows\system32\wininet.dll --------- 1126912
20.04.2011 17:58 C:\Windows\system32\jsproxy.dll --------- 65024
20.04.2011 17:58 C:\Windows\system32\msrating.dll --------- 162304
20.04.2011 17:58 C:\Windows\system32\msfeedssync.exe --------- 10752
20.04.2011 17:58 C:\Windows\system32\msfeedsbs.dll --------- 41472
20.04.2011 17:58 C:\Windows\system32\IEAdvpack.dll --------- 110592
20.04.2011 17:58 C:\Windows\system32\ieakeng.dll --------- 130560
20.04.2011 17:58 C:\Windows\system32\SetIEInstalledDate.exe --------- 76800
20.04.2011 17:58 C:\Windows\system32\iesysprep.dll --------- 86528
20.04.2011 17:58 C:\Windows\system32\mshtmler.dll --------- 48640
----------------------------------------
C:\Windows\Prefetch
----------------------------------------
C:\Windows\Tasks
24.07.2011 12:46 C:\Windows\Tasks\SA.DAT --------- 6
17.05.2011 12:56 C:\Windows\Tasks\SCHEDLGU.TXT --------- 32640
----------------------------------------
C:\Windows\Temp
24.07.2011 12:46 C:\Windows\Temp\lpksetup-20110724-124617-0.log --------- 3500
24.07.2011 04:06 C:\Windows\Temp\fwtsqmfile01.sqm --------- 608
24.07.2011 03:59 C:\Windows\Temp\lpksetup-20110724-035932-0.log --------- 3500
23.07.2011 13:40 C:\Windows\Temp\fwtsqmfile00.sqm --------- 608
23.07.2011 12:49 C:\Windows\Temp\lpksetup-20110723-124916-0.log --------- 3500
22.07.2011 23:39 C:\Windows\Temp\History --------- 0
22.07.2011 23:39 C:\Windows\Temp\Cookies --------- 0
16.06.2011 02:53 C:\Windows\Temp\KB2478663_10.0.30319 --------- 0
16.06.2011 02:50 C:\Windows\Temp\KB2518870_10.0.30319 --------- 0
05.06.2011 21:00 C:\Windows\Temp\Temporary Internet Files --------- 0
15.04.2011 02:18 C:\Windows\Temp\KB2446708_10.0.30319 --------- 0
14.02.2011 01:50 C:\Windows\Temp\vmware-SYSTEM --------- 0
----------------------------------------
C:\Users\Matthias\AppData\Local\Temp
24.07.2011 12:51 C:\Users\Matthias\AppData\Local\Temp\jusched.log --------- 1424
24.07.2011 12:46 C:\Users\Matthias\AppData\Local\Temp\WPDNSE --------- 0
24.07.2011 04:01 C:\Users\Matthias\AppData\Local\Temp\07240401000006c46td34rh6gq --------- 0
24.07.2011 04:01 C:\Users\Matthias\AppData\Local\Temp\07240401000006c40z2z13il1d --------- 0
24.07.2011 04:01 C:\Users\Matthias\AppData\Local\Temp\07240401000006c46h5h5o4m8a --------- 0
24.07.2011 04:01 C:\Users\Matthias\AppData\Local\Temp\07240401000006c4fy68eqvw3j --------- 0
24.07.2011 04:00 C:\Users\Matthias\AppData\Local\Temp\07240400000006c4kb8nqwaofw --------- 0
24.07.2011 03:55 C:\Users\Matthias\AppData\Local\Temp\MessengerCache --------- 0
17.11.2010 21:56 C:\Users\Matthias\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0
----------------------------------------
C:\Program Files
24.07.2011 04:03 C:\Program Files\Windows Live --------- 4096
24.07.2011 03:51 C:\Program Files\Electronic Arts --------- 4096
24.07.2011 03:37 C:\Program Files\Common Files --------- 4096
24.07.2011 03:13 C:\Program Files\InstallShield Installation Information --------- 8192
23.07.2011 01:07 C:\Program Files\Microsoft.NET --------- 0
22.07.2011 23:18 C:\Program Files\Malwarebytes' Anti-Malware --------- 4096
22.07.2011 01:32 C:\Program Files\Internet Explorer --------- 4096
21.07.2011 04:00 C:\Program Files\JDownloader --------- 4096
16.07.2011 23:58 C:\Program Files\Winamp --------- 4096
16.07.2011 23:57 C:\Program Files\Winamp Detect --------- 0
14.07.2011 19:32 C:\Program Files\AMD APP --------- 0
12.07.2011 17:47 C:\Program Files\OpenAL --------- 0
