Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc) (https://www.trojaner-board.de/109237-sicherheitsgruenden-wurde-system-blockiert-50-euro-virus-trojaner-etc.html)

jomei 06.02.2012 17:54
Aus Sicherheitsgründen wurde Ihr System blockiert (50 Euro Virus / Trojaner etc)
 
Hallo zusammen,

nun hat es mich also auch einmal erwischt, nach vielen Jahren ohne Probleme mit Viren und Co. Gestern tauchte dann dieser Warnhinweis auf, Taskmanager und Co. gingen nicht mehr. Das passierte, als ein Update, für ein Spiel, installiert wurde, direkt vom Hersteller. Kein Surfen im Netz zu dem Zeitpunkt.

Wenn ich das richtig hier lese, ann braucht ihr zuerst 2 Logfiles. Die poste ich jetzt mal hier rein, wenn es noch mehr braucht, einfach sagen.

Code:

OTL Extras logfile created on: 06.02.2012 17:39:33 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Andreas\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,17% Memory free
8,21 Gb Paging File | 5,84 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): i:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 7,57 Gb Free Space | 10,34% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS
Drive G: | 66,49 Gb Total Space | 16,81 Gb Free Space | 25,27% Space Free | Partition Type: NTFS
Drive H: | 98,12 Gb Total Space | 53,87 Gb Free Space | 54,91% Space Free | Partition Type: NTFS
Drive I: | 134,76 Gb Total Space | 35,54 Gb Free Space | 26,37% Space Free | Partition Type: NTFS
 
Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = FirefoxHTML] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = FirefoxHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
https [open] -- "G:\programme\Mozilla Firefox\firefox.exe" -requestPending -osint -url "%1" (Mozilla Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 73 00 61 98 9A 8B C8 01  [binary data]
"VistaSp2" = 55 7D 0A D4 F8 DE C9 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
"I:\progr\flashfxp\FlashFXP.exe" = I:\progr\flashfxp\FlashFXP.exe:*:Enabled:FlashFXP v3
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AA3F193-D701-4F85-A305-34D665E85AA2}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{0B6477AB-596D-4298-9204-D72A16071A24}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{0C474E9D-768E-4331-8D58-EBB0F7E7E447}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{168D96D3-8891-47B7-A2A3-FAE7C4D4D9F5}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{1A941407-0BFF-43E8-AF1C-E086E4F70C12}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{1B42FFFD-D259-4FD5-8AEC-E6E8BCBAF255}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1C829E48-51A7-4238-9C90-376E0552C6B7}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1FC06B37-6FBA-4FB1-97F0-8E352E8141F9}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{2510D59B-3B98-4034-B65D-D7D7FB386CED}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{2B0EC09B-B2C3-4FDC-A4CA-4BB48B2DB1AD}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 |
"{2F0F0511-7F33-4639-B5F0-6A47025DEDF3}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{31BA2E3D-5967-41FE-BBFE-2ED8BCF8E7F9}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{341BD94C-1047-440C-8385-7D8C11469495}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 |
"{3786176A-916F-4DF9-9B63-0E96B0801F2A}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{39495BC2-7065-41EA-B94D-B128A3D568DA}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{43A1D7F8-A559-4AD4-9108-F71F179915A2}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{46962477-4940-4657-8E54-F2B324DB4F03}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{50F50612-F212-4EAD-A44B-3EFA9AC6A8FB}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{676B5CE3-E1E2-4884-80B1-F6E8E57BDEF6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6835225E-F5EF-4EF7-B931-8542AD8C65AC}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6BF56210-A8BD-481B-8010-B0B643F2BCBA}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{76CCD1D1-BE93-46AB-BFD2-C9140B638BCE}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{77E17B6B-7402-4369-B91F-AFDB56B86973}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{82F970B7-3D55-4908-A55D-17EFACC9FEBE}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{850E4B18-DBB5-4C98-9209-AE84EC6B1B4A}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A5BE2A71-3794-4F3F-9FAB-8CFD95E44E75}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{A7043835-60AB-4124-9986-356F0D8115EB}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe |
"{BC9191C1-5FF7-4558-80B6-DD8142B817C8}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{BEAFCA57-DC28-42A2-A6EF-BE203DBD54DA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=c:\windows\system32\svchost.exe |
"{C6B5C0CE-D343-4933-BF60-D3E6A9C15F3A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D5B6C1E6-1491-41CF-A74C-DBBA3B23C7D8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{052BE1F4-B4CA-41F9-9C92-AEF6C8607A40}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0ACBB0BD-F33C-43CE-957E-26921A539180}" = protocol=17 | dir=in | app=g:\games\curse-update\curse\curseclient.exe |
"{0C941F73-46BC-4BF2-8FA4-B4984960C45E}" = protocol=6 | dir=in | app=i:\games\anno2070\anno5.exe |
"{0D3A1401-1B57-4CD5-9C97-C48C53C9C7C8}" = protocol=6 | dir=in | app=g:\games\wow\wow.exe |
"{18FF1AA2-958D-4D38-9F02-408AB3232AA1}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1A6C1426-C972-4B73-88B3-50946EEAB307}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{1E9F0540-A661-4CE9-A964-E4E36ACE070F}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1F3F491B-DA44-4A46-87FD-DC78478DC5AD}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{2281D7DF-8732-4DF4-851F-85667548D6D6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{25AABB5C-1D3A-4BEE-B93A-DEEE11C8D431}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe |
"{2A302ACA-37C2-43B9-B673-4A9D0E9BC48D}" = protocol=17 | dir=in | app=g:\programme\curse\curseclient.exe |
"{2BE49371-284D-4A14-B237-DFE6FE5BDD90}" = protocol=6 | dir=in | app=i:\games\wow\launcher.exe |
"{2CAD0F3C-2D7F-4859-A52B-339DE9B98197}" = protocol=6 | dir=in | app=g:\games\wic\wic_online.exe |
"{30B63419-0CCA-40B1-8D21-A4D6CAB112E7}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe |
"{3F00F963-CED6-4038-8E78-BA3CD80E2C9A}" = protocol=17 | dir=in | app=g:\games\wic\wic_ds.exe |
"{3FC34FF8-4975-486F-900A-6E9CEEA764F3}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{3FC96849-F369-4141-BFDB-BAE1EC0DC1A5}" = protocol=6 | dir=in | app=i:\games\anno2070\initengine.exe |
"{41E389D7-81EC-4BD6-B7FE-3569ACE02689}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{4B69359E-42E9-4568-8CE9-DDD5D5F90281}" = protocol=17 | dir=in | app=i:\games\wow\launcher.exe |
"{4BD65A27-79D3-4B53-9531-A971029DB4AA}" = protocol=6 | dir=in | app=g:\games\wow\launcher.patch.exe |
"{5101860A-6F7B-4DFE-8850-BCD4EDD264DF}" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5227FC86-605C-41C0-A5F4-5792F216FE9A}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{53C1B67E-ED56-4DD6-91B8-CB668668BF6F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{54569CAF-D323-489F-ACB7-1BE43D77CF54}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{545EB6D1-B90D-4860-A828-B2F819E75274}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{5478C98C-2A6C-4D81-AAEB-DE0CA86AB553}" = protocol=6 | dir=in | app=g:\games\cry-beta-3\crysis mp beta\bin32\crysis.exe |
"{54CE7B81-4C7F-43D4-85A7-F2E278B1E453}" = protocol=17 | dir=in | app=i:\games\wow\launcher.patch.exe |
"{5729A6F2-CD0D-4CBD-AEEB-F27777FEFA60}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{58D72CD0-A5CA-4A67-AAB7-2DCD46BC2AE8}" = protocol=6 | dir=in | app=i:\games\anno2070\autopatcher.exe |
"{5E7FC184-6D04-4A84-8EF4-EA393BCF5474}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5F5D0F35-831B-4E0C-B18E-74A2F49932B0}" = protocol=6 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{5F9A8E49-6AC6-43B0-AC5B-D12C43EAD577}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{63A71835-9A76-48E8-B332-DFA1E17BCB2A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.0\sonarhost.exe |
"{659B5904-F19D-4607-8B38-9FD9BA2E5603}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{68037AC9-4F22-47D7-AB90-909806DB0893}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{68F11528-0728-4F44-B187-739D755EF83F}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6B36935A-49D1-44AE-8C41-9A5ED0B20C1D}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6E126CB9-0ED0-48B0-BEB2-6D268CB3DAC8}" = protocol=6 | dir=in | app=g:\games\wow\launcher.exe |
"{77484F17-ADF2-4D76-BFD7-1EE4D953826B}" = protocol=17 | dir=in | app=i:\games\anno2070\anno5.exe |
"{7C9AF305-051D-4AC8-81F7-2B591115A33B}" = protocol=17 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{7CFE74E0-75D6-4A88-A5D4-31920EC39309}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{7EA96289-1994-4AA6-9959-6617485C367E}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{80B3D677-4830-497F-8CF0-3FDCAE776D0F}" = protocol=17 | dir=in | app=g:\games\wow\wow.exe |
"{8346B1F6-12A9-431F-9568-CC6B2EEBE311}" = protocol=17 | dir=in | app=g:\games\wic\wic_online.exe |
"{866D3242-12A8-4FC0-80D6-00685AA48CE2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{8CC8FAEE-2D2F-4E61-B788-2CB290140C18}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-0.3.0.10522-dede-ptr-downloader.exe |
"{8CE15293-095E-4A88-9FB8-834CEFCDD452}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{8FBC715A-DA00-428F-8CF8-2BD9C6D1ED10}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{90524EF1-DC64-4548-A882-78D1997155A1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{94AD29BA-D745-46DF-8919-8026531B715A}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe |
"{95BEBB85-FB73-4106-B094-3E2907CFC94A}" = protocol=6 | dir=in | app=i:\games\wow\launcher.patch.exe |
"{97D6FC91-BF87-4011-AE55-C151774C1321}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{982D08A7-2634-41AD-BD59-9EA98F112689}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{9FBA2C4F-0B43-4BEF-B152-C5EEAEEC7B98}" = protocol=17 | dir=in | app=g:\games\wow\launcher.patch.exe |
"{A4C5DC85-2AD4-4718-8599-B3789D09043D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{A517D883-2D35-40E4-A745-5542B6E9D351}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{A774104E-5007-4D33-A0B4-2DA0C8634E08}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{A9E40D99-CA3F-43AC-9BF4-ED6B5F38E0A4}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10522-to-0.3.0.10554-dede-ptr-downloader.exe |
"{AA01B764-A74B-473A-963A-6A34F7F34D75}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{AB0CC0EA-90FD-4115-A787-C64E843ADEAA}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"{AE3F5F0F-04E3-4685-99F3-23A9394B9C23}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.2.10482-to-3.2.2.10505-dede-downloader.exe |
"{B0D5CC6C-1952-4F81-999B-01B10FEE86C5}" = protocol=17 | dir=in | app=g:\games\wic\wic.exe |
"{B1C3A08C-B6F9-4347-B20E-BCCC2A81C830}" = protocol=17 | dir=in | app=g:\games\cry-beta-3\crysis mp beta\bin32\crysis.exe |
"{B686FF9F-F732-4F8A-A447-1C21DCAF4CDD}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10192-to-3.2.0.10314-dede-downloader.exe |
"{B953ACA5-75B0-49DA-AF03-53FB1E7C71E6}" = protocol=17 | dir=in | app=i:\games\wow\blizzard downloader.exe |
"{BA357AF2-BB10-415B-9D8D-2F8342B91ABA}" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{BC5D9CB1-A212-4C74-AACB-A58A95879484}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{BE87105B-5014-4EA4-97D7-0F9733F66DA1}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe |
"{C3464EFA-D9E4-48A3-B7D9-7325AE001BA8}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.2.0.10314-to-3.2.2.10482-dede-downloader.exe |
"{C6AD9BDC-32DE-4639-98AD-A1F3E9C57DE6}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C845F0CE-45B4-48E1-BC2A-88AE7BED07ED}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{CDA177F1-AB08-446B-B57F-30E5ED50F264}" = protocol=17 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{D3F320C8-B80B-4E78-9D75-25673467A044}" = protocol=17 | dir=in | app=i:\games\anno2070\initengine.exe |
"{D5B5296D-1FE8-4DA0-8F93-491330D20351}" = protocol=6 | dir=in | app=h:\star wars-the old republic\launcher.exe |
"{D5F6E41B-2ECA-4016-BF98-1B0D5DA3DFC5}" = protocol=17 | dir=in | app=i:\games\anno2070\autopatcher.exe |
"{D78D8474-3932-4D43-890B-139D911ECC40}" = protocol=6 | dir=in | app=g:\games\wic\wic_ds.exe |
"{D821C05E-5CEF-4EA1-9477-74575DA63A6A}" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10571-to-0.3.0.10596-dede-ptr-downloader.exe |
"{DEB66874-8001-47DD-B934-4DF63F0FD4EE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{E1543EC3-BC2F-4FFA-828E-E3BE0B8E428C}" = protocol=6 | dir=in | app=g:\games\wic\wic.exe |
"{E4E34D2F-2C19-483A-A50B-F0944C136651}" = protocol=6 | dir=in | app=i:\games\wow\blizzard downloader.exe |
"{E83E2AE8-DA1E-46AE-B4F6-56ABCA56E322}" = protocol=17 | dir=in | app=g:\games\wow\launcher.exe |
"{E86DDBDF-0F76-4315-82FF-24C6F0E249FD}" = protocol=6 | dir=in | app=g:\games\curse-update\curse\curseclient.exe |
"{E94D8F60-07B3-4E96-ADDA-9DA288C0F893}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
"{EE7B6452-F538-442B-BC55-29821B39682D}" = protocol=6 | dir=in | app=g:\programme\curse\curseclient.exe |
"{EF949FAD-9773-4C61-8D4B-C038F22BC4B6}" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10554-to-0.3.0.10571-dede-ptr-downloader.exe |
"{F037F140-FE70-41BC-A6DA-05D7AEA5E214}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{F26D9838-0095-473B-897E-1E067D5757E3}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{F9E2E550-227A-45B5-B8CD-5F4D2D2D3788}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-3.1.3.9947-to-3.2.0.10192-dede-downloader.exe |
"TCP Query User{002FF392-4EA9-458C-9326-FC57F2C54989}C:\program files (x86)\motorola\software update\mumapp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\software update\mumapp.exe |
"TCP Query User{0D9FEC77-D221-4FB0-921C-DF8F521B5FB0}I:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe |
"TCP Query User{18D64428-EC98-4BC4-A295-42A40C3F703A}G:\games\xfire\xfire.exe" = protocol=6 | dir=in | app=g:\games\xfire\xfire.exe |
"TCP Query User{1C1A8E54-4DFE-4024-8BD7-787D9AC85FCA}G:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=g:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"TCP Query User{1D88AB4C-D457-4AF2-804C-463D3A1072FE}I:\games\world of warcraft public test\launcher.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\launcher.exe |
"TCP Query User{1D987B5F-E0FC-477D-95FC-0E806B5A239D}I:\games\nfsdata\data\nfsw.exe" = protocol=6 | dir=in | app=i:\games\nfsdata\data\nfsw.exe |
"TCP Query User{2B547AAB-8CD0-4B59-9429-5058CF4FEF3E}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe |
"TCP Query User{35AA4809-6E8A-42B9-A1C3-D86195A9A3D0}I:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe" = protocol=6 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe |
"TCP Query User{3DDB9888-39D5-4404-8908-49082D460278}I:\progr\winamp\winamp.exe" = protocol=6 | dir=in | app=i:\progr\winamp\winamp.exe |
"TCP Query User{44655A35-5F51-4E4A-832F-3815D098ECB9}G:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe |
"TCP Query User{4D4085EB-4564-481F-A9CC-3FEF99B2F61C}I:\games\blood\binary\bloodlinechampionsloader.exe" = protocol=6 | dir=in | app=i:\games\blood\binary\bloodlinechampionsloader.exe |
"TCP Query User{5024B43E-7377-4529-AF79-99B071F25A0A}I:\progr\winamp\winamp.exe" = protocol=6 | dir=in | app=i:\progr\winamp\winamp.exe |
"TCP Query User{55BB76A4-B5E9-4002-AEB3-2CEED9F38145}G:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe |
"TCP Query User{5814365D-1C2D-4986-9614-5FFD3FABBFED}C:\users\andreas\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\andreas\appdata\local\google\chrome\application\chrome.exe |
"TCP Query User{5AE677A0-6FDD-41E8-A26D-AE6A9160228D}C:\program files (x86)\itunes\itunes.exe" = protocol=6 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{5F843565-50AF-4DB7-945B-AD862742B378}I:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=i:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{5FE1D7A5-B8F7-475C-AE51-7701A9DC95E6}I:\progr\flashfxp\flashfxp.exe" = protocol=6 | dir=in | app=i:\progr\flashfxp\flashfxp.exe |
"TCP Query User{771F8A17-0C1F-4F9C-AEFE-3DF28A582DD1}G:\programme\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"TCP Query User{7B22848F-0FB3-4AF9-AF1A-88F390FCFCB0}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{89F81AF9-3D97-40FB-9209-1590B5B2CEB3}G:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe |
"TCP Query User{8AE0ACC8-46B9-4847-BF9D-E290F9DC45B4}G:\games\wow\launcher.exe" = protocol=6 | dir=in | app=g:\games\wow\launcher.exe |
"TCP Query User{930266F9-88D7-45C9-887B-C3F3ABE74B07}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"TCP Query User{A17282FB-B4BF-40D4-BC42-C3AEEAC8C33F}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{B2D97FFA-3FD3-4CDE-BA8B-1329ED8E1B9D}G:\programme\totalcmd\totalcmd.exe" = protocol=6 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"TCP Query User{B7585B8B-2A19-4C23-944B-8E912D28075E}I:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe" = protocol=6 | dir=in | app=i:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe |
"TCP Query User{CF633BC3-1F30-4903-9B99-157DEFDB282F}C:\program files (x86)\yello strom\yellometer\yellometer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\yello strom\yellometer\yellometer.exe |
"TCP Query User{DC4E0EA1-8598-4523-80D4-4509089DBACC}C:\program files (x86)\motorola\software update\msu.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\software update\msu.exe |
"TCP Query User{DD2A3CF6-8BCE-4F91-9F51-1EAE4F86EA02}G:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe" = protocol=6 | dir=in | app=g:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe |
"TCP Query User{DEF59468-82FA-4945-9563-AB96163FA13E}H:\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=6 | dir=in | app=h:\star wars-the old republic\betatest\retailclient\swtor.exe |
"TCP Query User{DF2EA308-E863-48ED-89E8-B49D2EC5734C}I:\games\wow\backgrounddownloader.exe" = protocol=6 | dir=in | app=i:\games\wow\backgrounddownloader.exe |
"TCP Query User{E3B68C0A-DD3A-47BE-8B7C-465D726F7C8D}C:\windows\system32\ftp.exe" = protocol=6 | dir=in | app=c:\windows\system32\ftp.exe |
"TCP Query User{ECEB4E5A-5141-421E-8281-B4C092DB8ED0}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{ED706206-0183-4957-8CAA-D19397657864}G:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe" = protocol=6 | dir=in | app=g:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe |
"TCP Query User{EF9ED909-429D-407D-91E2-F6B90A201FAB}G:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"TCP Query User{F5BA07E2-3145-4207-891D-4D40A126C92E}G:\programme\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"TCP Query User{F84C74B8-4D6D-43BC-8380-EFF5F6F1AC3C}I:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=6 | dir=in | app=i:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{00638281-18E7-4C1E-9C7F-D565D3093DFF}I:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe" = protocol=17 | dir=in | app=i:\games\wow\temp\wow-4.0.0.1807-to-4.0.0.1979-enus-tools-downloader.exe |
"UDP Query User{0442A47B-6151-4537-B10F-112EBA7BCE32}I:\games\nfsdata\data\nfsw.exe" = protocol=17 | dir=in | app=i:\games\nfsdata\data\nfsw.exe |
"UDP Query User{0968541E-56B4-4B4F-ABC7-D88480CA8B45}G:\games\wow\launcher.exe" = protocol=17 | dir=in | app=g:\games\wow\launcher.exe |
"UDP Query User{0AC935C4-339F-44A1-B626-5741CA0C5AE9}C:\users\andreas\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\andreas\appdata\local\google\chrome\application\chrome.exe |
"UDP Query User{1258D574-5DAC-47D0-88A5-95445FEA32CB}G:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.6.6337-to-2.0.7.6383-dede-downloader.exe |
"UDP Query User{27893D58-C36F-47EA-A9F7-F510017D6978}I:\games\blood\binary\bloodlinechampionsloader.exe" = protocol=17 | dir=in | app=i:\games\blood\binary\bloodlinechampionsloader.exe |
"UDP Query User{2AD61E50-1526-4C6E-8973-5A37A15D6BDF}G:\games\tdu\testdriveunlimited.exe" = protocol=6 | dir=in | app=g:\games\tdu\testdriveunlimited.exe |
"UDP Query User{34CAE53B-9CF3-4617-8C0A-A55F938620E4}I:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10772-to-0.3.0.10805-dede-ptr-downloader.exe |
"UDP Query User{36B8ECAA-D49C-4CE2-8264-6A68708A5ED4}H:\star wars-the old republic\betatest\retailclient\swtor.exe" = protocol=17 | dir=in | app=h:\star wars-the old republic\betatest\retailclient\swtor.exe |
"UDP Query User{42E1019A-94C8-4242-95F0-7BD3BD0FEE25}G:\programme\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"UDP Query User{5050BB1A-4B4E-4355-9DA1-927B0B5902F7}I:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\wow-0.3.0.10676-to-0.3.0.10712-dede-ptr-downloader.exe |
"UDP Query User{6A001F8D-9A9A-479A-BF41-AF8C68E33F8C}I:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=i:\progr\phone-explorer\myphoneexplorer\myphoneexplorer.exe |
"UDP Query User{73AB5A04-3953-4BC9-B290-88518381E748}G:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.10.6448-to-2.0.12.6546-dede-downloader.exe |
"UDP Query User{77ED7EB2-A07F-4800-817D-73CF6B4CC3F3}C:\program files (x86)\motorola\software update\msu.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\software update\msu.exe |
"UDP Query User{786C8032-7510-474F-B98C-7EA7544965BD}G:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe" = protocol=17 | dir=in | app=g:\programme\dw\adobe dreamweaver cs3\dreamweaver.exe |
"UDP Query User{7C0DFF2E-8A31-48A5-ABC6-30C3D2CF47B4}I:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe" = protocol=17 | dir=in | app=i:\games\wow\wow-3.3.5.12340-x86-win-dede-bkgnd-downloader.exe |
"UDP Query User{7DF54149-770B-45BE-992B-107A594AAEE4}G:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.8.6403-to-2.0.10.6448-dede-downloader.exe |
"UDP Query User{7E41A449-645C-4A50-A48F-A5E25D359A84}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe |
"UDP Query User{8B5EFDE4-F015-4A7C-A0EB-A9BF08BA2FB3}I:\progr\winamp\winamp.exe" = protocol=17 | dir=in | app=i:\progr\winamp\winamp.exe |
"UDP Query User{987F2123-CFAF-4DCF-9194-2DAFAF8B5DEE}G:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"UDP Query User{9946437E-CE04-49F5-B9FA-DABD51DC4C58}C:\program files (x86)\yello strom\yellometer\yellometer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\yello strom\yellometer\yellometer.exe |
"UDP Query User{9FFB0D38-55D6-40BE-8A3A-1D0F47130C21}C:\program files (x86)\motorola\software update\mumapp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\software update\mumapp.exe |
"UDP Query User{AAFD2325-E884-48CE-AD33-70490214AF78}G:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=g:\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe |
"UDP Query User{B6A4CF4A-5BF3-4162-B2A9-63C92DAE61FC}I:\progr\flashfxp\flashfxp.exe" = protocol=17 | dir=in | app=i:\progr\flashfxp\flashfxp.exe |
"UDP Query User{B8210782-4A29-477B-92A9-62069224F21F}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{B96FD913-CDC6-4DE8-A2DB-160C3E81AF18}C:\program files (x86)\itunes\itunes.exe" = protocol=17 | dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"UDP Query User{BB3CC26D-5C56-47BB-A8C4-6E2D0C971729}G:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe" = protocol=17 | dir=in | app=g:\games\wow\wow-2.0.7.6383-to-2.0.8.6403-dede-downloader.exe |
"UDP Query User{C1FFBE2A-204D-4FEE-B8DD-98539FBF3281}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{C6A77DD8-AE37-44DC-886E-4431DA11A007}G:\programme\totalcmd\totalcmd.exe" = protocol=17 | dir=in | app=g:\programme\totalcmd\totalcmd.exe |
"UDP Query User{C854B65C-5FE9-4E1A-8A98-C2137C9C48BE}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{C8DCFB5E-08E6-4846-830E-E1D56E98700F}I:\progr\winamp\winamp.exe" = protocol=17 | dir=in | app=i:\progr\winamp\winamp.exe |
"UDP Query User{C9E61D69-7580-464F-B38E-9B91BD6A2992}I:\games\wow\backgrounddownloader.exe" = protocol=17 | dir=in | app=i:\games\wow\backgrounddownloader.exe |
"UDP Query User{CBE516B9-1A09-4D87-B221-BC212B8B7B54}G:\programme\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=g:\programme\mozilla firefox\firefox.exe |
"UDP Query User{D8D1AD99-1249-4E9C-8794-F1076B73EB89}C:\windows\system32\ftp.exe" = protocol=17 | dir=in | app=c:\windows\system32\ftp.exe |
"UDP Query User{E17D8665-80BD-4CDA-BB81-EEE3CF07F91C}G:\games\xfire\xfire.exe" = protocol=17 | dir=in | app=g:\games\xfire\xfire.exe |
"UDP Query User{EC24BC8F-57B6-41DC-A9DE-1BF5D9CFACFD}C:\program files (x86)\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files (x86)\internet explorer\iexplore.exe |
"UDP Query User{FD129E22-291D-4D34-A372-AA56F63AA9BD}I:\games\world of warcraft public test\launcher.exe" = protocol=17 | dir=in | app=i:\games\world of warcraft public test\launcher.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{05BFB060-4F22-4710-B0A2-2801A1B606C5}" = Microsoft Antimalware
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0C826C5B-B131-423A-A229-C71B3CACCD6A}" = CDDRV_Installer
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0910-000001000000}" = 7-Zip 9.10 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416025FF}" = Java(TM) 6 Update 25 (64-bit)
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{42738DB0-FC3E-4672-A99B-9372F5696E30}" = Microsoft Security Client
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{64A3A4F4-B792-11D6-A78A-00B0D0160250}" = Java(TM) SE Development Kit 6 Update 25 (64-bit)
"{68660049-8D48-427C-9FF7-139D8340CDC0}" = MSVC80_x64
"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}" = iTunes
"{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}" = Logitech GamePanel Software 3.06.109
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 280.26
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 280.19
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.10.0514
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.4.28
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C776F23B-8ACA-4287-9F65-461B2B1B29B4}" = Debugging Tools for Windows 64-bit
"{CA0D2F09-F811-48D4-843E-C87696C6A9D9}" = Bonjour
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F3F18612-7B5D-4C05-86C9-AB50F6F71727}" = KhalInstallWrapper
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit
"CBF192A85B624E32B8D19ADEEF2DCFC5BC3AA73A" = Windows-Treiberpaket - Nokia Modem  (03/05/2008 3.7)
"E092B2EBF2FFE83E896F8F7F829A7B5D7D1B2F9D" = Windows-Treiberpaket - Nokia Modem  (03/13/2008 6.86.0.1)
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"ShockwaveFlash" = Adobe Flash Player 9 ActiveX
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"UltSounds" = Windows-Soundschemas
"UltSounds2" = Ultimate Extras sounds from Microsoft® Tinker™
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1ADE23D7-7A1E-4AEC-BA5D-EB8A01BED943}" = DeepBurner v1.8.0.224
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{212748BB-0DA5-46DE-82A1-403736DC9F27}" = MSVC80_x86
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}" = Adobe ExtendScript Toolkit 2
"{26A24AE4-039D-4CA4-87B4-2F83216013FF}" = Java(TM) 6 Update 26
"{2ADE2157-7A5E-122C-B51D-EB8A01B15943}" = DeepBurner v1.9.0.228
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3248F0A8-6813-11D6-A77B-00B0D0150100}" = J2SE Runtime Environment 5.0 Update 10
"{3248F0A8-6813-11D6-A77B-00B0D0160040}" = Java(TM) 6 Update 4
"{3248F0A8-6813-11D6-A77B-00B0D0160050}" = Java(TM) 6 Update 5
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java(TM) 6 Update 7
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{419CF344-3D94-4DAD-99C8-EA7B00E5EA8B}" = Acronis*True*Image*Home
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A3F9D74-BB80-4451-8CA1-4B3A857F1359}" = Apple Application Support
"{6C29152D-3FF9-43B2-84E4-9B35FC0BF5C2}" = Vodafone Mobile Broadband
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser und SDK
"{7596C248-4816-4C6F-8AAC-D8C81F2B4B49}" = HD View
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7D386596-0E80-4808-8AAE-C1DDA8212F7F}" = Adobe Setup
"{82427977-8776-4087-90CA-9F65174D3C4D}" = Nokia Connectivity Cable Driver
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{901A0407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Outlook 2003
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2}" = PixiePack Codec Pack
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}" = Adobe Setup
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Plus Web Player
"{B7CB0BF3-791E-44D3-9F04-786E36D51C9D}" = PC Connectivity Solution
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{C53CFB2A-B76B-4C8E-842F-9961EFE760EB}" = RSDLite
"{C9E14402-3631-4182-B377-6B0DFB1C0339}" = QuickTime
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"{CE246151-F0E8-ABC8-AEB2-7F3E188EFBF5}" = TweetDeck
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D5B18B60-4FC3-42AD-A629-9CA10ACC06CD}" = HTC Sync
"{D6F879CC-59D6-4D4B-AE9B-D761E48D25ED}" = Skype™ 5.3
"{D765F1CE-5AE5-4C47-B134-AE58AC474740}" = OpenOffice.org 3.1
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F11ADC64-C89E-47F4-A0B3-3665FF859397}" = WORLD IN CONFLICT
"{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}" = Logitech SetPoint
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe_25db75244653b42cb93dc27939d1c0e" = Adobe Dreamweaver CS3
"Adobe_3e054d2218e7aa282c2369d939e58ff" = Adobe ExtendScript Toolkit 2
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Burning Studio 6" = Ashampoo Burning Studio 6
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"CamStudio" = CamStudio
"CCleaner" = CCleaner (remove only)
"CurseClient" = Curse Client
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup" = DivX-Setup
"doubleTwist" = doubleTwist
"Driver Sweeper_is1" = Driver Sweeper 1.0
"ElsterFormular 11.5.1.4843" = ElsterFormular
"ESN Sonar-0.70.0" = ESN Sonar
"Exact Audio Copy" = Exact Audio Copy 0.99pb3
"FileZilla Client" = FileZilla Client 3.5.2
"FLVPlayer" = FLV Player 1.3.3
"GnuPG" = GNU Privacy Guard
"GPG4Win" = GnuPG For Windows
"Host OpenAL (ADI)" = Host OpenAL (ADI)
"InstallShield_{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager
"InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}" = OpenMG Secure Module 4.7.00
"IrfanView" = IrfanView (remove only)
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.13
"KLiteCodecPack_is1" = K-Lite Codec Pack 3.1.5 Standard
"Loki Browser Plugin" = Loki Browser Plugin
"Microsoft .NET Framework 1.1  (1033)" = Microsoft .NET Framework 1.1
"Mozilla Firefox (3.0.6)" = Mozilla Firefox (3.0.6)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"MPE" = MyPhoneExplorer
"NetLimiter 2 Pro" = NetLimiter 2 Pro (remove only)
"NVIDIA StereoUSB Driver" = NVIDIA 3D Vision Controller Driver
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"OpenMG HotFix4.7-07-13-22-01" = OpenMG Limited Patch 4.7-07-14-05-01
"Origin" = Origin
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"RealPlayer 6.0" = RealPlayer
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1" = TweetDeck
"Veetle TV" = Veetle TV 0.9.16
"ViewpointMediaPlayer" = Viewpoint Media Player
"VLC media player" = VideoLAN VLC media player 0.8.6h
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"XMedia Recode" = XMedia Recode 3.0.0.0
"Xvid_is1" = Xvid 1.1.3 final uninstall
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 05.02.2012 09:37:54 | Computer Name = Boss-PC | Source = Microsoft-Windows-RestartManager | ID = 10006
Description =
 
Error - 05.02.2012 09:38:34 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 05.02.2012 09:38:43 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 05.02.2012 09:38:45 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 05.02.2012 09:39:52 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 05.02.2012 09:41:02 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 05.02.2012 09:46:23 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 05.02.2012 09:49:10 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 05.02.2012 09:50:15 | Computer Name = Boss-PC | Source = Microsoft-Windows-CAPI2 | ID = 131083
Description =
 
Error - 06.02.2012 11:44:14 | Computer Name = Boss-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 10.0.0.4411 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
 das Problem zu suchen.  Prozess-ID: 3f0  Anfangszeit: 01cce4e58fc76bcb  Zeitpunkt der
 Beendigung: 64
 
[ NetLimiter Events ]
Error - 08.08.2008 05:27:52 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 10.08.2008 07:10:49 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 10.08.2008 18:06:59 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 11.08.2008 06:32:55 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 12.08.2008 06:28:17 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 12.08.2008 18:07:27 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 13.08.2008 06:50:49 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 13.08.2008 08:30:00 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 14.08.2008 06:32:18 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
Error - 28.09.2009 08:36:05 | Computer Name = Boss-PC | Source = NetLimiter 2 | ID = 1000
Description =
 
[ System Events ]
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7001
Description =
 
Error - 06.02.2012 11:08:51 | Computer Name = Boss-PC | Source = Service Control Manager | ID = 7026
Description =
 
 
< End of report >
und hier das 2te File.

Code:

OTL logfile created on: 06.02.2012 17:39:33 - Run 1
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Andreas\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,77 Gb Available Physical Memory | 44,17% Memory free
8,21 Gb Paging File | 5,84 Gb Available in Paging File | 71,12% Paging File free
Paging file location(s): i:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 7,57 Gb Free Space | 10,34% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS
Drive G: | 66,49 Gb Total Space | 16,81 Gb Free Space | 25,27% Space Free | Partition Type: NTFS
Drive H: | 98,12 Gb Total Space | 53,87 Gb Free Space | 54,91% Space Free | Partition Type: NTFS
Drive I: | 134,76 Gb Total Space | 35,54 Gb Free Space | 26,37% Space Free | Partition Type: NTFS
 
Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Andreas\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\pdf.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avutil-51.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avformat-53.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\avcodec-53.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\Application\16.0.912.77\gcswf32.dll ()
MOD - C:\Users\Andreas\AppData\Local\Google\Chrome\APPLIC~1\160912~1.77\gcswf32.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (Viewpoint Manager Service) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\DRIVERS\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\DRIVERS\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (PSSDK42) -- C:\Windows\SysNative\Drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MotDev) -- C:\Windows\SysNative\DRIVERS\motodrv.sys (Motorola Inc)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (lgmcunic) LGE Mobile USB WMC Ethernet ELDA (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcunic.sys (MCCI Corporation)
DRV:64bit: - (lgmcobex) -- C:\Windows\SysNative\DRIVERS\lgmcobex.sys (MCCI Corporation)
DRV:64bit: - (lgmcnd5) LGE Mobile USB WMC Ethernet ELDA (NDIS) -- C:\Windows\SysNative\DRIVERS\lgmcnd5.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdm) -- C:\Windows\SysNative\DRIVERS\lgmcmdm.sys (MCCI Corporation)
DRV:64bit: - (lgmcmgmt) LGE Mobile USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcmgmt.sys (MCCI Corporation)
DRV:64bit: - (lgmcbus) LGE Mobile driver (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcbus.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdfl) -- C:\Windows\SysNative\DRIVERS\lgmcmdfl.sys (MCCI Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV:64bit: - (SI3132) -- C:\Windows\SysNative\DRIVERS\SI3132.sys (Silicon Image, Inc)
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: I:\progr\jr6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\programme\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin: C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: I:\progr\vf-web\Optimization Client\addon\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: G:\programme\Mozilla Firefox\components [2012.02.01 21:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: G:\programme\Mozilla Firefox\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.09 15:49:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2007.01.30 10:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boss\AppData\Roaming\mozilla\Firefox\Profiles\yf0p6cos.default\extensions
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\INSPECTOR@MOZILLA.ORG
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\TALKBACK@MOZILLA.ORG
 
O1 HOSTS File: ([2008.10.10 19:43:51 | 000,000,759 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\progr\jr6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKCU..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKCU..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found
O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKCU\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.burj-al-arab.com/flashcab/ipix/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab (Java Plug-in 1.6.0_04)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Java Plug-in 1.6.0_05)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Java Plug-in 1.6.0_07)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA225B3F-D7B3-44A3-9371-D4387BB0076E}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.05 16:21:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.02.05 15:14:02 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2012.02.05 14:36:57 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Deployment
[2012.02.05 14:34:15 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Logitech
[2012.02.05 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Salling_Software_AB
[2012.02.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Apple Computer
[2012.01.22 23:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012.01.22 23:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2012.01.12 11:26:16 | 001,689,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2012.01.12 11:26:15 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2012.01.11 13:03:27 | 001,570,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\quartz.dll
[2012.01.11 13:03:26 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\quartz.dll
[2012.01.11 13:03:26 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2012.01.11 13:03:26 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2012.01.11 13:03:16 | 001,585,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntdll.dll
[2012.01.11 13:03:15 | 000,211,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winmm.dll
[2012.01.11 13:03:15 | 000,028,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciwave.dll
[2012.01.11 13:03:15 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mciseq.dll
[2012.01.11 13:03:13 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mcicda.dll
[2012.01.11 13:03:13 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mciseq.dll
[2012.01.11 13:03:12 | 000,451,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2012.01.11 13:03:09 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\packager.dll
[2012.01.11 13:03:09 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\packager.dll
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.06 17:25:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.06 17:11:08 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.06 17:11:08 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.06 17:02:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001UA.job
[2012.02.06 16:58:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.06 16:58:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.06 16:25:16 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2012.02.06 16:13:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.06 16:12:57 | 4293,451,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.05 15:17:09 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.05 02:36:37 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001Core.job
[2012.01.23 01:40:02 | 001,487,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.23 01:40:02 | 000,644,348 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.23 01:40:02 | 000,609,368 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.23 01:40:02 | 000,132,718 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.23 01:40:02 | 000,109,644 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.22 23:43:25 | 000,000,596 | ---- | M] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.01.21 13:41:13 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini
[2012.01.16 02:06:21 | 000,000,737 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.06 16:20:09 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.06 16:20:09 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2012.02.06 16:12:57 | 4293,451,776 | -HS- | C] () -- C:\hiberfil.sys
[2012.01.22 23:43:25 | 000,000,596 | ---- | C] () -- C:\Users\Public\Desktop\Origin.lnk
[2012.01.16 02:06:21 | 000,000,737 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk
[2011.09.30 00:20:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2010.12.31 11:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010.10.05 19:21:06 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.05 19:21:06 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.09.26 18:18:22 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.04.30 13:14:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.30 13:12:56 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.13 16:03:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.04 15:17:51 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.27 15:53:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.05.27 15:52:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.05.27 15:52:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.07.23 12:40:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.05.26 00:24:04 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.05.26 00:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.05.01 18:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI
[2008.03.21 20:17:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.05 14:10:32 | 000,005,824 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.10.22 23:31:57 | 000,000,284 | ---- | C] () -- C:\Windows\game.ini
[2007.09.20 21:27:44 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2007.07.06 17:53:51 | 001,510,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2007.07.05 14:05:49 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.06.17 15:03:11 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI
[2007.06.13 19:53:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2007.06.13 19:53:19 | 000,013,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2007.06.11 20:35:56 | 000,003,584 | ---- | C] () -- C:\Users\Boss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.04.06 14:50:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini
[2007.04.01 01:35:26 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini
[2007.03.28 16:45:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.03.21 16:10:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CSDLGE1LIB.dll
[2007.03.15 19:00:10 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Sony.dll
[2007.01.27 16:17:56 | 000,003,332 | ---- | C] () -- C:\Windows\mozver.dat
[2007.01.27 12:20:52 | 000,001,460 | ---- | C] () -- C:\Users\Boss\AppData\Local\d3d9caps64.dat
[2006.11.02 16:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2001.11.19 20:05:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
 
========== LOP Check ==========
 
[2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus
[2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro
[2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync
[2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime
[2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP
[2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia
[2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite
[2012.02.05 15:17:09 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >

cosinus 06.02.2012 20:34
Funktioniert noch der abgesicherte Modus mit Netzwerktreibern?




Abgesicherter Modus zur Bereinigung
  • Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
  • Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

    Windows im abgesicherten Modusstarten

jomei 06.02.2012 22:20
Hallo,

ja, der geht noch.

cosinus 07.02.2012 09:03
na wenn der Modus geht wirst du erstmal MBAM/ESET probieren können:

Bitte nun routinemäßig einen Vollscan mit malwarebytes machen und Log posten.
Denk daran, dass Malwarebytes vor jedem Scan manuell aktualisiert werden muss! Außerdem müssen alle Funde entfernt werden.

Falls Logs aus älteren Scans mit Malwarebytes vorhanden sind, bitte auch davon alle posten!



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset





Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

jomei 07.02.2012 14:51
Hallo,

hier das erste Log. Der Scan dauerte recht lange.

Code:

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.01.13.04

Windows Vista Service Pack 2 x64 NTFS (Safe Mode/Networking)
Internet Explorer 9.0.8112.16421
Andreas :: BOSS-PC [limited]

07.02.2012 12:36:49
mbam-log-2012-02-07 (12-36-49).txt

Scan type: Full scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 785935
Time elapsed: 2 hour(s), 12 minute(s), 42 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

cosinus 07.02.2012 16:19
Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

jomei 07.02.2012 18:26
Ne, das wurde zum ersten Mal ausgefuehrt. Keine weiteren Logs.

Und hier jetzt von diesem anderen Progr.

Code:

ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=0dd3d32856394942a79ce366e3778251
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-02-07 05:22:32
# local_time=2012-02-07 06:22:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 56 38459299 166147048 0 0
# compatibility_mode=8192 67108863 100 0 14629 14629 0 0
# scanned=661786
# found=8
# cleaned=0
# scan_time=12304
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\10\43b9174a-4401181f        a variant of Java/Agent.DW trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\15\7212ea8f-14480d28        multiple threats (unable to clean)        00000000000000000000000000000000        I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49cfaf11-10591ffe        multiple threats (unable to clean)        00000000000000000000000000000000        I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\75176865-4f0f9ea5        a variant of Java/Agent.DM trojan (unable to clean)        00000000000000000000000000000000        I
C:\Users\Andreas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\73216bbe-5d421260        a variant of Java/Exploit.Agent.NAC trojan (unable to clean)        00000000000000000000000000000000        I
I:\backup-telefon\sdcard-03-08-2011\download\PayPal.zip        a variant of Win32/Injector.HCR trojan (unable to clean)        00000000000000000000000000000000        I
I:\downloads\GingerBreak-v1.20.apk        Linux/Exploit.Lotoor.AH trojan (unable to clean)        00000000000000000000000000000000        I
I:\temp\android-sd\download\PayPal.zip        a variant of Win32/Injector.HCR trojan (unable to clean)        00000000000000000000000000000000        I

cosinus 07.02.2012 20:36
Da sind aber keine typischen Funde dieser Ransomware!
Funktioniert der normale Modus? Hast du irgendeinen anderen Benutzer (mit Adminrechten) für das Log genommen, der nicht das Problem hat oder hatte? :confused:

jomei 07.02.2012 20:44
Nein, ich habe den Benutzer genommen.

Der Warnhinweis kommt jetzt auch sofort, nachdem der User angemeldet ist. Man sieht ganz kurz mein Desktophintergrundbild und schon ist die Warnmeldung da.

Als das gestern zum ersten Mal auftauchte, sprang auch keien Schutzsoftware an, am Abend dann teilte mir Microsoft Security Essentials das mit. Keine Ahnung wie man da das Log rausbekommt, ich tippe es ab:

Trojan:Win32/Ransom.EJ. Warnstufe Schwerwiegend.

Elemente:
containerfile:C:\Users\Andreas\AppData\Local\Temp\ms0cfg32.exe
file:C:\Users\Andreas\AppData\Local\Temp\ms0cfg32.exe->(UPX)

Ausgefuehrt (Entfernt). Irgendwo ist das Teil noch, da es jetzt sofort kommt.

cosinus 07.02.2012 22:06
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

jomei 07.02.2012 23:32
Hi,

hier wie gewuenscht.

OTL Logfile:
Code:
OTL logfile created on: 07.02.2012 23:10:37 - Run 2
OTL by OldTimer - Version 3.2.31.0    Folder = C:\Users\Virus\Desktop
64bit-Windows Vista Ultimate Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,95 Gb Available Physical Memory | 48,87% Memory free
8,21 Gb Paging File | 6,25 Gb Available in Paging File | 76,12% Paging File free
Paging file location(s): i:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,24 Gb Total Space | 10,39 Gb Free Space | 14,19% Space Free | Partition Type: NTFS
Drive D: | 48,83 Gb Total Space | 37,96 Gb Free Space | 77,74% Space Free | Partition Type: NTFS
Drive E: | 100,21 Gb Total Space | 20,86 Gb Free Space | 20,82% Space Free | Partition Type: NTFS
Drive G: | 66,49 Gb Total Space | 15,75 Gb Free Space | 23,68% Space Free | Partition Type: NTFS
Drive H: | 98,12 Gb Total Space | 53,78 Gb Free Space | 54,81% Space Free | Partition Type: NTFS
Drive I: | 134,76 Gb Total Space | 37,23 Gb Free Space | 27,63% Space Free | Partition Type: NTFS
 
Computer Name: BOSS-PC | User Name: Boss | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Virus\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Programme\Logitech\GamePanel Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
PRC - C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Logitech\SetPoint\x86\SetPoint32.exe ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AEADIFilters) -- C:\Windows\SysNative\AEADISRV.EXE (Andrea Electronics Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (VmbService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe (Vodafone)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (ForceWare Intelligent Application Manager (IAM)) ForceWare Intelligent Application Manager (IAM) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe ()
SRV - (nSvcIp) -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (Viewpoint Manager Service) -- C:\Program Files (x86)\Viewpoint\Common\ViewpointService.exe (Viewpoint Corporation)
SRV - (MSCSPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation)
SRV - (SPTISRV) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation)
SRV - (PACSPTISVR) -- C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (iPodDrv) -- C:\Windows\SysNative\drivers\iPodDrv.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\DRIVERS\taphss.sys (AnchorFree Inc)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\DRIVERS\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\DRIVERS\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\DRIVERS\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (vodafone_K3805-z_dc_enum) -- C:\Windows\SysNative\DRIVERS\vodafone_K3805-z_dc_enum.sys (Vodafone)
DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\DRIVERS\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\DRIVERS\Motousbnet.sys (Motorola)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\DRIVERS\atipmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\DRIVERS\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\DRIVERS\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (PSSDK42) -- C:\Windows\SysNative\Drivers\pssdk42.sys (microOLAP Technologies LTD)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\DRIVERS\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbfake) -- C:\Windows\SysNative\DRIVERS\ewusbfake.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\DRIVERS\motmodem.sys (Motorola)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\Drivers\sptd.sys ()
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\DRIVERS\motccgp.sys (Motorola)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\Drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\DRIVERS\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MotDev) -- C:\Windows\SysNative\DRIVERS\motodrv.sys (Motorola Inc)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\DRIVERS\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64j.sys (Nokia)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdcx64) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\DRIVERS\motccgpfl.sys (Motorola)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\DRIVERS\motfilt.sys (Motorola Inc)
DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\DRIVERS\pccsmcfdx64.sys (Nokia)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (lgmcunic) LGE Mobile USB WMC Ethernet ELDA (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcunic.sys (MCCI Corporation)
DRV:64bit: - (lgmcobex) -- C:\Windows\SysNative\DRIVERS\lgmcobex.sys (MCCI Corporation)
DRV:64bit: - (lgmcnd5) LGE Mobile USB WMC Ethernet ELDA (NDIS) -- C:\Windows\SysNative\DRIVERS\lgmcnd5.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdm) -- C:\Windows\SysNative\DRIVERS\lgmcmdm.sys (MCCI Corporation)
DRV:64bit: - (lgmcmgmt) LGE Mobile USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcmgmt.sys (MCCI Corporation)
DRV:64bit: - (lgmcbus) LGE Mobile driver (WDM) -- C:\Windows\SysNative\DRIVERS\lgmcbus.sys (MCCI Corporation)
DRV:64bit: - (lgmcmdfl) -- C:\Windows\SysNative\DRIVERS\lgmcmdfl.sys (MCCI Corporation)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\DRIVERS\motswch.sys (Motorola)
DRV:64bit: - (SiFilter) -- C:\Windows\SysNative\DRIVERS\SiWinAcc.sys (Silicon Image, Inc)
DRV:64bit: - (SiRemFil) -- C:\Windows\SysNative\DRIVERS\SiRemFil.sys (Silicon Image, Inc)
DRV:64bit: - (SI3132) -- C:\Windows\SysNative\DRIVERS\SI3132.sys (Silicon Image, Inc)
DRV:64bit: - (ADIHdAudAddService) -- C:\Windows\SysNative\drivers\ADIHdAud.sys (Analog Devices, Inc.)
DRV:64bit: - (timounter) -- C:\Windows\SysNative\DRIVERS\timntr.sys (Acronis)
DRV:64bit: - (tifsfilter) -- C:\Windows\SysNative\DRIVERS\tifsfilt.sys (Acronis)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\DRIVERS\snapman.sys (Acronis)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\DRIVERS\ASACPI.sys ()
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4B 08 0B B0 E2 E4 CC 01  [binary data]
IE - HKU\S-1-5-21-2296755919-1659602251-94568991-1005\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: I:\progr\jr6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.0: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.0\npesnsonar.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: G:\programme\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2852: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2910: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1662: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@research.microsoft.com/HDView: C:\Program Files (x86)\Microsoft Research\HD View\nphdview.dll (Microsoft Research)
FF - HKLM\Software\MozillaPlugins\@skyhookwireless.com/LokiPlugin: C:\Program Files (x86)\Skyhook Wireless\Loki Browser Plugin\versions\3.1.0.05\nploki.dll (Skyhook Wireless)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/vbp;version=0.9.16: C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.16: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.16: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Media Player\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: I:\progr\vf-web\Optimization Client\addon\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Components: G:\programme\Mozilla Firefox\components [2012.02.01 21:47:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.0.6\extensions\\Plugins: G:\programme\Mozilla Firefox\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.09.09 15:49:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.01.13 00:36:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
 