29.06.2011 23:09 C:\Program Files\ICQ7.5 --------- 16384
29.06.2011 01:17 C:\Program Files\Ask.com --------- 4096
26.06.2011 17:30 C:\Program Files\Adobe --------- 0
21.06.2011 18:20 C:\Program Files\Mozilla Firefox --------- 40960
16.06.2011 02:57 C:\Program Files\Microsoft Silverlight --------- 4096
11.06.2011 21:04 C:\Program Files\Java --------- 4096
14.05.2011 17:13 C:\Program Files\SopCast --------- 4096
07.05.2011 20:37 C:\Program Files\Unleashed --------- 0
01.05.2011 12:46 C:\Program Files\WinRAR --------- 8192
26.04.2011 00:50 C:\Program Files\OO Software --------- 0
12.04.2011 16:58 C:\Program Files\avmwlanstick --------- 4096
16.03.2011 22:43 C:\Program Files\Yuna Software --------- 0
10.03.2011 16:38 C:\Program Files\Windows Mail --------- 4096
10.03.2011 16:38 C:\Program Files\Windows Sidebar --------- 4096
10.03.2011 16:38 C:\Program Files\DVD Maker --------- 4096
10.03.2011 16:38 C:\Program Files\Windows Portable Devices --------- 0
10.03.2011 16:38 C:\Program Files\Windows Media Player --------- 4096
10.03.2011 16:38 C:\Program Files\Windows Journal --------- 4096
10.03.2011 16:38 C:\Program Files\Windows Photo Viewer --------- 4096
10.03.2011 16:38 C:\Program Files\Windows Defender --------- 4096
05.02.2011 16:37 C:\Program Files\Elaborate Bytes --------- 0
05.02.2011 01:10 C:\Program Files\EA GAMES --------- 0
01.02.2011 15:34 C:\Program Files\MSXML 4.0 --------- 0
29.01.2011 21:54 C:\Program Files\Auslogics --------- 0
19.01.2011 03:41 C:\Program Files\WMV9_VCM --------- 4096
16.01.2011 17:21 C:\Program Files\CyberLink --------- 0
14.01.2011 18:55 C:\Program Files\Microsoft WSE --------- 0
12.01.2011 18:56 C:\Program Files\Trend Micro --------- 0
12.01.2011 16:23 C:\Program Files\Microsoft Games --------- 4096
09.01.2011 04:12 C:\Program Files\Call of Duty Modern Warfare 2 --------- 4096
21.12.2010 18:54 C:\Program Files\Epson Software --------- 0
21.12.2010 18:53 C:\Program Files\EPSON --------- 0
12.12.2010 05:03 C:\Program Files\Codec Pack - All In 1 --------- 4096
03.12.2010 01:50 C:\Program Files\Realtek --------- 0
18.11.2010 15:04 C:\Program Files\Pando Networks --------- 0
18.11.2010 03:52 C:\Program Files\ATI Technologies --------- 0
18.11.2010 03:52 C:\Program Files\ATI --------- 0
18.11.2010 02:04 C:\Program Files\System Control Manager --------- 4096
18.11.2010 01:57 C:\Program Files\Temp --------- 0
17.11.2010 21:52 C:\Program Files\Windows NT --------- 4096
17.11.2010 21:52 C:\Program Files\Gemeinsame Dateien --------- 0
17.11.2010 21:10 C:\Program Files\OpenOffice.org 3 --------- 4096
17.11.2010 21:08 C:\Program Files\CDBurnerXP --------- 8192
17.11.2010 20:50 C:\Program Files\Real --------- 0
17.11.2010 20:44 C:\Program Files\VideoLAN --------- 0
17.11.2010 20:44 C:\Program Files\IrfanView --------- 4096
17.11.2010 20:32 C:\Program Files\DivX --------- 4096
17.11.2010 19:33 C:\Program Files\Avira --------- 0
17.11.2010 19:12 C:\Program Files\Microsoft --------- 0
14.07.2009 06:53 C:\Program Files\Uninstall Information --------- 0
14.07.2009 06:52 C:\Program Files\MSBuild --------- 0
14.07.2009 06:52 C:\Program Files\Reference Assemblies --------- 0
14.07.2009 06:41 C:\Program Files\desktop.ini --------- 174
----------------------------------------
C:\ProgramData\..
Matthias
Public
All Users
Default User
Default
desktop.ini
----------------------------------------
C:\Windows\system32\drivers\etc\hosts
ECHO ist ausgeschaltet (OFF).