[2007.01.30 10:59:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Boss\AppData\Roaming\mozilla\Firefox\Profiles\yf0p6cos.default\extensions
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\INSPECTOR@MOZILLA.ORG
File not found (No name found) -- G:\PROGRA~1\MOZILL~1\EXTENSIONS\TALKBACK@MOZILLA.ORG
 
O1 HOSTS File: ([2008.10.10 19:43:51 | 000,000,759 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1            localhost
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\progr\jr6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCDMon] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LGDCore] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [Launch LgDeviceAgent] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1004..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Andreas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\..Trusted Domains: fritz.box ([]* in Local intranet)
O15 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000\..Trusted Ranges: Range1 ([*] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_25-windows-i586.cab (Java Plug-in 1.6.0_25)
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} hxxp://support.asus.com/common/asusTek_sys_ctrl.cab (asusTek_sysctrl Class)
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} hxxp://www.burj-al-arab.com/flashcab/ipix/ipixx.cab (iPIX ActiveX Control)
O16 - DPF: {40F576AD-8680-4F9E-9490-99D069CD665F} hxxp://srtest-cdn.systemrequirementslab.com.s3.amazonaws.com/bin/sysreqlabdetect.cab (Reg Error: Key error.)
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.8.cab (DLM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab (Java Plug-in 1.5.0_10)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (RealPlayer G2 Control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} hxxp://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx (CRLDownloadWrapper Class)
O16 - DPF: {DE22A7AB-A739-4C58-AD52-21F9CD6306B7} hxxp://download.microsoft.com/download/7/E/6/7E6A8567-DFE4-4624-87C3-163549BE2704/clearadj.cab (CTAdjust Class)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA225B3F-D7B3-44A3-9371-D4387BB0076E}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\Ole DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WI1F86~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img17.jpg
O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)
O30 - LSA: Authentication Packages - (relog_ap) -C:\Windows\SysWow64\relog_ap.dll (Acronis)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (OODBS)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start++.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^Users^Andreas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.1.lnk -  - File not found
MsConfig:64bit - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
MsConfig:64bit - StartUpReg: AcronisTimounterMonitor - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: HTC Sync Loader - hkey= - key= - C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe ()
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: KeePass 2 PreLoad - hkey= - key= - I:\progr\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
MsConfig:64bit - StartUpReg: MobileBroadband - hkey= - key= - C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe (Vodafone)
MsConfig:64bit - StartUpReg: Nokia.PCSync - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: OODefragTray - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: PC Suite Tray - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: PCSuiteTrayApplication - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RivaTunerStartupDaemon - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: TrueImageMonitor.exe - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
MsConfig:64bit - StartUpReg: TVgenial - hkey= - key= -  File not found
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "services" - Reg Error: Key error.
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MsMpSvc - C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (Microsoft Corporation)
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} -
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} -
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24} - %SystemRoot%\system32\soundschemes2.exe /AddRegistration
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player 9 ActiveX
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Adobe Shockwave Director 10.4
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4CF30EEE-A775-4B09-020A-97471021493D} - Internet Explorer
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {A8D647C8-65AC-409F-B7B2-3C0FEE1A32F2} - C:\Program Files (x86)\PixiePack Codec Pack\InstallerHelper.exe
ActiveX: {BA4F0990-B822-A685-E10D-A40B2B462565} - Viewpoint Media Player
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EE5B8873-4930-0295-D83A-F45EAFE2F9A1} - Internet Explorer
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lhacm - C:\Windows\SysWow64\lhacm.acm (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FFDS - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.VP60 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\Windows\SysWOW64\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.02.07 11:53:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.02.07 11:53:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.02.07 11:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.02.07 11:53:12 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.02.07 11:53:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.02.05 16:21:14 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0
[2012.02.05 15:14:02 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2012.02.05 14:36:57 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Deployment
[2012.02.05 14:34:15 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Logitech
[2012.02.05 14:33:50 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Local\Salling_Software_AB
[2012.02.05 14:33:41 | 000,000,000 | ---D | C] -- C:\Users\Boss\AppData\Roaming\Apple Computer
[2012.01.22 23:43:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012.01.22 23:43:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.02.07 23:02:00 | 000,001,128 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001UA.job
[2012.02.07 22:58:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.02.07 22:29:58 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 22:29:58 | 000,003,680 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.02.07 22:25:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.07 22:02:00 | 000,001,076 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1001Core.job
[2012.02.07 19:54:46 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.02.07 18:29:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.02.07 18:29:31 | 4293,451,776 | -HS- | M] () -- C:\hiberfil.sys
[2012.02.07 11:55:38 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012.02.06 16:25:16 | 000,001,068 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2012.01.23 01:40:02 | 001,487,716 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.01.23 01:40:02 | 000,644,348 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.01.23 01:40:02 | 000,609,368 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.01.23 01:40:02 | 000,132,718 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.01.23 01:40:02 | 000,109,644 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.01.21 13:41:13 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\everest_cpl.ini
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.02.07 18:29:31 | 4293,451,776 | -HS- | C] () -- C:\hiberfil.sys
[2012.02.06 16:20:09 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005UA.job
[2012.02.06 16:20:09 | 000,001,068 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2296755919-1659602251-94568991-1005Core.job
[2011.09.30 00:20:18 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.08.03 02:31:54 | 000,311,912 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2010.12.31 11:48:56 | 000,208,552 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
[2010.10.05 19:21:06 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2010.10.05 19:21:06 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2010.09.26 18:18:22 | 000,000,133 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2010.04.30 13:14:05 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.04.30 13:12:56 | 000,001,035 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.04.13 16:03:35 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.04 15:17:51 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib
[2009.11.25 12:40:50 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2009.05.27 15:53:04 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009.05.27 15:52:45 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009.05.27 15:52:28 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2008.07.23 12:40:12 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008.05.26 00:24:04 | 000,765,952 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2008.05.26 00:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2008.05.01 18:13:13 | 000,000,000 | ---- | C] () -- C:\Windows\oodcnt.INI
[2008.03.21 20:17:55 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2008.01.05 14:10:32 | 000,005,824 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
[2007.10.22 23:31:57 | 000,000,284 | ---- | C] () -- C:\Windows\game.ini
[2007.09.20 21:27:44 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2007.07.06 17:53:51 | 001,510,554 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2007.07.05 14:05:49 | 000,000,012 | ---- | C] () -- C:\Windows\bthservsdp.dat
[2007.06.17 15:03:11 | 000,000,558 | ---- | C] () -- C:\Windows\DFC.INI
[2007.06.13 19:53:19 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2007.06.13 19:53:19 | 000,013,632 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2007.06.11 20:35:56 | 000,003,584 | ---- | C] () -- C:\Users\Boss\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.04.06 14:50:59 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\everest_cpl.ini
[2007.04.01 01:35:26 | 000,000,170 | ---- | C] () -- C:\Windows\wininit.ini
[2007.03.28 16:45:26 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI
[2007.03.21 16:10:43 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\CSDLGE1LIB.dll
[2007.03.15 19:00:10 | 000,532,480 | ---- | C] () -- C:\Windows\SysWow64\CddbPlaylist2Sony.dll
[2007.01.27 16:17:56 | 000,003,332 | ---- | C] () -- C:\Windows\mozver.dat
[2007.01.27 12:20:52 | 000,001,460 | ---- | C] () -- C:\Users\Boss\AppData\Local\d3d9caps64.dat
[2006.11.02 16:35:48 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006.11.02 13:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006.11.02 13:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006.11.02 13:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006.11.02 10:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2003.02.20 16:53:42 | 000,005,702 | ---- | C] () -- C:\Windows\SysWow64\OUTLPERF.INI
[2001.11.19 20:05:18 | 000,003,972 | ---- | C] () -- C:\Windows\SysWow64\drivers\PciBus.sys
 
========== LOP Check ==========
 
[2008.10.16 17:12:13 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acreon
[2008.01.06 15:25:06 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Acronis
[2011.01.10 15:16:52 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Amazon
[2011.01.07 16:22:01 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\AnvSoft
[2008.11.03 23:05:11 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ashampoo
[2008.04.29 11:57:04 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Azureus
[2012.01.23 18:01:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\BigHugeEngine
[2008.01.04 22:22:00 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Codemasters
[2009.06.23 15:23:56 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DAEMON Tools Pro
[2007.06.16 15:02:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DeepBurner
[2011.05.19 11:35:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.16 02:14:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\elsterformular
[2011.11.22 13:08:51 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\FileZilla
[2009.07.19 23:10:48 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\FUEL Demo
[2009.08.15 18:10:15 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\GetRightToGo
[2007.03.04 13:44:09 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\GHISLER
[2010.11.24 03:12:20 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gnupg
[2008.11.03 22:38:22 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\gtk-2.0
[2011.05.28 17:42:43 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\HTC
[2011.05.28 17:42:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2007.03.04 15:15:03 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\IE7pro
[2008.01.02 19:40:29 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\InfraRecorder
[2011.08.07 12:31:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\IrfanView
[2009.09.17 14:43:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ivacy
[2010.12.19 17:18:16 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\KeePass
[2010.09.03 14:54:35 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Keynote Systems
[2010.01.01 17:54:23 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Leadertech
[2008.06.07 10:44:33 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\LG Electronics
[2008.05.10 14:15:50 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Locktime
[2008.07.23 19:35:02 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Miranda
[2007.03.22 12:38:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Mobile Master
[2007.03.15 11:19:53 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MusicIP
[2011.06.08 18:50:31 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\MyPhoneExplorer
[2010.09.12 23:33:12 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Need for Speed World
[2010.06.08 14:10:39 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\NVD
[2009.01.09 17:42:52 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\OpenOffice.org
[2009.08.07 20:20:22 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Opera
[2012.01.22 23:43:56 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Origin
[2011.12.11 12:59:44 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PC Suite
[2007.01.30 03:25:17 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\PeerNetworking
[2008.10.16 20:10:36 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Prabang
[2011.04.27 16:05:21 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\SoftGrid Client
[2008.07.14 23:38:25 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Teleca
[2010.07.24 15:25:28 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Thunderbird
[2011.04.27 16:04:20 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TP
[2007.09.19 19:51:24 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TrueCrypt
[2011.05.18 15:27:59 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TVgenial
[2009.04.04 15:35:16 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TweetDeckFast.F9107117265DB7542C1A806C8DB837742CE14C21.1
[2009.12.03 18:15:49 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\TweetDeckFast.FFF259DC0CE2657847BBB4AFF0E62062EFC56543.1
[2011.11.16 15:05:59 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Ubisoft
[2011.03.19 15:01:54 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\uTorrent
[2011.04.22 16:37:45 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\Vodafone
[2009.05.13 15:41:19 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\winpt
[2007.07.27 23:08:58 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\WowAceUpdater
[2011.06.15 16:24:50 | 000,000,000 | ---D | M] -- C:\Users\Andreas\AppData\Roaming\XMedia Recode
[2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus
[2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro
[2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync
[2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime
[2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP
[2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia
[2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite
[2012.02.07 11:55:37 | 000,032,602 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.02.05 14:38:51 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Adobe
[2012.02.05 14:33:41 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Apple Computer
[2007.03.14 20:35:58 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Azureus
[2012.02.05 15:16:47 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\DeepBurner
[2007.01.27 12:20:56 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Identities
[2007.03.28 16:45:54 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\IE7pro
[2007.03.21 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\LGSync
[2008.05.18 12:42:02 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Locktime
[2012.02.05 14:34:15 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Logitech
[2007.02.08 02:12:04 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Macromedia
[2006.11.02 16:06:33 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Media Center Programs
[2012.02.05 14:36:46 | 000,000,000 | --SD | M] -- C:\Users\Boss\AppData\Roaming\Microsoft
[2007.01.30 10:59:33 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Mozilla
[2007.03.14 22:14:05 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\MusicIP
[2007.05.02 11:31:24 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Nokia
[2007.03.30 15:54:48 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\OpenOffice.org2
[2007.05.05 15:19:22 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\PC Suite
[2007.05.09 14:06:08 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Real
[2007.04.06 15:15:53 | 000,000,000 | RH-D | M] -- C:\Users\Boss\AppData\Roaming\SecuROM
[2007.03.15 19:10:34 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Sony Corporation
[2007.01.30 10:59:41 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\Talkback
[2007.01.31 23:41:17 | 000,000,000 | ---D | M] -- C:\Users\Boss\AppData\Roaming\teamspeak2
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2006.11.02 13:03:16 | 000,062,056 | ---- | M] (Microsoft Corporation) MD5=5CCDD13BC602AE33CD8B62D33C29AB72 -- C:\Windows\SysNative\drivers\AGP440.sys
[2008.01.19 09:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys
[2008.01.19 09:09:09 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2008.02.15 14:13:23 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=05001E1FACCE49DB895B8526B05C7302 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.20757_none_37cb142cf6008bc1\atapi.sys
[2008.01.19 09:07:46 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys
[2008.02.15 14:13:23 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=BB55C79E0595D8CFBE4A80A3C9EB77EA -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6000.16632_none_375215c7dcd73562\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\SysNative\drivers\atapi.sys
[2009.04.11 08:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll
[2006.11.02 12:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll
[2006.11.02 10:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2008.01.19 09:11:31 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys
[2006.11.02 12:51:48 | 000,280,680 | ---- | M] (Intel Corporation) MD5=72C3EE7EA3CD75A772E62AE0E5DF8B8C -- C:\Windows\SysNative\drivers\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2008.01.19 09:03:01 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll
[2006.11.02 10:46:11 | 000,559,616 | ---- | M] (Microsoft Corporation) MD5=889A2C9F2AACCD8F64EF50AC0B3D553B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_61f43b1d27cd0ab4\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll
[2009.04.11 07:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll
[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll
[2009.04.11 08:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll
[2008.01.19 08:35:36 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll
[2006.11.02 12:18:47 | 000,684,032 | ---- | M] (Microsoft Corporation) MD5=BFAB28B54DF41208CF3490FF26E53FD9 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6000.16386_none_579f90caf36c48b9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2006.11.02 13:02:51 | 000,048,232 | ---- | M] (NVIDIA Corporation) MD5=94C5334040A5D500897F4C5FD12AEEDE -- C:\Windows\SysNative\drivers\nvstor.sys
[2008.01.19 09:08:50 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2008.01.19 08:36:19 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll
[2006.11.02 12:19:09 | 000,239,616 | ---- | M] (Microsoft Corporation) MD5=32EF13F20B28966D29DE5EABE036431D -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_91f5bbe3948dcf74\scecli.dll
[2008.01.19 09:03:55 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll
[2006.11.02 10:46:12 | 000,176,640 | ---- | M] (Microsoft Corporation) MD5=80E2839D05CA5970A86D7BE2A08BFF61 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6000.16386_none_9c4a6635c8ee916f\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll
[2009.04.11 07:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll
[2009.04.11 08:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll
 
< MD5 for: USER32.DLL  >
[2006.11.02 10:44:25 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=00B53DCA0408CCD8F6BAF13994F6E3A0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_3174f01b5d2fa18f\user32.dll
[2007.04.05 22:37:41 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=296BA70E2A302E639CBD9E2A32DC65C4 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_31ad02315d0545af\user32.dll
[2008.01.19 09:04:23 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll
[2008.01.19 08:32:19 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll
[2007.04.05 22:37:41 | 000,646,656 | ---- | M] (Microsoft Corporation) MD5=437C1C0CB2A42EA20083F21E9CAEF461 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_32359eb27623cc22\user32.dll
[2007.04.05 22:37:41 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=707CD582A4F93DB789336A5CE9527970 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16438_none_275857df28a483b4\user32.dll
[2006.11.02 12:19:10 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=95D5555CC7BD8F520996E35D36491EEF -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.16386_none_272045c928cedf94\user32.dll
[2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll
[2009.04.11 07:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll
[2007.04.05 22:37:41 | 000,810,496 | ---- | M] (Microsoft Corporation) MD5=E4E3ED1E0D1D8C33A9C94ABEA1C8BC96 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6000.20537_none_27e0f46041c30a27\user32.dll
[2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll
[2009.04.11 08:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe
[2008.01.19 08:33:33 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe
[2006.11.02 10:45:50 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=22027835939F86C3E47AD8E3FBDE3D11 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_d9f1f819d4c4e737\userinit.exe
[2006.11.02 12:16:15 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=46D5B6B80E4A5997F508F938F96B7628 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6000.16386_none_3610939d8d22586d\userinit.exe
[2008.01.19 09:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe
[2008.01.19 09:00:41 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe
[2008.01.19 08:33:37 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe
[2008.01.19 09:00:45 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe
[2008.01.19 09:00:45 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe
[2006.11.02 12:16:20 | 000,122,368 | ---- | M] (Microsoft Corporation) MD5=6F92CE5B50283B0C0A7A539ED552039A -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_8ada9256bfc30704\wininit.exe
[2006.11.02 10:45:57 | 000,095,744 | ---- | M] (Microsoft Corporation) MD5=D4385B03E8CCCEE6F0EE249F827C1F3E -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6000.16386_none_2ebbf6d3076595ce\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.01.13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe
[2009.04.11 08:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe
[2008.01.19 09:00:45 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe
[2009.04.11 07:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe
[2006.11.02 12:16:20 | 000,397,312 | ---- | M] (Microsoft Corporation) MD5=9642EED809219A2F914DD8E40A09C48B -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_c9aada9e9063dc57\winlogon.exe
[2006.11.02 10:45:57 | 000,308,224 | ---- | M] (Microsoft Corporation) MD5=9F75392B9128A91ABAFB044EA350BAAD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6000.16386_none_6d8c3f1ad8066b21\winlogon.exe
[2008.01.19 08:33:37 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2008.01.19 07:37:47 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2008.01.19 07:37:47 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys
[2006.11.02 10:47:52 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=C4EE49DB7EADC812DBC0ECCF2E7FB929 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6000.16386_none_a96e7a5c834006a3\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2010.09.13 16:46:13 | 010,627,072 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\wmp.dll
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF

< End of report >
--- --- ---

cosinus 08.02.2012 10:01
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - No CLSID value found.
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [ISUSPM] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [TVgenial] "G:\programme\tvgenial\TVgenial.exe" -d File not found
O4 - HKU\S-1-5-21-2296755919-1659602251-94568991-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun =  [binary data]
O8:64bit: - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8:64bit: - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8:64bit: - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8:64bit: - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8:64bit: - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8:64bit: - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: &Alles mit FlashGet laden - G:\programme\flashget\jc_all.htm File not found
O8 - Extra context menu item: &Mit FlashGet laden - G:\programme\flashget\jc_link.htm File not found
O8 - Extra context menu item: Alles mit FDM herunterladen - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Auswahl mit FDM herunterladen - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Datei mit FDM herunterladen - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Download all with Free Download Manager - file://G:\programme\Free Download Manager\dlall.htm File not found
O8 - Extra context menu item: Download selected with Free Download Manager - file://G:\programme\Free Download Manager\dlselected.htm File not found
O8 - Extra context menu item: Download video with Free Download Manager - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O8 - Extra context menu item: Download with Free Download Manager - file://G:\programme\Free Download Manager\dllink.htm File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - file://G:\programme\Free Download Manager\dlfvideo.htm File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.12.23 18:54:16 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Start++.lnk -  - File not found
@Alternate Data Stream - 508 bytes -> C:\ProgramData\TEMP:05EE1EEF
:Commands
[emptytemp]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

jomei 08.02.2012 14:07
Moin, so, hier das Ergebnis.

Beim ersten Versuch reagierte OTL dann nicht mehr. Reboot. Noch einmal durchgefuehrt, ging, danach verlangte OTL einen Reboot. Gemacht.

Hier das Log. Ist natuerlich von einem anderen Benutzer ausgefuehrt worden, da kein Login moeglich ist beim betroffenen User.

Code:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{E0E899AB-F487-11D5-8D29-0050BA6940E3} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E0E899AB-F487-11D5-8D29-0050BA6940E3}\ not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ISUSPM not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\TVgenial not found.
Registry value HKEY_USERS\S-1-5-21-2296755919-1659602251-94568991-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMPNSCFG not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges not found.
Registry value HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
Registry value HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Alles mit FlashGet laden\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Mit FlashGet laden\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Add to Google Photos Screensa&ver\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Alles mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Auswahl mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Datei mit FDM herunterladen\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ not found.
64bit-Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Videos mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Alles mit FlashGet laden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\&Mit FlashGet laden\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Alles mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Auswahl mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Datei mit FDM herunterladen\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download all with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download selected with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download video with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Download with Free Download Manager\ not found.
Registry key HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Videos mit FDM herunterladen\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File D:\AUTOEXEC.BAT not found.
Unable to delete ADS C:\ProgramData\TEMP:05EE1EEF .
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Andreas
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 25882642 bytes
->Java cache emptied: 76177967 bytes
->FireFox cache emptied: 244359456 bytes
->Google Chrome cache emptied: 272101057 bytes
->Apple Safari cache emptied: 4017152 bytes
->Opera cache emptied: 369270 bytes
->Flash cache emptied: 2011158 bytes
 
User: Boss
->Temp folder emptied: 5269047 bytes
->Temporary Internet Files folder emptied: 24685263 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 3339016 bytes
->Google Chrome cache emptied: 13566073 bytes
->Flash cache emptied: 566 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56468 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
 
User: Virus
->Temp folder emptied: 4097577 bytes
->Temporary Internet Files folder emptied: 13769794 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 16626134 bytes
->Google Chrome cache emptied: 172390403 bytes
->Flash cache emptied: 58983 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 155648 bytes
%systemroot%\System32 .tmp files removed: 1610800 bytes
%systemroot%\System32 (64bit) .tmp files removed: 7254528 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 10010698 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 856,00 mb
 
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.31.0 log created on 02082012_135818

Files\Folders moved on Reboot...
C:\Users\Boss\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
File move failed. C:\Windows\SysNative\SET24F3.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\SET271C.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\SysNative\SET49A0.tmp scheduled to be moved on reboot.
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus 08.02.2012 14:08
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten => http://www.trojaner-board.de/82358-t...entfernen.html

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg


Falls du durch die Infektion auf deine Dokumente/Eigenen Dateien nicht zugreifen kannst, Verknüpfungen auf dem Desktop oder im Startmenü unter "alle Programme" fehlen, bitte unhide ausführen:
Downloade dir bitte unhide.exe und speichere diese Datei auf deinem Desktop.
Starte das Tool und es sollten alle Dateien und Ordner wieder sichtbar sein. ( Könnte eine Weile dauern )
http://www.trojaner-board.de/images/icons/icon4.gif Windows-Vista und Windows-7-User müssen das Tool per Rechtsklick als Administrator ausführen! http://www.trojaner-board.de/images/icons/icon4.gif

jomei 08.02.2012 14:16
Und schon bin ich wieder da.

Code:

14:14:21.0699 5908        TDSS rootkit removing tool 2.7.10.0 Feb  7 2012 15:14:46
14:14:21.0878 5908        ============================================================
14:14:21.0878 5908        Current date / time: 2012/02/08 14:14:21.0878
14:14:21.0879 5908        SystemInfo:
14:14:21.0879 5908       
14:14:21.0879 5908        OS Version: 6.0.6002 ServicePack: 2.0
14:14:21.0879 5908        Product type: Workstation
14:14:21.0879 5908        ComputerName: BOSS-PC
14:14:21.0879 5908        UserName: Boss
14:14:21.0879 5908        Windows directory: C:\Windows
14:14:21.0879 5908        System windows directory: C:\Windows
14:14:21.0879 5908        Running under WOW64
14:14:21.0879 5908        Processor architecture: Intel x64
14:14:21.0879 5908        Number of processors: 2
14:14:21.0879 5908        Page size: 0x1000
14:14:21.0879 5908        Boot type: Normal boot
14:14:21.0879 5908        ============================================================
14:14:22.0261 5908        Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0264 5908        Drive \Device\Harddisk1\DR1 - Size: 0x22EF13E000 (139.74 Gb), SectorSize: 0x200, Cylinders: 0x4741, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0280 5908        Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:14:22.0286 5908        \Device\Harddisk0\DR0:
14:14:22.0295 5908        MBR used
14:14:22.0295 5908        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
14:14:22.0309 5908        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x61A79A5, BlocksNum 0xC86D25B
14:14:22.0309 5908        \Device\Harddisk1\DR1:
14:14:22.0309 5908        MBR used
14:14:22.0309 5908        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x927C000
14:14:22.0309 5908        \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x927C800, BlocksNum 0x84FB800
14:14:22.0309 5908        \Device\Harddisk2\DR2:
14:14:22.0309 5908        MBR used
14:14:22.0309 5908        \Device\Harddisk2\DR2\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xC43D800
14:14:22.0309 5908        \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0xC43E000, BlocksNum 0x10D86800
14:14:22.0486 5908        Initialize success
14:14:22.0486 5908        ============================================================
14:14:42.0961 5936        ============================================================
14:14:42.0961 5936        Scan started
14:14:42.0961 5936        Mode: Manual; SigCheck; TDLFS;
14:14:42.0961 5936        ============================================================
14:14:43.0168 5936        ACPI            (1965aaffab07e3fb03c77f81beba3547) C:\Windows\system32\drivers\acpi.sys
14:14:43.0276 5936        ACPI - ok
14:14:43.0337 5936        ADIHdAudAddService (9c2430847d0d7df0cb60eface1aa453a) C:\Windows\system32\drivers\ADIHdAud.sys
14:14:43.0384 5936        ADIHdAudAddService - ok
14:14:43.0469 5936        adp94xx        (9137451d37ba1c325cd6c2def3d2d692) C:\Windows\system32\drivers\adp94xx.sys
14:14:43.0518 5936        adp94xx - ok
14:14:43.0550 5936        adpahci        (01f80898df5cc7df19b3b11351846263) C:\Windows\system32\drivers\adpahci.sys
14:14:43.0594 5936        adpahci - ok
14:14:43.0618 5936        adpu160m        (da001db13fff45dfe9109936e265b7cc) C:\Windows\system32\drivers\adpu160m.sys
14:14:43.0638 5936        adpu160m - ok
14:14:43.0668 5936        adpu320        (2b10c35c5b7c5c0c28f572e035319602) C:\Windows\system32\drivers\adpu320.sys
14:14:43.0688 5936        adpu320 - ok
14:14:43.0763 5936        AFD            (0cc146c4addea45791b18b1e2659f4a9) C:\Windows\system32\drivers\afd.sys
14:14:43.0818 5936        AFD - ok
14:14:43.0836 5936        agp440          (5ccdd13bc602ae33cd8b62d33c29ab72) C:\Windows\system32\drivers\agp440.sys
14:14:43.0853 5936        agp440 - ok
14:14:43.0872 5936        aic78xx        (222cb641b4b8a1d1126f8033f9fd6a00) C:\Windows\system32\drivers\djsvs.sys
14:14:43.0889 5936        aic78xx - ok
14:14:43.0910 5936        aliide          (157d0898d4b73f075ce9fa26b482df98) C:\Windows\system32\drivers\aliide.sys
14:14:43.0925 5936        aliide - ok
14:14:43.0953 5936        amdide          (970fa5059e61e30d25307b99903e991e) C:\Windows\system32\drivers\amdide.sys
14:14:43.0969 5936        amdide - ok
14:14:43.0993 5936        AmdK8          (de55dc52f7ceb89a967572d6b491ada2) C:\Windows\system32\drivers\amdk8.sys
14:14:44.0222 5936        AmdK8 - ok
14:14:44.0372 5936        amdkmdag        (1147f8816d4ddc9fc43a40df52f40500) C:\Windows\system32\DRIVERS\atipmdag.sys
14:14:44.0621 5936        amdkmdag - ok
14:14:44.0653 5936        amdkmdap        (ebc963d8f5b04c98f5ef597aae79cddd) C:\Windows\system32\DRIVERS\atikmpag.sys
14:14:44.0681 5936        amdkmdap - ok
14:14:44.0732 5936        arc            (2e8623f2fed998a97129a3db919551c8) C:\Windows\system32\drivers\arc.sys
14:14:44.0749 5936        arc - ok
14:14:44.0768 5936        arcsas          (741a003c041a3ec480a2e71af71e9654) C:\Windows\system32\drivers\arcsas.sys
14:14:44.0785 5936        arcsas - ok
14:14:44.0795 5936        AsIO - ok
14:14:44.0831 5936        AsyncMac        (22d13ff3dafec2a80634752b1eaa2de6) C:\Windows\system32\DRIVERS\asyncmac.sys
14:14:44.0949 5936        AsyncMac - ok
14:14:44.0973 5936        atapi          (e68d9b3a3905619732f7fe039466a623) C:\Windows\system32\drivers\atapi.sys
14:14:44.0991 5936        atapi - ok
14:14:45.0020 5936        AtiHdmiService  (19aaa5fa3a9804b8722f7b95649fb6c9) C:\Windows\system32\drivers\AtiHdmi.sys
14:14:45.0055 5936        AtiHdmiService - ok
14:14:45.0096 5936        blbdrive - ok
14:14:45.0130 5936        bowser          (2348447a80920b2493a9b582a23e81e1) C:\Windows\system32\DRIVERS\bowser.sys
14:14:45.0161 5936        bowser - ok
14:14:45.0175 5936        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\brfiltlo.sys
14:14:45.0210 5936        BrFiltLo - ok
14:14:45.0230 5936        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\brfiltup.sys
14:14:45.0268 5936        BrFiltUp - ok
14:14:45.0292 5936        Brserid        (f0f0ba4d815be446aa6a4583ca3bca9b) C:\Windows\system32\drivers\brserid.sys
14:14:45.0353 5936        Brserid - ok
14:14:45.0372 5936        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\system32\drivers\brserwdm.sys
14:14:45.0429 5936        BrSerWdm - ok
14:14:45.0451 5936        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\system32\drivers\brusbmdm.sys
14:14:45.0515 5936        BrUsbMdm - ok
14:14:45.0547 5936        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\system32\drivers\brusbser.sys
14:14:45.0612 5936        BrUsbSer - ok
14:14:45.0643 5936        BTCFilterService (ff7c57973eead140062238c5a0b7d455) C:\Windows\system32\DRIVERS\motfilt.sys
14:14:45.0673 5936        BTCFilterService - ok
14:14:45.0714 5936        BthEnum        (09f926a0d9c0bafd8417a4307d2ed13c) C:\Windows\system32\DRIVERS\BthEnum.sys
14:14:45.0738 5936        BthEnum - ok
14:14:45.0757 5936        BTHMODEM        (72f70a38bb15252eb7c4da7ba3bd4ed1) C:\Windows\system32\DRIVERS\bthmodem.sys
14:14:45.0787 5936        BTHMODEM - ok
14:14:45.0819 5936        BthPan          (befc5311736b475ac5b60c14ff7c775a) C:\Windows\system32\DRIVERS\bthpan.sys
14:14:45.0856 5936        BthPan - ok
14:14:45.0907 5936        BTHPORT        (e1466882252ff51edde48c3f7eda2591) C:\Windows\system32\Drivers\BTHport.sys
14:14:45.0958 5936        BTHPORT - ok
14:14:46.0000 5936        BTHUSB          (970192cded77a128e7e30722e5ee6b9c) C:\Windows\system32\Drivers\BTHUSB.sys
14:14:46.0031 5936        BTHUSB - ok
14:14:46.0068 5936        btusbflt        (143f130d53cf9c6971c5404b92dd8d4b) C:\Windows\system32\drivers\btusbflt.sys
14:14:46.0101 5936        btusbflt - ok
14:14:46.0112 5936        btwaudio - ok
14:14:46.0141 5936        btwrchid - ok
14:14:46.0166 5936        cdfs            (b4d787db8d30793a4d4df9feed18f136) C:\Windows\system32\DRIVERS\cdfs.sys
14:14:46.0207 5936        cdfs - ok
14:14:46.0233 5936        cdrom          (c025aa69be3d0d25c7a2e746ef6f94fc) C:\Windows\system32\DRIVERS\cdrom.sys
14:14:46.0264 5936        cdrom - ok
14:14:46.0288 5936        circlass        (f28f00596824058bc61d5edf434c9b82) C:\Windows\system32\drivers\circlass.sys
14:14:46.0347 5936        circlass - ok
14:14:46.0372 5936        CLFS            (3dca9a18b204939cfb24bea53e31eb48) C:\Windows\system32\CLFS.sys
14:14:46.0403 5936        CLFS - ok
14:14:46.0436 5936        cmdide          (e5d5499a1c50a54b5161296b6afe6192) C:\Windows\system32\drivers\cmdide.sys
14:14:46.0451 5936        cmdide - ok
14:14:46.0471 5936        Compbatt        (0e77a445640bf310817f60941c50560c) C:\Windows\system32\drivers\compbatt.sys
14:14:46.0489 5936        Compbatt - ok
14:14:46.0511 5936        crcdisk        (b1192dcd5b9cf46beed0e2a9e5bcf59a) C:\Windows\system32\drivers\crcdisk.sys
14:14:46.0536 5936        crcdisk - ok
14:14:46.0582 5936        CSC            (f60f50c8ed3fcbe358430b95fe27d09c) C:\Windows\system32\drivers\csc.sys
14:14:46.0651 5936        CSC - ok
14:14:46.0686 5936        DfsC            (8b722ba35205c71e7951cdc4cdbade19) C:\Windows\system32\Drivers\dfsc.sys
14:14:46.0723 5936        DfsC - ok
14:14:46.0754 5936        disk            (b0107e40ecdb5fa692ebf832f295d905) C:\Windows\system32\drivers\disk.sys
14:14:46.0773 5936        disk - ok
14:14:46.0797 5936        drmkaud        (f1a78a98cfc2ee02144c6bec945447e6) C:\Windows\system32\drivers\drmkaud.sys
14:14:46.0825 5936        drmkaud - ok
14:14:46.0851 5936        dump_wmimmc - ok
14:14:46.0900 5936        DXGKrnl        (b8e554e502d5123bc111f99d6a2181b4) C:\Windows\System32\drivers\dxgkrnl.sys
14:14:46.0948 5936        DXGKrnl - ok
14:14:46.0970 5936        E1G60          (d57fe09b575545738a73a0c193d0616a) C:\Windows\system32\DRIVERS\E1G6032E.sys
14:14:47.0029 5936        E1G60 - ok
14:14:47.0052 5936        Ecache          (5f94962be5a62db6e447ff6470c4f48a) C:\Windows\system32\drivers\ecache.sys
14:14:47.0076 5936        Ecache - ok
14:14:47.0118 5936        elxstor        (3d6298aff3fe06c0616ce5d090a3eeaa) C:\Windows\system32\drivers\elxstor.sys
14:14:47.0155 5936        elxstor - ok
14:14:47.0203 5936        ewusbnet        (0b8880f8d9a781670557307e2bca6bd6) C:\Windows\system32\DRIVERS\ewusbnet.sys
14:14:47.0236 5936        ewusbnet - ok
14:14:47.0273 5936        ew_hwusbdev    (86f7951bbcee4a86e79a97306bd14318) C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
14:14:47.0299 5936        ew_hwusbdev - ok
14:14:47.0346 5936        exfat          (486844f47b6636044a42454614ed4523) C:\Windows\system32\drivers\exfat.sys
14:14:47.0388 5936        exfat - ok
14:14:47.0420 5936        fastfat        (1a4bee34277784619ddaf0422c0c6e23) C:\Windows\system32\drivers\fastfat.sys
14:14:47.0457 5936        fastfat - ok
14:14:47.0483 5936        fdc            (81b79b6df71fa1d2c6d688d830616e39) C:\Windows\system32\DRIVERS\fdc.sys
14:14:47.0521 5936        fdc - ok
14:14:47.0555 5936        FileInfo        (457b7d1d533e4bd62a99aed9c7bb4c59) C:\Windows\system32\drivers\fileinfo.sys
14:14:47.0575 5936        FileInfo - ok
14:14:47.0603 5936        Filetrace      (d421327fd6efccaf884a54c58e1b0d7f) C:\Windows\system32\drivers\filetrace.sys
14:14:47.0641 5936        Filetrace - ok
14:14:47.0693 5936        flpydisk        (230923ea2b80f79b0f88d90f87b87ebd) C:\Windows\system32\DRIVERS\flpydisk.sys
14:14:47.0729 5936        flpydisk - ok
14:14:47.0760 5936        FltMgr          (e3041bc26d6930d61f42aedb79c91720) C:\Windows\system32\drivers\fltmgr.sys
14:14:47.0789 5936        FltMgr - ok
14:14:47.0841 5936        Fs_Rec          (29d99e860a1ca0a03c6a733fdd0da703) C:\Windows\system32\drivers\Fs_Rec.sys
14:14:47.0870 5936        Fs_Rec - ok
14:14:47.0906 5936        FTDIBUS        (0f210048c6bfbfbc0f50816bce40b575) C:\Windows\system32\drivers\ftdibus.sys
14:14:47.0923 5936        FTDIBUS - ok
14:14:47.0946 5936        FTSER2K        (814f098b02095814a8bebbf86d13fc90) C:\Windows\system32\drivers\ftser2k.sys
14:14:47.0961 5936        FTSER2K - ok
14:14:47.0992 5936        fvevol          (849e38db7d829962d0233a0a252b60c3) C:\Windows\system32\DRIVERS\fvevol.sys
14:14:48.0015 5936        fvevol - ok
14:14:48.0043 5936        gagp30kx        (b54520cc7b4b55134d7527b1cd3fc1f2) C:\Windows\system32\drivers\gagp30kx.sys
14:14:48.0061 5936        gagp30kx - ok
14:14:48.0100 5936        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:14:48.0118 5936        GEARAspiWDM - ok
14:14:48.0204 5936        HdAudAddService (68e732382b32417ff61fd663259b4b09) C:\Windows\system32\drivers\HdAudio.sys
14:14:48.0241 5936        HdAudAddService - ok
14:14:48.0292 5936        HDAudBus        (f942c5820205f2fb453243edfec82a3d) C:\Windows\system32\DRIVERS\HDAudBus.sys
14:14:48.0371 5936        HDAudBus - ok
14:14:48.0390 5936        HidBth          (b4881c84a180e75b8c25dc1d726c375f) C:\Windows\system32\drivers\hidbth.sys
14:14:48.0447 5936        HidBth - ok
14:14:48.0464 5936        HidIr          (4e77a77e2c986e8f88f996bb3e1ad829) C:\Windows\system32\drivers\hidir.sys
14:14:48.0530 5936        HidIr - ok
14:14:48.0573 5936        HidUsb          (443bdd2d30bb4f00795c797e2cf99edf) C:\Windows\system32\DRIVERS\hidusb.sys
14:14:48.0606 5936        HidUsb - ok
14:14:48.0631 5936        HpCISSs        (8edc820115df1e04763b2923676ea5b2) C:\Windows\system32\drivers\hpcisss.sys
14:14:48.0661 5936        HpCISSs - ok
14:14:48.0699 5936        HTCAND64        (894a75a3d6bfd97d73bf60d3022b567a) C:\Windows\system32\Drivers\ANDROIDUSB.sys
14:14:48.0726 5936        HTCAND64 - ok
14:14:48.0761 5936        htcnprot        (4f6c3122817049997cd696d4a38bfacb) C:\Windows\system32\DRIVERS\htcnprot.sys
14:14:48.0778 5936        htcnprot - ok
14:14:48.0819 5936        HTTP            (098f1e4e5c9cb5b0063a959063631610) C:\Windows\system32\drivers\HTTP.sys
14:14:48.0874 5936        HTTP - ok
14:14:48.0905 5936        huawei_enumerator (2342e7fecca0d4e31bea5ff6a4e20885) C:\Windows\system32\DRIVERS\ew_jubusenum.sys
14:14:48.0943 5936        huawei_enumerator - ok
14:14:48.0974 5936        hwdatacard      (f47f112dc883f7a9e4618a006cc6de1b) C:\Windows\system32\DRIVERS\ewusbmdm.sys
14:14:49.0013 5936        hwdatacard - ok
14:14:49.0039 5936        hwusbfake      (b45b3647ba32749b94fa689175ec8c26) C:\Windows\system32\DRIVERS\ewusbfake.sys
14:14:49.0071 5936        hwusbfake - ok
14:14:49.0093 5936        i2omp          (f2901763845570ecac48e6a50ec50812) C:\Windows\system32\drivers\i2omp.sys
14:14:49.0110 5936        i2omp - ok
14:14:49.0143 5936        i8042prt        (cbb597659a2713ce0c9cc20c88c7591f) C:\Windows\system32\DRIVERS\i8042prt.sys
14:14:49.0176 5936        i8042prt - ok
14:14:49.0200 5936        iaStorV        (72c3ee7ea3cd75a772e62ae0e5df8b8c) C:\Windows\system32\drivers\iastorv.sys
14:14:49.0228 5936        iaStorV - ok
14:14:49.0256 5936        iirsp          (8c3951ad2fe886ef76c7b5027c3125d3) C:\Windows\system32\drivers\iirsp.sys
14:14:49.0274 5936        iirsp - ok
14:14:49.0301 5936        intelide        (36a266c673812878996f72b200203fbb) C:\Windows\system32\drivers\intelide.sys
14:14:49.0318 5936        intelide - ok
14:14:49.0348 5936        intelppm        (bfd84af32fa1bad6231c4585cb469630) C:\Windows\system32\DRIVERS\intelppm.sys
14:14:49.0387 5936        intelppm - ok
14:14:49.0428 5936        IpFilterDriver  (d8aabc341311e4780d6fce8c73c0ad81) C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:49.0462 5936        IpFilterDriver - ok
14:14:49.0478 5936        IpInIp - ok
14:14:49.0500 5936        IPMIDRV        (eacdbbe429c6d170bdeee0effcbc317b) C:\Windows\system32\drivers\ipmidrv.sys
14:14:49.0560 5936        IPMIDRV - ok