----------------------------------------
Abbildname PID Sitzungsname Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process 0 Services 0 24 K
System 4 Services 0 11.804 K
smss.exe 280 Services 0 828 K
csrss.exe 548 Services 0 3.384 K
wininit.exe 624 Services 0 3.420 K
csrss.exe 636 Console 1 5.284 K
services.exe 684 Services 0 10.124 K
lsass.exe 692 Services 0 8.416 K
lsm.exe 700 Services 0 3.148 K
winlogon.exe 784 Console 1 4.656 K
svchost.exe 860 Services 0 7.052 K
svchost.exe 948 Services 0 5.940 K
atiesrxx.exe 996 Services 0 3.068 K
svchost.exe 1068 Services 0 17.240 K
svchost.exe 1124 Services 0 55.588 K
svchost.exe 1148 Services 0 25.064 K
audiodg.exe 1240 Services 0 14.892 K
svchost.exe 1296 Services 0 11.088 K
svchost.exe 1384 Services 0 10.308 K
atieclxx.exe 1440 Console 1 4.208 K
spoolsv.exe 1560 Services 0 10.584 K
sched.exe 1604 Services 0 1.568 K
svchost.exe 1624 Services 0 12.276 K
armsvc.exe 1776 Services 0 2.940 K
avguard.exe 1800 Services 0 88.148 K
WLanNetService.exe 1828 Services 0 5.332 K
E_S40ST7.EXE 1884 Services 0 2.760 K
E_S40RP7.EXE 1928 Services 0 2.292 K
MSIService.exe 1964 Services 0 3.772 K
avshadow.exe 2016 Services 0 3.356 K
conhost.exe 2036 Services 0 2.156 K
WmiPrvSE.exe 2112 Services 0 5.196 K
avwebgrd.exe 2408 Services 0 8.780 K
svchost.exe 2468 Services 0 3.712 K
TrustedInstaller.exe 2760 Services 0 6.488 K
svchost.exe 2828 Services 0 4.872 K
dwm.exe 3100 Console 1 26.068 K
explorer.exe 3192 Console 1 60.672 K
taskhost.exe 3208 Console 1 4.620 K
avgnt.exe 3356 Console 1 3.760 K
RtHDVCpl.exe 3396 Console 1 8.108 K
MGSysCtrl.exe 3420 Console 1 7.936 K
WLanGUI.exe 3500 Console 1 4.896 K
jusched.exe 3508 Console 1 3.464 K
Updater.exe 3528 Console 1 4.860 K
MOM.exe 3560 Console 1 3.880 K
unsecapp.exe 3588 Console 1 3.900 K
CCC.exe 3840 Console 1 5.236 K
svchost.exe 3976 Services 0 17.600 K
wmpnetwk.exe 2236 Services 0 4.592 K
svchost.exe 2788 Services 0 10.960 K
firefox.exe 1200 Console 1 117.000 K
mbamservice.exe 2000 Services 0 5.124 K
svchost.exe 2044 Services 0 6.944 K
cmd.exe 2980 Console 1 3.192 K
conhost.exe 2940 Console 1 4.428 K
dllhost.exe 2100 Console 1 3.924 K
tasklist.exe 3952 Console 1 4.256 K
WmiPrvSE.exe 2876 Services 0 4.868 K
***** Ende des Scans 24.07.2011 um 12:54:51,93 ***
Punkt 5. Alle Installierten Programme: Code:
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 22.11.2010 6,00MB 10.1.102.64
Adobe Flash Player 10 Plugin Adobe Systems Incorporated 17.06.2011 6,00MB 10.3.181.26
Adobe Reader X (10.1.0) - Deutsch Adobe Systems Incorporated 25.06.2011 165,3MB 10.1.0
Adobe Shockwave Player 11.5 Adobe Systems, Inc. 02.01.2011 11.5.9.615
ATI Catalyst Install Manager ATI Technologies, Inc. 13.07.2011 16,6MB 3.0.829.0
Auslogics BoostSpeed Auslogics Software Pty Ltd 28.01.2011 39,1MB 5.0
Avira AntiVir Personal - Free Antivirus Avira GmbH 29.06.2011 70,7MB 10.2.0.696
Avira SearchFree Toolbar plus WebGuard Ask.com 28.06.2011 3,64MB 1.12.2.0
AVM FRITZ!WLAN AVM Berlin 11.04.2011
Call of Duty Modern Warfare 2 08.01.2011
CCleaner Piriform 23.07.2011 3.08
CDBurnerXP CDBurnerXP 16.11.2010 11,9MB 4.3.7.2423
Codec Pack - All In 1 6.0.3.0 11.12.2010
CyberLink YouCam CyberLink Corp. 15.01.2011 254MB 4.0.0820
DivX-Setup DivX, Inc. 16.11.2010 2.1.2.2
Epson Easy Photo Print 2 SEIKO EPSON CORPORATION 20.12.2010 2.1.0.0
EPSON S21 Series Printer Uninstall SEIKO EPSON Corporation 20.12.2010
Epson Stylus S21_T21_T27 Handbuch 20.12.2010
HiJackThis Trend Micro 11.01.2011 0,36MB 1.0.0
ICQ7.5 ICQ 03.05.2011 7.5
IrfanView (remove only) Irfan Skiljan 01.02.2011 1,50MB 4.28
Java(TM) 6 Update 26 Oracle 16.11.2010 95,0MB 6.0.260
JDownloader AppWork UG (haftungsbeschränkt) 03.01.2011
Malwarebytes' Anti-Malware Version 1.51.1.1800 Malwarebytes Corporation 21.07.2011 13,4MB 1.51.1.1800
Messenger Plus! 5 Yuna Software 15.03.2011 5.01.0.706
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 01.02.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 01.02.2011 2,94MB 4.0.30319
Microsoft Silverlight Microsoft Corporation 15.06.2011 100,2MB 4.0.60531.0
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 11.07.2011 2,38MB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 19.04.2011 0,58MB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Corporation 25.01.2011 4,31MB 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 10.01.2011 0,23MB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 16.11.2010 0,58MB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 15.06.2011 0,59MB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Corporation 19.04.2011 11,0MB 10.0.30319
Microsoft Windows Media Video 9 VCM 18.01.2011
Microsoft WSE 3.0 Runtime Microsoft Corp. 13.01.2011 0,92MB 3.0.5305.0
Mozilla Firefox 5.0 (x86 de) Mozilla 20.06.2011 32,5MB 5.0
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 31.01.2011 35,00KB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 31.01.2011 1,33MB 4.20.9876.0
Need for Speed™ Most Wanted 04.02.2011
O&O DiskRecovery O&O Software GmbH 25.04.2011 15,4MB 7.0.6476
OpenAL 11.07.2011
OpenOffice.org 3.2 OpenOffice.org 16.11.2010 363MB 3.2.9502
Pando Media Booster Pando Networks Inc. 17.11.2010 5,47MB 2.3.4.8
Portal 2 06.05.2011
RealPlayer RealNetworks 01.02.2011
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 17.11.2010 6.0.1.6235
SopCast 3.3.2 www.sopcast.com 13.05.2011 3.3.2
System Control Manager Micro-Star International Co., Ltd. 17.11.2010 2.209.0629.004.07
VirtualCloneDrive Elaborate Bytes 04.02.2011
VLC media player 1.1.9 VideoLAN 19.04.2011 1.1.9
Winamp Nullsoft, Inc 15.07.2011 5.621
Winamp Erkennungs-Plug-in Nullsoft, Inc 15.07.2011 12,00KB 1.0.0.1