14:14:49.0591 5936        IPNAT          (b7e6212f581ea5f6ab0c3a6ceeeb89be) C:\Windows\system32\DRIVERS\ipnat.sys
14:14:49.0639 5936        IPNAT - ok
14:14:49.0681 5936        iPodDrv        (02def37ab75e0032c50724646f708de8) C:\Windows\system32\drivers\iPodDrv.sys
14:14:49.0709 5936        iPodDrv - ok
14:14:49.0731 5936        IRENUM          (8c42ca155343a2f11d29feca67faa88d) C:\Windows\system32\drivers\irenum.sys
14:14:49.0771 5936        IRENUM - ok
14:14:49.0787 5936        isapnp          (d3bb520b31f28c1a065cd058e762ee73) C:\Windows\system32\drivers\isapnp.sys
14:14:49.0804 5936        isapnp - ok
14:14:49.0834 5936        iScsiPrt        (e4fdf99599f27ec25d2cf6d754243520) C:\Windows\system32\DRIVERS\msiscsi.sys
14:14:49.0860 5936        iScsiPrt - ok
14:14:49.0882 5936        iteatapi        (63c766cdc609ff8206cb447a65abba4a) C:\Windows\system32\drivers\iteatapi.sys
14:14:49.0899 5936        iteatapi - ok
14:14:49.0916 5936        iteraid        (1281fe73b17664631d12f643cbea3f59) C:\Windows\system32\drivers\iteraid.sys
14:14:49.0933 5936        iteraid - ok
14:14:49.0953 5936        kbdclass        (423696f3ba6472dd17699209b933bc26) C:\Windows\system32\DRIVERS\kbdclass.sys
14:14:49.0971 5936        kbdclass - ok
14:14:49.0996 5936        kbdhid          (dbdf75d51464fbc47d0104ec3d572c05) C:\Windows\system32\DRIVERS\kbdhid.sys
14:14:50.0027 5936        kbdhid - ok
14:14:50.0081 5936        KSecDD          (2758d174604f597bbc8a217ff667913d) C:\Windows\system32\Drivers\ksecdd.sys
14:14:50.0129 5936        KSecDD - ok
14:14:50.0169 5936        ksthunk        (1d419cf43db29396ecd7113d129d94eb) C:\Windows\system32\drivers\ksthunk.sys
14:14:50.0209 5936        ksthunk - ok
14:14:50.0266 5936        LGBusEnum      (fa529fb35694c24bf98a9ef67c1cd9d0) C:\Windows\system32\drivers\LGBusEnum.sys
14:14:50.0284 5936        LGBusEnum - ok
14:14:50.0328 5936        lgmcbus        (13424eaf5c4cb5bab7a2d283cb4904fd) C:\Windows\system32\DRIVERS\lgmcbus.sys
14:14:50.0350 5936        lgmcbus - ok
14:14:50.0394 5936        lgmcmdfl        (d4bba6bd8d44baffe8b6ee4036e79248) C:\Windows\system32\DRIVERS\lgmcmdfl.sys
14:14:50.0419 5936        lgmcmdfl - ok
14:14:50.0444 5936        lgmcmdm        (2241984e3c04fd7c43d57d89d379a6d8) C:\Windows\system32\DRIVERS\lgmcmdm.sys
14:14:50.0465 5936        lgmcmdm - ok
14:14:50.0492 5936        lgmcmgmt        (44b32ad57019853a86faaf310b58c818) C:\Windows\system32\DRIVERS\lgmcmgmt.sys
14:14:50.0512 5936        lgmcmgmt - ok
14:14:50.0544 5936        lgmcnd5        (a6c32671fe8d2a34c9cb136765a57d51) C:\Windows\system32\DRIVERS\lgmcnd5.sys
14:14:50.0559 5936        lgmcnd5 - ok
14:14:50.0585 5936        lgmcobex        (a12586fad733a117faeee17081d267bb) C:\Windows\system32\DRIVERS\lgmcobex.sys
14:14:50.0604 5936        lgmcobex - ok
14:14:50.0634 5936        lgmcunic        (0adf858b34be72daf81d9a2cc46f7fdb) C:\Windows\system32\DRIVERS\lgmcunic.sys
14:14:50.0653 5936        lgmcunic - ok
14:14:50.0677 5936        LGVirHid        (94b29ce153765e768f004fb3440be2b0) C:\Windows\system32\drivers\LGVirHid.sys
14:14:50.0692 5936        LGVirHid - ok
14:14:50.0728 5936        LHidFilt        (b6552d382ff070b4ed34cbd6737277c0) C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:14:50.0744 5936        LHidFilt - ok
14:14:50.0771 5936        lltdio          (96ece2659b6654c10a0c310ae3a6d02c) C:\Windows\system32\DRIVERS\lltdio.sys
14:14:50.0810 5936        lltdio - ok
14:14:50.0831 5936        LMouFilt        (73c1f563ab73d459dffe682d66476558) C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:14:50.0849 5936        LMouFilt - ok
14:14:50.0879 5936        LSI_FC          (1572f8d999c0ab4376afdce058a78df9) C:\Windows\system32\drivers\lsi_fc.sys
14:14:50.0896 5936        LSI_FC - ok
14:14:50.0932 5936        LSI_SAS        (64470979c3e3c9ff60edfb5230c56e0e) C:\Windows\system32\drivers\lsi_sas.sys
14:14:50.0949 5936        LSI_SAS - ok
14:14:50.0965 5936        LSI_SCSI        (4ced7d3b54bfc5bbae75c4a73c7f7428) C:\Windows\system32\drivers\lsi_scsi.sys
14:14:50.0983 5936        LSI_SCSI - ok
14:14:51.0015 5936        luafv          (52f87b9cc8932c2a7375c3b2a9be5e3e) C:\Windows\system32\drivers\luafv.sys
14:14:51.0059 5936        luafv - ok
14:14:51.0091 5936        megasas        (2f631c2939d5f2e8958935ee701d70d7) C:\Windows\system32\drivers\megasas.sys
14:14:51.0107 5936        megasas - ok
14:14:51.0134 5936        Modem          (59848d5cc74606f0ee7557983bb73c2e) C:\Windows\system32\drivers\modem.sys
14:14:51.0172 5936        Modem - ok
14:14:51.0202 5936        monitor        (c247cc2a57e0a0c8c6dccf7807b3e9e5) C:\Windows\system32\DRIVERS\monitor.sys
14:14:51.0238 5936        monitor - ok
14:14:51.0269 5936        motccgp        (338ba6b7170111edc2e43b5b4eaf17df) C:\Windows\system32\DRIVERS\motccgp.sys
14:14:51.0302 5936        motccgp - ok
14:14:51.0330 5936        motccgpfl      (d51e009baeda07ebc107d49d224c2414) C:\Windows\system32\DRIVERS\motccgpfl.sys
14:14:51.0358 5936        motccgpfl - ok
14:14:51.0395 5936        MotDev          (3cc500c9b0e4d476802d277353cb2c89) C:\Windows\system32\DRIVERS\motodrv.sys
14:14:51.0432 5936        MotDev - ok
14:14:51.0457 5936        motmodem        (e90aba3c6f01be2c456c4aa857b28646) C:\Windows\system32\DRIVERS\motmodem.sys
14:14:51.0490 5936        motmodem - ok
14:14:51.0522 5936        MotoSwitchService (ebd05f60cafc5bba2602b8d7101082d3) C:\Windows\system32\DRIVERS\motswch.sys
14:14:51.0545 5936        MotoSwitchService - ok
14:14:51.0568 5936        Motousbnet      (87701078c3f720ac7a028e937994cc49) C:\Windows\system32\DRIVERS\Motousbnet.sys
14:14:51.0591 5936        Motousbnet - ok
14:14:51.0615 5936        motusbdevice    (307727f9829fb46ff4be0e4d1dac5002) C:\Windows\system32\DRIVERS\motusbdevice.sys
14:14:51.0650 5936        motusbdevice - ok
14:14:51.0669 5936        mouclass        (9367304e5e412b120cf5f4ea14e4e4f1) C:\Windows\system32\DRIVERS\mouclass.sys
14:14:51.0688 5936        mouclass - ok
14:14:51.0703 5936        mouhid          (c2c2bd5c5ce5aaf786ddd74b75d2ac69) C:\Windows\system32\DRIVERS\mouhid.sys
14:14:51.0743 5936        mouhid - ok
14:14:51.0773 5936        MountMgr        (11bc9b1e8801b01f7f6adb9ead30019b) C:\Windows\system32\drivers\mountmgr.sys
14:14:51.0793 5936        MountMgr - ok
14:14:51.0835 5936        MpFilter        (c177a7ebf5e8a0b596f618870516cab8) C:\Windows\system32\DRIVERS\MpFilter.sys
14:14:51.0861 5936        MpFilter - ok
14:14:51.0878 5936        mpio            (ed48eac719ee28db773359eb1b06e2b5) C:\Windows\system32\drivers\mpio.sys
14:14:51.0895 5936        mpio - ok
14:14:51.0931 5936        MpNWMon        (8fbf6b31fe8af1833d93c5913d5b4d55) C:\Windows\system32\DRIVERS\MpNWMon.sys
14:14:51.0951 5936        MpNWMon - ok
14:14:51.0980 5936        mpsdrv          (c92b9abdb65a5991e00c28f13491dba2) C:\Windows\system32\drivers\mpsdrv.sys
14:14:52.0013 5936        mpsdrv - ok
14:14:52.0037 5936        Mraid35x        (3c200630a89ef2c0864d515b7a75802e) C:\Windows\system32\drivers\mraid35x.sys
14:14:52.0053 5936        Mraid35x - ok
14:14:52.0070 5936        MRxDAV          (7c1de4aa96dc0c071611f9e7de02a68d) C:\Windows\system32\drivers\mrxdav.sys
14:14:52.0106 5936        MRxDAV - ok
14:14:52.0136 5936        mrxsmb          (1485811b320ff8c7edad1caebb1c6c2b) C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:52.0164 5936        mrxsmb - ok
14:14:52.0193 5936        mrxsmb10        (3b929a60c833fc615fd97fba82bc7632) C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:52.0219 5936        mrxsmb10 - ok
14:14:52.0240 5936        mrxsmb20        (c64ab3e1f53b4f5b5bb6d796b2d7bec3) C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:52.0272 5936        mrxsmb20 - ok
14:14:52.0291 5936        msahci          (eeadf970795148bfbb1db3abcc89c16b) C:\Windows\system32\drivers\msahci.sys
14:14:52.0307 5936        msahci - ok
14:14:52.0345 5936        msdsm          (96d7c0a1b98434c6e4ff0c2e26a0e20a) C:\Windows\system32\drivers\msdsm.sys
14:14:52.0363 5936        msdsm - ok
14:14:52.0396 5936        Msfs            (704f59bfc4512d2bb0146aec31b10a7c) C:\Windows\system32\drivers\Msfs.sys
14:14:52.0432 5936        Msfs - ok
14:14:52.0462 5936        msisadrv        (00ebc952961664780d43dca157e79b27) C:\Windows\system32\drivers\msisadrv.sys
14:14:52.0479 5936        msisadrv - ok
14:14:52.0509 5936        MSKSSRV        (0ea73e498f53b96d83dbfca074ad4cf8) C:\Windows\system32\drivers\MSKSSRV.sys
14:14:52.0559 5936        MSKSSRV - ok
14:14:52.0582 5936        MSPCLOCK        (52e59b7e992a58e740aa63f57edbae8b) C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:52.0621 5936        MSPCLOCK - ok
14:14:52.0638 5936        MSPQM          (49084a75bae043ae02d5b44d02991bb2) C:\Windows\system32\drivers\MSPQM.sys
14:14:52.0677 5936        MSPQM - ok
14:14:52.0705 5936        MsRPC          (dc6ccf440cdede4293db41c37a5060a5) C:\Windows\system32\drivers\MsRPC.sys
14:14:52.0736 5936        MsRPC - ok
14:14:52.0757 5936        mssmbios        (855796e59df77ea93af46f20155bf55b) C:\Windows\system32\DRIVERS\mssmbios.sys
14:14:52.0776 5936        mssmbios - ok
14:14:52.0801 5936        MSTEE          (86d632d75d05d5b7c7c043fa3564ae86) C:\Windows\system32\drivers\MSTEE.sys
14:14:52.0839 5936        MSTEE - ok
14:14:52.0861 5936        MTsensor        (6936198f2cc25b39cf5262436c80df46) C:\Windows\system32\DRIVERS\ASACPI.sys
14:14:52.0877 5936        MTsensor - ok
14:14:52.0899 5936        Mup            (0cc49f78d8aca0877d885f149084e543) C:\Windows\system32\Drivers\mup.sys
14:14:52.0920 5936        Mup - ok
14:14:52.0955 5936        NativeWifiP    (2007b826c4acd94ae32232b41f0842b9) C:\Windows\system32\DRIVERS\nwifi.sys
14:14:52.0981 5936        NativeWifiP - ok
14:14:53.0027 5936        NDIS            (65950e07329fcee8e6516b17c8d0abb6) C:\Windows\system32\drivers\ndis.sys
14:14:53.0071 5936        NDIS - ok
14:14:53.0096 5936        NdisTapi        (64df698a425478e321981431ac171334) C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:53.0128 5936        NdisTapi - ok
14:14:53.0156 5936        Ndisuio        (8baa43196d7b5bb972c9a6b2bbf61a19) C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:53.0199 5936        Ndisuio - ok
14:14:53.0226 5936        NdisWan        (f8158771905260982ce724076419ef19) C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:53.0260 5936        NdisWan - ok
14:14:53.0286 5936        NDProxy        (9cb77ed7cb72850253e973a2d6afdf49) C:\Windows\system32\drivers\NDProxy.sys
14:14:53.0316 5936        NDProxy - ok
14:14:53.0348 5936        Nearagonser - ok
14:14:53.0364 5936        NetBIOS        (a499294f5029a7862adc115bda7371ce) C:\Windows\system32\DRIVERS\netbios.sys
14:14:53.0401 5936        NetBIOS - ok
14:14:53.0429 5936        netbt          (fc2c792ebddc8e28df939d6a92c83d61) C:\Windows\system32\DRIVERS\netbt.sys
14:14:53.0474 5936        netbt - ok
14:14:53.0507 5936        nfrd960        (4ac08bd6af2df42e0c3196d826c8aea7) C:\Windows\system32\drivers\nfrd960.sys
14:14:53.0525 5936        nfrd960 - ok
14:14:53.0563 5936        NisDrv          (5f7d72cbcdd025af1f38fdeee5646968) C:\Windows\system32\DRIVERS\NisDrvWFP.sys
14:14:53.0583 5936        NisDrv - ok
14:14:53.0628 5936        nmwcdcx64      (02c1198276c0d4f39e54eb5148af1e2a) C:\Windows\system32\drivers\ccdcmbox64.sys
14:14:53.0667 5936        nmwcdcx64 - ok
14:14:53.0697 5936        nmwcdx64        (d8f00fcc82451bdaa3db93bb62ae6ac3) C:\Windows\system32\drivers\ccdcmbx64.sys
14:14:53.0727 5936        nmwcdx64 - ok
14:14:53.0750 5936        Npfs            (b298874f8e0ea93f06ec40aa8d146478) C:\Windows\system32\drivers\Npfs.sys
14:14:53.0783 5936        Npfs - ok
14:14:53.0823 5936        NPPTNT2 - ok
14:14:53.0856 5936        nsiproxy        (1523af19ee8b030ba682f7a53537eaeb) C:\Windows\system32\drivers\nsiproxy.sys
14:14:53.0902 5936        nsiproxy - ok
14:14:53.0972 5936        Ntfs            (bac869dfb98e499ba4d9bb1fb43270e1) C:\Windows\system32\drivers\Ntfs.sys
14:14:54.0047 5936        Ntfs - ok
14:14:54.0067 5936        Null            (dd5d684975352b85b52e3fd5347c20cb) C:\Windows\system32\drivers\Null.sys
14:14:54.0107 5936        Null - ok
14:14:54.0182 5936        NVENETFD        (99ed33f7fe39026a477893d92aea5ef0) C:\Windows\system32\DRIVERS\nvmfdx64.sys
14:14:54.0278 5936        NVENETFD - ok
14:14:54.0561 5936        nvlddmkm        (cc1efea1f0ab17e59bd4b5baff3e5cb0) C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:14:55.0734 5936        nvlddmkm - ok
14:14:55.0756 5936        nvraid          (840eeb44dc49317a6161961f7682cd99) C:\Windows\system32\drivers\nvraid.sys
14:14:55.0777 5936        nvraid - ok
14:14:55.0795 5936        nvstor          (94c5334040a5d500897f4c5fd12aeede) C:\Windows\system32\drivers\nvstor.sys
14:14:55.0812 5936        nvstor - ok
14:14:55.0836 5936        nvstor64        (e87e17e9fd94ee9f0dbde4b6ad882f26) C:\Windows\system32\DRIVERS\nvstor64.sys
14:14:55.0853 5936        nvstor64 - ok
14:14:55.0893 5936        NwlnkFlt - ok
14:14:55.0909 5936        NwlnkFwd - ok
14:14:55.0939 5936        ohci1394        (b5b1ce65ac15bbd11c0619e3ef7cfc28) C:\Windows\system32\DRIVERS\ohci1394.sys
14:14:55.0979 5936        ohci1394 - ok
14:14:56.0014 5936        Parport        (aecd57f94c887f58919f307c35498ea0) C:\Windows\system32\drivers\parport.sys
14:14:56.0068 5936        Parport - ok
14:14:56.0095 5936        partmgr        (f9b5eda4c17a2be7663f064dbf0fe254) C:\Windows\system32\drivers\partmgr.sys
14:14:56.0116 5936        partmgr - ok
14:14:56.0140 5936        PCASp50a64 - ok
14:14:56.0175 5936        pccsmcfd        (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
14:14:56.0201 5936        pccsmcfd - ok
14:14:56.0221 5936        pci            (47ab1e0fc9d0e12bb53ba246e3a0906d) C:\Windows\system32\drivers\pci.sys
14:14:56.0246 5936        pci - ok
14:14:56.0263 5936        pciide          (2657f6c0b78c36d95034be109336e382) C:\Windows\system32\drivers\pciide.sys
14:14:56.0281 5936        pciide - ok
14:14:56.0301 5936        pcmcia          (037661f3d7c507c9993b7010ceee6288) C:\Windows\system32\drivers\pcmcia.sys
14:14:56.0332 5936        pcmcia - ok
14:14:56.0365 5936        PEAUTH          (58865916f53592a61549b04941bfd80d) C:\Windows\system32\drivers\peauth.sys
14:14:56.0442 5936        PEAUTH - ok
14:14:56.0503 5936        PptpMiniport    (23386e9952025f5f21c368971e2e7301) C:\Windows\system32\DRIVERS\raspptp.sys
14:14:56.0535 5936        PptpMiniport - ok
14:14:56.0555 5936        Processor      (6bc78e5f12cbb74e7930aaaa4a0db387) C:\Windows\system32\drivers\processr.sys
14:14:56.0606 5936        Processor - ok
14:14:56.0639 5936        PSched          (c5ab7f0809392d0da027f4a2a81bfa31) C:\Windows\system32\DRIVERS\pacer.sys
14:14:56.0671 5936        PSched - ok
14:14:56.0698 5936        PSSDK42        (cd33cb6fecf65520466f95ab89cc4af5) C:\Windows\system32\Drivers\pssdk42.sys
14:14:56.0723 5936        PSSDK42 - ok
14:14:56.0765 5936        ql2300          (4a29d25704917161bad9b4659a248dfd) C:\Windows\system32\drivers\ql2300.sys
14:14:56.0823 5936        ql2300 - ok
14:14:56.0843 5936        ql40xx          (e1c80f8d4d1e39ef9595809c1369bf2a) C:\Windows\system32\drivers\ql40xx.sys
14:14:56.0861 5936        ql40xx - ok
14:14:56.0889 5936        QWAVEdrv        (e8d76edab77ec9c634c27b8eac33adc5) C:\Windows\system32\drivers\qwavedrv.sys
14:14:56.0928 5936        QWAVEdrv - ok
14:14:56.0971 5936        RasAcd          (1013b3b663a56d3ddd784f581c1bd005) C:\Windows\system32\DRIVERS\rasacd.sys
14:14:57.0007 5936        RasAcd - ok
14:14:57.0031 5936        Rasl2tp        (ac7bc4d42a7e558718dfdec599bbfc2c) C:\Windows\system32\DRIVERS\rasl2tp.sys
14:14:57.0063 5936        Rasl2tp - ok