Windows Live Essentials Microsoft Corporation 16.11.2010 14.0.8117.0416
WinRAR 4.00 (32-Bit) win.rar GmbH 29.04.2011 4.00.0
und Punkt 6. Log von OTL (neu): Code:
OTL logfile created on: 24.07.2011 13:00:56 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Matthias\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 70,33% Memory free
6,00 Gb Paging File | 4,92 Gb Available in Paging File | 82,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 182,30 Gb Total Space | 124,39 Gb Free Space | 68,23% Space Free | Partition Type: NTFS
Drive D: | 273,46 Gb Total Space | 164,25 Gb Free Space | 60,06% Space Free | Partition Type: NTFS
Computer Name: MATTHIAS-PC | User Name: Matthias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2011.07.23 12:55:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthias\Desktop\OTL.exe
PRC - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011.06.28 15:00:37 | 000,428,200 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2011.06.28 15:00:37 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011.06.25 12:30:46 | 000,884,696 | ---- | M] ({StringFileInfo_CompanyName}) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2011.06.21 18:20:24 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.06.03 07:56:57 | 000,271,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011.04.27 15:00:49 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010.11.20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010.08.02 17:09:32 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.01.14 23:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009.08.18 03:36:36 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.06.29 19:20:58 | 002,064,384 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2009.05.13 17:34:56 | 000,160,256 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2008.09.05 03:01:00 | 001,794,048 | R--- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanGUI.exe
PRC - [2008.09.05 03:01:00 | 000,364,544 | R--- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WlanNetService.exe
PRC - [2007.12.17 15:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
PRC - [2007.01.11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
========== Modules (SafeList) ==========
MOD - [2011.07.23 12:55:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthias\Desktop\OTL.exe
MOD - [2010.11.20 13:55:09 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- -- (RealtekUSB)
SRV - [2011.07.06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011.06.28 15:00:37 | 000,428,200 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011.06.28 15:00:37 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.06.06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.04.27 15:00:49 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2009.08.18 03:36:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2009.05.13 17:34:56 | 000,160,256 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2008.09.05 03:01:00 | 000,364,544 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2007.12.17 15:00:00 | 000,143,872 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007.01.11 15:02:00 | 000,113,664 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
========== Driver Services (SafeList) ==========
DRV - [2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011.06.28 15:00:38 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011.06.28 15:00:38 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.03.28 16:13:34 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2011.03.28 16:13:34 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2011.01.05 00:55:38 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010.08.20 11:49:06 | 000,027,632 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\clwvd.sys -- (clwvd)
DRV - [2010.06.17 16:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.05.12 13:23:04 | 000,016,896 | ---- | M] (Danish Wireless Design A/S) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\FlashUSB.sys -- (FlashUSB)
DRV - [2009.08.18 04:48:06 | 004,994,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2009.07.14 00:02:53 | 000,347,136 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RTL8187B.sys -- (RTL8187B) RTL8187B Drahtlos-802.11b/g-USB 2.0-Netzwerkadapter (54 MBit/s)
DRV - [2009.07.14 00:02:53 | 000,048,128 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SiSGB6.sys -- (SiSGbeLH)
DRV - [2009.06.29 18:59:02 | 000,112,128 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2009.06.29 18:59:02 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbfake.sys -- (hwusbfake)
DRV - [2009.04.29 16:37:26 | 000,025,088 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\KMWDFILTER.sys -- (KMWDFILTERx86)
DRV - [2009.04.09 14:38:26 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2009.03.18 17:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
DRV - [2008.09.05 03:01:00 | 000,004,352 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2007.04.25 13:50:02 | 000,032,256 | ---- | M] (ENE TECHNOLOGY INC.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\enecir.sys -- (enecir)
DRV - [2007.04.24 03:50:50 | 000,025,896 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\RtlProt.sys -- (RtlProt)
DRV - [2007.01.26 02:00:00 | 000,265,088 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fwlanusb.sys -- (FWLANUSB)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 94 CE 78 F5 CF C3 CB 01 [binary data]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: info@youtube-mp3.org:1.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.2
FF - prefs.js..extensions.enabledItems: {1A2D0EC4-75F5-4c91-89C4-3656F6E44B68}:0.4.6
FF - prefs.js..extensions.enabledItems: illimitux@illimitux.net:4.0
FF - prefs.js..extensions.enabledItems: {b749fc7c-e949-447f-926c-3f4eed6accfe}:0.7.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..network.proxy.http: "207.62.217.252"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.609: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.609: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@virtools.com/3DviaPlayer: C:\Program Files\Virtools\3D Life Player\npvirtools.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Matthias\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll File not found
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.11.17 20:50:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.07.22 01:32:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011.07.24 02:51:45 | 000,000,000 | ---D | M]
[2010.11.17 19:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthias\AppData\Roaming\mozilla\Extensions
[2011.07.16 12:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Matthias\AppData\Roaming\mozilla\Firefox\Profiles\x992qtdr.default\extensions
[2011.06.22 22:13:31 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Matthias\AppData\Roaming\mozilla\Firefox\Profiles\x992qtdr.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.12.30 18:41:36 | 000,001,183 | ---- | M] () -- C:\Users\Matthias\AppData\Roaming\Mozilla\Firefox\Profiles\x992qtdr.default\searchplugins\4shared.xml
[2011.06.11 21:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2010.11.17 19:24:58 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2011.01.02 14:52:50 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.02.24 16:51:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.06.11 21:04:52 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
File not found (No name found) --
() (No name found) -- C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X992QTDR.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\MATTHIAS\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\X992QTDR.DEFAULT\EXTENSIONS\INFO@YOUTUBE-MP3.ORG.XPI
[2011.06.21 18:20:24 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.05.04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2011.05.01 12:48:20 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.05.01 12:48:20 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.05.01 12:48:20 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.01 12:48:20 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.05.01 12:48:20 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.05.01 12:48:20 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2011.03.25 18:10:31 | 000,000,827 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O2 - BHO: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Easy Photo Print) - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus WebGuard) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = FF 00 00 00 [binary data]
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{30ad5228-f287-11df-9a9e-001fcf402cb9}\Shell - "" = AutoRun
O33 - MountPoints2\{30ad5228-f287-11df-9a9e-001fcf402cb9}\Shell\AutoRun\command - "" = F:\pushinst.exe
O33 - MountPoints2\{52e193e5-1856-11e0-aedb-001fcf402cb9}\Shell - "" = AutoRun
O33 - MountPoints2\{52e193e5-1856-11e0-aedb-001fcf402cb9}\Shell\AutoRun\command - "" = F:\Autorun.exe
O33 - MountPoints2\{a1612951-763e-11e0-96ef-81d18000a73c}\Shell - "" = AutoRun
O33 - MountPoints2\{a1612951-763e-11e0-96ef-81d18000a73c}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{a421eb2f-3125-11e0-9742-aa70a61a625c}\Shell - "" = AutoRun
O33 - MountPoints2\{a421eb2f-3125-11e0-9742-aa70a61a625c}\Shell\AutoRun\command - "" = 1
O33 - MountPoints2\{ae4e4014-1d8e-11e0-ab22-001fcf402cb9}\Shell - "" = AutoRun
O33 - MountPoints2\{ae4e4014-1d8e-11e0-ab22-001fcf402cb9}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{ae4e40a2-1d8e-11e0-ab22-001fcf402cb9}\Shell - "" = AutoRun
O33 - MountPoints2\{ae4e40a2-1d8e-11e0-ab22-001fcf402cb9}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2011.07.24 12:56:41 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011.07.24 12:56:12 | 003,216,552 | ---- | C] (Piriform Ltd) -- C:\Users\Matthias\Desktop\ccsetup308.exe
[2011.07.24 12:53:45 | 000,000,000 | ---D | C] -- C:\Users\Matthias\Desktop\hjtscanlist
[2011.07.23 12:55:17 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\Matthias\Desktop\OTL.exe
[2011.07.22 01:33:49 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE
[2011.07.22 01:14:31 | 000,000,000 | ---D | C] -- C:\Users\Matthias\Desktop\LevelR_Multi-Setup
[2011.07.16 23:57:30 | 000,000,000 | ---D | C] -- C:\Users\Matthias\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2011.07.16 23:57:30 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2011.07.14 19:32:50 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2011.07.13 13:01:09 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2011.07.13 13:01:09 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2011.07.13 13:01:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2011.07.13 13:01:09 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2011.07.13 13:01:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2011.07.13 13:01:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2011.07.13 13:01:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2011.07.13 13:01:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2011.07.13 13:01:09 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2011.07.13 13:01:09 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2011.07.13 13:01:06 | 000,271,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2011.07.13 13:01:06 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2011.07.13 13:01:03 | 002,334,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011.07.12 18:15:15 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS
[2011.07.12 17:47:31 | 019,087,360 | ---- | C] (Intel Corporation / Blue Ripple Sound Limited) -- C:\Windows\System32\mkl_blueripple.dll
[2011.07.12 17:47:31 | 001,417,216 | ---- | C] (Blue Ripple Sound Limited) -- C:\Windows\System32\rapture3d_oal.dll
[2011.07.12 17:47:29 | 000,444,952 | ---- | C] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.07.12 17:47:29 | 000,109,080 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.07.12 17:47:29 | 000,000,000 | ---D | C] -- C:\Program Files\OpenAL
[2011.06.29 12:02:15 | 001,549,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tquery.dll
[2011.06.29 12:02:15 | 001,401,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssrch.dll
[2011.06.29 12:02:15 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssph.dll
[2011.06.29 12:02:14 | 000,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssvp.dll
[2011.06.29 12:02:14 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mssphtb.dll
[2011.06.29 12:02:14 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msscntrs.dll
[2011.06.29 01:17:40 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2011.06.28 16:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
[2011.06.26 17:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2011.07.24 12:56:42 | 000,000,965 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.24 12:56:13 | 003,216,552 | ---- | M] (Piriform Ltd) -- C:\Users\Matthias\Desktop\ccsetup308.exe
[2011.07.24 12:51:04 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.07.24 12:51:04 | 000,014,016 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.07.24 12:45:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.07.24 12:45:46 | 2415,419,392 | -HS- | M] () -- C:\hiberfil.sys
[2011.07.24 03:59:04 | 003,742,456 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011.07.24 02:50:42 | 000,000,023 | ---- | M] () -- C:\Windows\ODBCINST.INI
[2011.07.23 14:37:37 | 000,017,725 | ---- | M] () -- C:\Users\Matthias\Desktop\OTL.zip
[2011.07.23 13:39:33 | 000,302,592 | ---- | M] () -- C:\Users\Matthias\Desktop\2gfx91q3.exe
[2011.07.23 12:55:18 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\Matthias\Desktop\OTL.exe
[2011.07.17 13:42:15 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\00001467.LCS
[2011.07.15 02:44:29 | 000,006,144 | ---- | M] () -- C:\Users\Matthias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.12 17:47:29 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\System32\wrap_oal.dll
[2011.07.12 17:47:29 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System32\OpenAL32.dll
[2011.07.06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2011.07.06 19:52:42 | 000,022,712 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2011.07.05 14:23:22 | 000,655,842 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2011.07.05 14:23:22 | 000,616,682 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011.07.05 14:23:22 | 000,130,722 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2011.07.05 14:23:22 | 000,107,062 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011.06.28 16:03:04 | 000,000,045 | ---- | M] () -- C:\Windows\System32\initdebug.nfo
[2011.06.28 15:00:38 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2011.06.28 15:00:38 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
========== Files Created - No Company Name ==========
[2011.07.24 12:56:42 | 000,000,965 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011.07.23 14:37:37 | 000,017,725 | ---- | C] () -- C:\Users\Matthias\Desktop\OTL.zip
[2011.07.23 13:39:32 | 000,302,592 | ---- | C] () -- C:\Users\Matthias\Desktop\2gfx91q3.exe
[2011.07.17 13:42:15 | 000,004,096 | ---- | C] () -- C:\Users\Public\Documents\00001467.LCS
[2011.06.28 16:03:03 | 000,000,045 | ---- | C] () -- C:\Windows\System32\initdebug.nfo
[2011.06.26 17:30:42 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[2011.06.03 15:57:31 | 000,017,408 | ---- | C] () -- C:\Users\Matthias\AppData\Local\WebpageIcons.db
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.03.28 16:04:45 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2011.03.28 16:04:44 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2011.03.10 16:26:11 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011.03.10 16:24:37 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011.03.06 04:07:00 | 001,589,248 | ---- | C] () -- C:\Windows\System32\libmysql_d.dll
[2011.01.31 19:11:12 | 000,053,248 | ---- | C] () -- C:\Windows\System32\CommonDL.dll
[2011.01.31 19:11:12 | 000,002,411 | ---- | C] () -- C:\Windows\System32\lgAxconfig.ini
[2011.01.26 20:44:53 | 000,000,023 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011.01.21 22:13:39 | 000,065,536 | ---- | C] () -- C:\Windows\TADSUINS.EXE
[2010.12.21 18:53:57 | 000,111,932 | ---- | C] () -- C:\Windows\System32\EPPICPrinterDB.dat
[2010.12.21 18:53:57 | 000,031,053 | ---- | C] () -- C:\Windows\System32\EPPICPattern131.dat
[2010.12.21 18:53:57 | 000,027,417 | ---- | C] () -- C:\Windows\System32\EPPICPattern121.dat
[2010.12.21 18:53:57 | 000,026,154 | ---- | C] () -- C:\Windows\System32\EPPICPattern1.dat
[2010.12.21 18:53:57 | 000,024,903 | ---- | C] () -- C:\Windows\System32\EPPICPattern3.dat