14:14:57.0087 5936        RasPppoe        (4517fbf8b42524afe4ede1de102aae3e) C:\Windows\system32\DRIVERS\raspppoe.sys
14:14:57.0116 5936        RasPppoe - ok
14:14:57.0146 5936        RasSstp        (c6a593b51f34c33e5474539544072527) C:\Windows\system32\DRIVERS\rassstp.sys
14:14:57.0177 5936        RasSstp - ok
14:14:57.0211 5936        rdbss          (322db5c6b55e8d8ee8d6f358b2aaabb1) C:\Windows\system32\DRIVERS\rdbss.sys
14:14:57.0248 5936        rdbss - ok
14:14:57.0276 5936        RDPCDD          (603900cc05f6be65ccbf373800af3716) C:\Windows\system32\DRIVERS\RDPCDD.sys
14:14:57.0312 5936        RDPCDD - ok
14:14:57.0341 5936        rdpdr          (ae23e79b13feb62939e2ca1189e71735) C:\Windows\system32\DRIVERS\rdpdr.sys
14:14:57.0382 5936        rdpdr - ok
14:14:57.0393 5936        RDPENCDD        (cab9421daf3d97b33d0d055858e2c3ab) C:\Windows\system32\drivers\rdpencdd.sys
14:14:57.0430 5936        RDPENCDD - ok
14:14:57.0456 5936        RDPWD          (b1d741c87cea8d7282146366cc9c3f81) C:\Windows\system32\drivers\RDPWD.sys
14:14:57.0491 5936        RDPWD - ok
14:14:57.0528 5936        RFCOMM          (cd71e053d7260e4102d99a28f9196070) C:\Windows\system32\DRIVERS\rfcomm.sys
14:14:57.0562 5936        RFCOMM - ok
14:14:57.0592 5936        rspndr          (22a9cb08b1a6707c1550c6bf099aae73) C:\Windows\system32\DRIVERS\rspndr.sys
14:14:57.0631 5936        rspndr - ok
14:14:57.0654 5936        sbp2port        (cd9c693589c60ad59bbbcfb0e524e01b) C:\Windows\system32\drivers\sbp2port.sys
14:14:57.0672 5936        sbp2port - ok
14:14:57.0698 5936        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
14:14:57.0749 5936        secdrv - ok
14:14:57.0778 5936        Serenum        (f71bfe7ac6c52273b7c82cbf1bb2a222) C:\Windows\system32\DRIVERS\serenum.sys
14:14:57.0828 5936        Serenum - ok
14:14:57.0852 5936        Serial          (e62fac91ee288db29a9696a9d279929c) C:\Windows\system32\drivers\serial.sys
14:14:57.0904 5936        Serial - ok
14:14:57.0929 5936        sermouse        (a842f04833684bceea7336211be478df) C:\Windows\system32\drivers\sermouse.sys
14:14:57.0965 5936        sermouse - ok
14:14:57.0994 5936        sffdisk        (541b32f8d6b2dcb92ec43bab267e79ea) C:\Windows\system32\drivers\sffdisk.sys
14:14:58.0044 5936        sffdisk - ok
14:14:58.0064 5936        sffp_mmc        (446e7cca3325c7e0ae0fde7f73cdd9c2) C:\Windows\system32\drivers\sffp_mmc.sys
14:14:58.0114 5936        sffp_mmc - ok
14:14:58.0135 5936        sffp_sd        (67edc221348911e895af51c57d9a3725) C:\Windows\system32\drivers\sffp_sd.sys
14:14:58.0189 5936        sffp_sd - ok
14:14:58.0206 5936        sfloppy        (6b7838c94135768bd455cbdc23e39e5f) C:\Windows\system32\drivers\sfloppy.sys
14:14:58.0257 5936        sfloppy - ok
14:14:58.0297 5936        SI3132          (0f498dee92fd73dd999bae4d506367f5) C:\Windows\system32\DRIVERS\SI3132.sys
14:14:58.0321 5936        SI3132 - ok
14:14:58.0349 5936        SiFilter        (127ce10e01f53f2edaca7fe42e5631ea) C:\Windows\system32\DRIVERS\SiWinAcc.sys
14:14:58.0363 5936        SiFilter - ok
14:14:58.0389 5936        SiRemFil        (b742c37002b8ebef6e230df9b4b28546) C:\Windows\system32\DRIVERS\SiRemFil.sys
14:14:58.0404 5936        SiRemFil - ok
14:14:58.0424 5936        SiSRaid2        (08dda16573fa44f8b13afe74597ad2e5) C:\Windows\system32\drivers\sisraid2.sys
14:14:58.0440 5936        SiSRaid2 - ok
14:14:58.0459 5936        SiSRaid4        (c52259e9daaf3890d572d87ffee0979e) C:\Windows\system32\drivers\sisraid4.sys
14:14:58.0476 5936        SiSRaid4 - ok
14:14:58.0513 5936        Smb            (290b6f6a0ec4fcdfc90f5cb6d7020473) C:\Windows\system32\DRIVERS\smb.sys
14:14:58.0549 5936        Smb - ok
14:14:58.0595 5936        snapman        (b84440e7554fc85e900eef0a7aaba228) C:\Windows\system32\DRIVERS\snapman.sys
14:14:58.0618 5936        snapman - ok
14:14:58.0642 5936        spldr          (386c3c63f00a7040c7ec5e384217e89d) C:\Windows\system32\drivers\spldr.sys
14:14:58.0662 5936        spldr - ok
14:14:58.0711 5936        sptd            (88e5162e58c8919cc873f5d8946197cf) C:\Windows\system32\Drivers\sptd.sys
14:14:58.0711 5936        Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 88e5162e58c8919cc873f5d8946197cf
14:14:58.0712 5936        sptd ( LockedFile.Multi.Generic ) - warning
14:14:58.0713 5936        sptd - detected LockedFile.Multi.Generic (1)
14:14:58.0759 5936        srv            (880a57fccb571ebd063d4dd50e93e46d) C:\Windows\system32\DRIVERS\srv.sys
14:14:58.0837 5936        srv - ok
14:14:58.0878 5936        srv2            (a1ad14a6d7a37891fffeca35ebbb0730) C:\Windows\system32\DRIVERS\srv2.sys
14:14:58.0929 5936        srv2 - ok
14:14:58.0949 5936        srvnet          (4bed62f4fa4d8300973f1151f4c4d8a7) C:\Windows\system32\DRIVERS\srvnet.sys
14:14:58.0978 5936        srvnet - ok
14:14:59.0018 5936        swenum          (8a851ca908b8b974f89c50d2e18d4f0c) C:\Windows\system32\DRIVERS\swenum.sys
14:14:59.0033 5936        swenum - ok
14:14:59.0054 5936        Symc8xx        (2f26a2c6fc96b29beff5d8ed74e6625b) C:\Windows\system32\drivers\symc8xx.sys
14:14:59.0070 5936        Symc8xx - ok
14:14:59.0088 5936        Sym_hi          (a909667976d3bccd1df813fed517d837) C:\Windows\system32\drivers\sym_hi.sys
14:14:59.0104 5936        Sym_hi - ok
14:14:59.0120 5936        Sym_u3          (36887b56ec2d98b9c362f6ae4de5b7b0) C:\Windows\system32\drivers\sym_u3.sys
14:14:59.0137 5936        Sym_u3 - ok
14:14:59.0172 5936        taphss          (f33fdc72298df4bf9813a55d21f4eb31) C:\Windows\system32\DRIVERS\taphss.sys
14:14:59.0188 5936        taphss - ok
14:14:59.0244 5936        tbhsd          (93f0f5ef8a4ca261372df98b31b2bd05) C:\Windows\system32\drivers\tbhsd.sys
14:14:59.0262 5936        tbhsd - ok
14:14:59.0337 5936        Tcpip          (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\drivers\tcpip.sys
14:14:59.0411 5936        Tcpip - ok
14:14:59.0457 5936        Tcpip6          (73bed5067ed53a9df05fa8eab42578d0) C:\Windows\system32\DRIVERS\tcpip.sys
14:14:59.0527 5936        Tcpip6 - ok
14:14:59.0547 5936        tcpipreg        (848f87c604b5e674602498cb51067db6) C:\Windows\system32\drivers\tcpipreg.sys
14:14:59.0577 5936        tcpipreg - ok
14:14:59.0601 5936        TDPIPE          (1d8bf4aaa5fb7a2761475781dc1195bc) C:\Windows\system32\drivers\tdpipe.sys
14:14:59.0637 5936        TDPIPE - ok
14:14:59.0652 5936        TDTCP          (7f7e00cdf609df657f4cda02dd1c9bb1) C:\Windows\system32\drivers\tdtcp.sys
14:14:59.0700 5936        TDTCP - ok
14:14:59.0725 5936        tdx            (458919c8c42e398dc4802178d5ffee27) C:\Windows\system32\DRIVERS\tdx.sys
14:14:59.0756 5936        tdx - ok
14:14:59.0776 5936        TermDD          (8c19678d22649ec002ef2282eae92f98) C:\Windows\system32\DRIVERS\termdd.sys
14:14:59.0797 5936        TermDD - ok
14:14:59.0833 5936        tifsfilter      (fe95379561b6554611f47e29f48ee931) C:\Windows\system32\DRIVERS\tifsfilt.sys
14:14:59.0851 5936        tifsfilter - ok
14:14:59.0884 5936        timounter      (2d0dc8f1578cf9c1434fd41de46fa00a) C:\Windows\system32\DRIVERS\timntr.sys
14:14:59.0930 5936        timounter - ok
14:14:59.0949 5936        truecrypt - ok
14:14:59.0984 5936        tssecsrv        (9e5409cd17c8bef193aad498f3bc2cb8) C:\Windows\system32\DRIVERS\tssecsrv.sys
14:15:00.0020 5936        tssecsrv - ok
14:15:00.0036 5936        tunmp          (89ec74a9e602d16a75a4170511029b3c) C:\Windows\system32\DRIVERS\tunmp.sys
14:15:00.0066 5936        tunmp - ok
14:15:00.0089 5936        tunnel          (30a9b3f45ad081bffc3bcaa9c812b609) C:\Windows\system32\DRIVERS\tunnel.sys
14:15:00.0119 5936        tunnel - ok
14:15:00.0143 5936        uagp35          (e4722dfbd6232acf17543ef2c2dce8d2) C:\Windows\system32\drivers\uagp35.sys
14:15:00.0161 5936        uagp35 - ok
14:15:00.0192 5936        udfs            (faf2640a2a76ed03d449e443194c4c34) C:\Windows\system32\DRIVERS\udfs.sys
14:15:00.0229 5936        udfs - ok
14:15:00.0254 5936        uliagpkx        (5663d7696abbe71f8c9d915c5374118a) C:\Windows\system32\drivers\uliagpkx.sys
14:15:00.0272 5936        uliagpkx - ok
14:15:00.0295 5936        uliahci        (6030b68e86a30d1b315b51c4d7778b16) C:\Windows\system32\drivers\uliahci.sys
14:15:00.0317 5936        uliahci - ok
14:15:00.0338 5936        UlSata          (31707f09846056651ea2c37858f5ddb0) C:\Windows\system32\drivers\ulsata.sys
14:15:00.0357 5936        UlSata - ok
14:15:00.0384 5936        ulsata2        (85e5e43ed5b48c8376281bab519271b7) C:\Windows\system32\drivers\ulsata2.sys
14:15:00.0404 5936        ulsata2 - ok
14:15:00.0435 5936        umbus          (46e9a994c4fed537dd951f60b86ad3f4) C:\Windows\system32\DRIVERS\umbus.sys
14:15:00.0471 5936        umbus - ok
14:15:00.0522 5936        upperdev        (9856c38ab8faacca4dd99dac7b42f838) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:15:00.0549 5936        upperdev - ok
14:15:00.0581 5936        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
14:15:00.0623 5936        USBAAPL64 - ok
14:15:00.0649 5936        usbccgp        (07e3498fc60834219d2356293da0fecc) C:\Windows\system32\DRIVERS\usbccgp.sys
14:15:00.0679 5936        usbccgp - ok
14:15:00.0701 5936        usbcir          (9247f7e0b65852c1f6631480984d6ed2) C:\Windows\system32\drivers\usbcir.sys
14:15:00.0755 5936        usbcir - ok
14:15:00.0771 5936        usbehci        (827e44de934a736ea31e91d353eb126f) C:\Windows\system32\DRIVERS\usbehci.sys
14:15:00.0801 5936        usbehci - ok
14:15:00.0826 5936        usbhub          (bb35cd80a2ececfadc73569b3d70c7d1) C:\Windows\system32\DRIVERS\usbhub.sys
14:15:00.0864 5936        usbhub - ok
14:15:00.0880 5936        usbohci        (e406b003a354776d317762694956b0fc) C:\Windows\system32\DRIVERS\usbohci.sys
14:15:00.0916 5936        usbohci - ok
14:15:00.0936 5936        usbprint        (28b693b6d31e7b9332c1bdcefef228c1) C:\Windows\system32\DRIVERS\usbprint.sys
14:15:00.0972 5936        usbprint - ok
14:15:01.0006 5936        usbscan        (ea0bf666868964fbe8cb10e50c97b9f1) C:\Windows\system32\DRIVERS\usbscan.sys
14:15:01.0036 5936        usbscan - ok
14:15:01.0067 5936        usbser          (f7386007fb19e7685fc7b298560aa81f) C:\Windows\system32\drivers\usbser.sys
14:15:01.0103 5936        usbser - ok
14:15:01.0132 5936        UsbserFilt      (89123dc822ac7a708bd4c9e196a37610) C:\Windows\system32\DRIVERS\usbser_lowerfltx64j.sys
14:15:01.0157 5936        UsbserFilt - ok
14:15:01.0176 5936        USBSTOR        (b854c1558fca0c269a38663e8b59b581) C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:15:01.0208 5936        USBSTOR - ok
14:15:01.0228 5936        usbuhci        (7bf55d2538740b25936e93553e5d190d) C:\Windows\system32\DRIVERS\usbuhci.sys
14:15:01.0277 5936        usbuhci - ok
14:15:01.0314 5936        usb_rndisx      (1e36bb1a3c5aaf2aa9fa9a126df8c16c) C:\Windows\system32\DRIVERS\usb8023x.sys
14:15:01.0342 5936        usb_rndisx - ok
14:15:01.0383 5936        VClone          (c5e70c4e64666db9d69c9f2fdae22428) C:\Windows\system32\DRIVERS\VClone.sys
14:15:01.0412 5936        VClone - ok
14:15:01.0444 5936        vga            (916b94bcf1e09873fff2d5fb11767bbc) C:\Windows\system32\DRIVERS\vgapnp.sys
14:15:01.0480 5936        vga - ok
14:15:01.0513 5936        VgaSave        (b83ab16b51feda65dd81b8c59d114d63) C:\Windows\System32\drivers\vga.sys
14:15:01.0549 5936        VgaSave - ok
14:15:01.0578 5936        viaide          (8294b6c3fdb6c33f24e150de647ecdaa) C:\Windows\system32\drivers\viaide.sys
14:15:01.0593 5936        viaide - ok
14:15:01.0643 5936        vodafone_K3805-z_dc_enum (107972886ec42b82d839605a726d61f1) C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys
14:15:01.0673 5936        vodafone_K3805-z_dc_enum - ok
14:15:01.0700 5936        volmgr          (2b7e885ed951519a12c450d24535dfca) C:\Windows\system32\drivers\volmgr.sys
14:15:01.0721 5936        volmgr - ok
14:15:01.0752 5936        volmgrx        (cec5ac15277d75d9e5dec2e1c6eaf877) C:\Windows\system32\drivers\volmgrx.sys
14:15:01.0782 5936        volmgrx - ok
14:15:01.0814 5936        volsnap        (5280aada24ab36b01a84a6424c475c8d) C:\Windows\system32\drivers\volsnap.sys
14:15:01.0840 5936        volsnap - ok
14:15:01.0865 5936        vsmraid        (410ae2c141142c58bc617fc2c677f8b0) C:\Windows\system32\drivers\vsmraid.sys
14:15:01.0883 5936        vsmraid - ok
14:15:01.0910 5936        WacomPen        (fef8fe5923fead2cee4dfabfce3393a7) C:\Windows\system32\drivers\wacompen.sys
14:15:01.0961 5936        WacomPen - ok
14:15:01.0988 5936        Wanarp          (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:02.0029 5936        Wanarp - ok
14:15:02.0033 5936        Wanarpv6        (b8e7049622300d20ba6d8be0c47c0cfd) C:\Windows\system32\DRIVERS\wanarp.sys
14:15:02.0067 5936        Wanarpv6 - ok
14:15:02.0104 5936        Wd              (59b501b0a04c9672142b7ffa2bdbf663) C:\Windows\system32\drivers\wd.sys
14:15:02.0120 5936        Wd - ok
14:15:02.0166 5936        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
14:15:02.0209 5936        Wdf01000 - ok
14:15:02.0262 5936        WmiAcpi        (ae34218455d5dc12d1e45de85f160346) C:\Windows\system32\drivers\wmiacpi.sys
14:15:02.0313 5936        WmiAcpi - ok
14:15:02.0364 5936        WpdUsb          (5e2401b3fc1089c90e081291357371a9) C:\Windows\system32\DRIVERS\wpdusb.sys
14:15:02.0395 5936        WpdUsb - ok
14:15:02.0427 5936        ws2ifsl        (8a900348370e359b6bff6a550e4649e1) C:\Windows\system32\drivers\ws2ifsl.sys
14:15:02.0470 5936        ws2ifsl - ok
14:15:02.0521 5936        WUDFRd          (501a65252617b495c0f1832f908d54d8) C:\Windows\system32\DRIVERS\WUDFRd.sys
14:15:02.0561 5936        WUDFRd - ok
14:15:02.0637 5936        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
14:15:02.0756 5936        \Device\Harddisk0\DR0 - ok
14:15:02.0768 5936        MBR (0x1B8)    (5c616939100b85e558da92b899a0fc36) \Device\Harddisk1\DR1
14:15:02.0808 5936        \Device\Harddisk1\DR1 - ok
14:15:02.0822 5936        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk2\DR2
14:15:02.0890 5936        \Device\Harddisk2\DR2 - ok
14:15:02.0893 5936        Boot (0x1200)  (d34a71973a4b09188f63935ff862a384) \Device\Harddisk0\DR0\Partition0
14:15:02.0895 5936        \Device\Harddisk0\DR0\Partition0 - ok
14:15:02.0935 5936        Boot (0x1200)  (98a1fe948625d6b6226fc305b756b779) \Device\Harddisk0\DR0\Partition1
14:15:02.0935 5936        \Device\Harddisk0\DR0\Partition1 - ok
14:15:02.0947 5936        Boot (0x1200)  (1c1ccee7eb9ad72dd2d60949fdc1f33c) \Device\Harddisk1\DR1\Partition0
14:15:02.0948 5936        \Device\Harddisk1\DR1\Partition0 - ok
14:15:02.0960 5936        Boot (0x1200)  (9b97f2d95e95a9eb329f22423bd07bfb) \Device\Harddisk1\DR1\Partition1
14:15:02.0960 5936        \Device\Harddisk1\DR1\Partition1 - ok
14:15:02.0991 5936        Boot (0x1200)  (3411e83fcf80683ebb361cf1188ac746) \Device\Harddisk2\DR2\Partition0
14:15:02.0991 5936        \Device\Harddisk2\DR2\Partition0 - ok
14:15:03.0013 5936        Boot (0x1200)  (6e07eae6253397aee0102363441f01d0) \Device\Harddisk2\DR2\Partition1
14:15:03.0014 5936        \Device\Harddisk2\DR2\Partition1 - ok
14:15:03.0014 5936        ============================================================
14:15:03.0014 5936        Scan finished
14:15:03.0014 5936        ============================================================
14:15:03.0023 5136        Detected object count: 1
14:15:03.0023 5136        Actual detected object count: 1
14:15:22.0239 5136        sptd ( LockedFile.Multi.Generic ) - skipped by user
14:15:22.0239 5136        sptd ( LockedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 16:48 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131