[2010.12.21 18:53:57 | 000,021,390 | ---- | C] () -- C:\Windows\System32\EPPICPattern5.dat
[2010.12.21 18:53:57 | 000,020,148 | ---- | C] () -- C:\Windows\System32\EPPICPattern2.dat
[2010.12.21 18:53:57 | 000,011,811 | ---- | C] () -- C:\Windows\System32\EPPICPattern4.dat
[2010.12.21 18:53:57 | 000,004,943 | ---- | C] () -- C:\Windows\System32\EPPICPattern6.dat
[2010.12.21 18:53:57 | 000,001,146 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_DU.dat
[2010.12.21 18:53:57 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_PT.dat
[2010.12.21 18:53:57 | 000,001,139 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_BP.dat
[2010.12.21 18:53:57 | 000,001,136 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_ES.dat
[2010.12.21 18:53:57 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_FR.dat
[2010.12.21 18:53:57 | 000,001,129 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_CF.dat
[2010.12.21 18:53:57 | 000,001,120 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_IT.dat
[2010.12.21 18:53:57 | 000,001,107 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_GE.dat
[2010.12.21 18:53:57 | 000,001,104 | ---- | C] () -- C:\Windows\System32\EPPICPresetData_EN.dat
[2010.12.21 18:53:57 | 000,000,097 | ---- | C] () -- C:\Windows\System32\PICSDK.ini
[2010.12.08 14:54:01 | 000,375,185 | ---- | C] () -- C:\Windows\System32\fmtp.bin
[2010.11.22 21:19:07 | 000,006,144 | ---- | C] () -- C:\Users\Matthias\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.11.17 22:17:23 | 000,097,360 | ---- | C] () -- C:\Windows\System32\drivers\Fwusb1b.bin
[2010.11.17 21:48:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009.07.14 10:47:43 | 000,655,842 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2009.07.14 10:47:43 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2009.07.14 10:47:43 | 000,130,722 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2009.07.14 10:47:43 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2009.07.14 06:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 06:33:53 | 003,742,456 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009.07.14 04:05:48 | 000,616,682 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009.07.14 04:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009.07.14 04:05:48 | 000,107,062 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009.07.14 04:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009.07.14 04:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009.07.14 04:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009.07.14 01:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009.06.18 20:29:04 | 000,197,654 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2009.06.10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009.02.18 18:55:22 | 000,294,912 | ---- | C] () -- C:\Windows\System32\ATIODE.exe
[2009.02.03 21:52:04 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ATIODCLI.exe
[2007.04.27 11:43:58 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2005.10.14 12:56:50 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
[2005.10.14 12:56:50 | 000,921,600 | ---- | C] () -- C:\Windows\System32\VorbisEnc.dll
[2005.10.14 12:56:50 | 000,778,240 | ---- | C] () -- C:\Windows\System32\DivXsm.exe
[2005.10.14 12:56:50 | 000,761,856 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
[2005.10.14 12:56:50 | 000,344,064 | ---- | C] () -- C:\Windows\System32\xvid.dll
[2005.10.14 12:56:50 | 000,237,568 | ---- | C] () -- C:\Windows\System32\OggDS.dll
[2005.10.14 12:56:50 | 000,188,416 | ---- | C] () -- C:\Windows\System32\vorbis.dll
[2005.10.14 12:56:50 | 000,155,136 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2005.10.14 12:56:50 | 000,045,056 | ---- | C] () -- C:\Windows\System32\ogg.dll
[2002.07.31 20:32:03 | 000,056,832 | ---- | C] () -- C:\Windows\System32\iyvu9_32.dll
[1996.04.03 21:33:26 | 000,005,248 | ---- | C] () -- C:\Windows\System32\giveio.sys
========== LOP Check ==========
[2011.07.24 02:41:21 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\Auslogics
[2011.01.07 17:47:32 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\Canneverbe Limited
[2011.02.21 15:24:36 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\FireShot
[2011.07.24 03:30:14 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\ICQ
[2010.11.17 20:44:21 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\IrfanView
[2010.11.28 03:53:41 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\Need for Speed World
[2010.12.05 22:16:57 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\OpenOffice.org
[2011.07.17 13:42:11 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\ProtectDISC
[2011.01.07 18:06:22 | 000,000,000 | ---D | M] -- C:\Users\Matthias\AppData\Roaming\temp
[2011.05.17 12:56:47 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 165 bytes -> C:\ProgramData\Temp:07BF512B
< End of report >
Und die extras.txt Code:
OTL Extras logfile created on: 24.07.2011 13:00:56 - Run 2
OTL by OldTimer - Version 3.2.26.1 Folder = C:\Users\Matthias\Desktop
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,11 Gb Available Physical Memory | 70,33% Memory free
6,00 Gb Paging File | 4,92 Gb Available in Paging File | 82,02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 182,30 Gb Total Space | 124,39 Gb Free Space | 68,23% Space Free | Partition Type: NTFS
Drive D: | 273,46 Gb Total Space | 164,25 Gb Free Space | 60,06% Space Free | Partition Type: NTFS
Computer Name: MATTHIAS-PC | User Name: Matthias | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{026BAC3A-EE38-F6D5-17E4-A853C21A0433}" = Catalyst Control Center Graphics Previews Vista
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{07EBA3B9-1DDD-4F5B-1E55-7999839059F3}" = CCC Help German
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0A102755-A455-B160-1EC1-46C9D05D41FB}" = CCC Help French
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{16E3A4C4-6110-592E-6079-792C488037C3}" = CCC Help Dutch
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23048992-6A9E-EFC2-0E6B-FB36AE6CB432}" = CCC Help Danish
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26
"{27B99944-C1E7-AAAD-FB1E-961F1D2C60EB}" = CCC Help Portuguese
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{377A5CCF-2B1C-9339-4F3E-C3F4D9E522FC}" = CCC Help Greek
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{41BE1B2C-E523-3CF3-4575-66E6EEEEB096}" = CCC Help Russian
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{6056E2B9-D87C-3F7C-09AB-10237E8A17DF}" = ccc-utility
"{6227B8D5-2300-2822-742C-F16C751736B6}" = CCC Help Spanish
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{6F7E7C9C-C036-AC6C-C683-2D42C2475C2F}" = CCC Help Hungarian
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1" = Auslogics BoostSpeed
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7F223B5E-759D-11E0-A8F2-005056C00008}" = MSVCRT Redists
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}" = Epson Easy Photo Print 2
"{89B3012D-FAED-2955-6885-317160B071DA}" = CCC Help Swedish
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C3EBC6E-4DAD-8160-0E9C-42EF4FC85BBE}" = CCC Help Chinese Standard
"{8C46EB35-3DDA-4D2B-9104-5F305E4C9008}" = CCC Help Finnish
"{8D1E61D1-1395-4E97-997F-D002DB3A5074}" = OpenOffice.org 3.2
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9BE7E972-EF3A-F812-8D84-2E33F28F97D8}" = CCC Help Japanese
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A92D74EE-683F-E46D-4A55-29389408437E}" = CCC Help Norwegian
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Deutsch
"{B7F966D9-0433-3C5E-54F8-74517DC19BAA}" = CCC Help Korean
"{B8FA4B2B-67A0-18D0-77DD-F08405016F37}" = ATI Catalyst Install Manager
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5A56170-0EEC-A6A2-7E06-14CEE439279A}" = ccc-core-static
"{C66C5ABB-3671-0FD7-29F5-17030A00B1FF}" = CCC Help Chinese Traditional
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D1626BCB-9C3B-0E8F-853F-573180C42607}" = CCC Help English
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.8 Game
"{D922789F-C0EB-6D4B-7447-8EB9BA16B931}" = CCC Help Czech
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DE00E2A4-C5E3-0148-2BF3-C20FE04B7A5C}" = CCC Help Polish
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E82BB34D-68C5-7E0D-F630-618BE2324BB3}" = CCC Help Italian
"{E9132E61-295C-4377-AF36-CDBE771B7F2D}" = O&O DiskRecovery
"{ED387D9B-9B10-D971-6A8B-74F8094D4EA2}" = Catalyst Control Center Localization All
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1BC5F17-1E81-1E90-7DAC-A5FCFC301324}" = CCC Help Thai
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{FB8AD901-3508-AE0C-151C-F6C5335E7EB0}" = CCC Help Turkish
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AVMWLANCLI" = AVM FRITZ!WLAN
"Call of Duty Modern Warfare 2_is1" = Call of Duty Modern Warfare 2(CREATED BY XEONKING©)
"CCleaner" = CCleaner
"Cool's_Codec_pack_4.12" = Codec Pack - All In 1 6.0.3.0
"DivX Setup.divx.com" = DivX-Setup
"EPSON S21 Series" = EPSON S21 Series Printer Uninstall
"Epson Stylus S21_T21_T27 Benutzerhandbuch" = Epson Stylus S21_T21_T27 Handbuch
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"IrfanView" = IrfanView (remove only)
"JDownloader" = JDownloader
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"Messenger Plus!" = Messenger Plus! 5
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 5.0 (x86 de)" = Mozilla Firefox 5.0 (x86 de)
"OpenAL" = OpenAL
"Portal 2_is1" = Portal 2
"RealPlayer 12.0" = RealPlayer
"SopCast" = SopCast 3.3.2
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.9
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 08:38:11 | Computer Name = Matthias-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 23.07.2011 21:24:13 | Computer Name = Matthias-PC | Source = MsiInstaller | ID = 11706
Description =
Error - 23.07.2011 21:24:13 | Computer Name = Matthias-PC | Source = MsiInstaller | ID = 11706
Description =
[ System Events ]
Error - 06.05.2011 06:58:44 | Computer Name = Matthias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "RealtekUSB" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 06.05.2011 06:59:26 | Computer Name = Matthias-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 06.05.2011 06:59:26 | Computer Name = Matthias-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 06.05.2011 08:28:07 | Computer Name = Matthias-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 06.05.2011 08:28:08 | Computer Name = Matthias-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 07.05.2011 06:48:26 | Computer Name = Matthias-PC | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 07.05.2011 06:48:26 | Computer Name = Matthias-PC | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 07.05.2011 06:48:41 | Computer Name = Matthias-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "RealtekUSB" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error - 07.05.2011 06:49:06 | Computer Name = Matthias-PC | Source = WMPNetworkSvc | ID = 866306
Description =
Error - 07.05.2011 06:49:06 | Computer Name = Matthias-PC | Source = WMPNetworkSvc | ID = 866306
Description =
< End of report >
So ich hoffe das ging alles wie es sollte und du kannst damit was anfangen |
