Trojaner-Board - Habe mir einiges eingefangen (Trojaner/Viren)

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Habe mir einiges eingefangen (Trojaner/Viren) (https://www.trojaner-board.de/124722-habe-mir-einiges-eingefangen-trojaner-viren.html)

Habe mir einiges eingefangen (Trojaner/Viren)

Hallo Zusammen,

ich habe Malware auf meinem PC gefunden. Möchte sie gerne beseitigt haben.

Ein weiteres Problem ist, dass sich seit geraumer Zeit, die Facebook Seite bei mir nicht mehr vollständig aufbaut bzw. läd.

Dieses Problem besteht beim IE, Opera und Firefox!

Ansonsten funktionieren meine Browser, ohne weitere Schwierigkeiten.

Ich hoffe ihr könnt mir weiterhelfen.

Gruß

Ich habe Malwarebytes durchlaufen lassen.

Es gab einen Fund. Diesen konnte ich aber nicht in Quarantäne verschieben. Daher habe ich ihn jetzt entfernen lassen.

Screenshot vom Fund habe ich hochgeladen. OTL Scan folgt...

Malwarebytes Anti-Malware (Test) 1.65.0.1400
Malwarebytes : Free anti-malware download

Datenbank Version: v2012.09.26.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Olli :: OLLI-PC [Administrator]

Schutz: Deaktiviert

26.09.2012 12:46:17
mbam-log-2012-09-26 (14-25-29).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 373557
Laufzeit: 1 Stunde(n), 17 Minute(n), 36 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 1
C:\Users\Olli\Desktop\BMRadio\voiceswitch_setup.exe (Adware.Onlinegames) -> Keine Aktion durchgeführt.

(Ende)

Screenshot vom Fund durch den Malwarebytes Scan..

Hi,

Poste nochmal ein frisches OTL logfile.

OTL Scan log im Anhang...

Logs bitte im Thread posten, nicht anhängen :)

Downloade dir bitte Windows Repair (All In One) von hier.

Installiere das Programm. Starte es, nachdem die Installation abgeschlossen wurde.
Klicke auf Step 2 und drücke unter Check Disk auf Do It.

http://i1224.photobucket.com/albums/...3/Capture3.gif
Wenn der Vorgang abgeschlossen ist, klicke auf Step 3 und drücke unter System File Check auf Do It.

http://i1224.photobucket.com/albums/...y3/Capture.gif
Nachdem der Vorgang abgeschlossen ist, klicke auf Start Repairs, wähle den Advanced Mode und drücke Start.

http://i1224.photobucket.com/albums/...3/Capture1.gif
Gehe bitte sicher, dass die Kästchen wie unten zu sehen angehakt sind. Bitte hake zusätzlich noch Set Windows Services to Default Startup an.
Hake Restart System when Finished an.
Drücke Start.

http://i1238.photobucket.com/albums/...eakingtool.jpg

Habe alle Schritte vollzogen.
Gibt es eine Log File irgendwo?

Gruß

UPDATE: Habe soeben Facebook getestet! Es ging auf anhieb :))))))))))) - ich hoffe das bleibt jetzt so.

Nee. Was macht der Rechner?

Also wie gesagt, Rechner läuft stabil...und Facebook wurde soeben auf anhieb wieder ganz normal angezeigt :)

Ich beobachte das ganze jetzt die nächsten Tage und melde mich nochmal.

Soll ich nochmal einen Scan machen? Möchtest du gerne nochmal eine Log File haben?

Gruß

Genau, teste mal ein paar Tage und melde dich mit einem frischen OTL logfile :)

Hallo Schrauber,

erstmal möchte ich Dir vielmals danken, dafür das du dir die Zeit für mich und meinem Trojaner- bzw. Facebook-Problem genommen hast.

Ich finde es echt erstaunlich, dass es noch Leute wie Dich gibt, die sowas ehrenamtlich in ihrer Freizeit auf sich nehmen. Dafür nochmals Danke.

Das Problem, scheint nun endgültig beseitigt zu sein. Es gab die letzten Tage, keine weiteren Probleme bzw. Auffälligkeiten. :daumenhoc

Ich poste gleich eine frische OTL-Log File.

Vielen Dank und hoffentlich nicht so schnell auf ein Wiederhören ;-)

Gruß
Olli

OTL Logfile:

Code:

OTL logfile created on: 01.10.2012 19:50:34 - Run 4

OTL by OldTimer - Version 3.2.61.5     Folder = C:\Users\Olli\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,00 Gb Available Physical Memory | 66,61% Memory free

12,00 Gb Paging File | 9,45 Gb Available in Paging File | 78,76% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 297,99 Gb Total Space | 187,22 Gb Free Space | 62,83% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 344,41 Gb Free Space | 73,95% Space Free | Partition Type: NTFS

 

Computer Name: OLLI-PC | User Name: Olli | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.09.16 10:44:38 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe

PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2012.09.05 16:51:44 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe

PRC - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.02.19 22:26:04 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

PRC - [2011.11.11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

PRC - [2010.10.28 12:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

PRC - [2010.05.05 19:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe

PRC - [2010.05.05 19:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe

PRC - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe

PRC - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe

PRC - [2009.09.24 10:50:56 | 001,124,424 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

PRC - [2009.09.18 15:49:08 | 000,924,232 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

PRC - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

PRC - [2009.03.20 02:03:00 | 001,904,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

PRC - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe

PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2012.09.05 16:51:44 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

MOD - [2012.04.03 07:15:22 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.08.12 13:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll

MOD - [2011.08.12 13:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll

MOD - [2011.08.12 13:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll

MOD - [2011.08.12 13:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll

MOD - [2011.08.12 13:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll

MOD - [2010.10.28 12:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

MOD - [2009.03.26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL

MOD - [2006.06.09 15:20:04 | 000,003,072 | ---- | M] () -- C:\Windows\SysWOW64\CTXFIGER.DLL

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2011.11.10 05:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.04.03 19:18:00 | 001,262,912 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.02.19 22:26:04 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)

SRV - [2011.04.02 11:34:17 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)

SRV - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)

SRV - [2009.11.25 03:07:32 | 001,731,504 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)

SRV - [2009.11.25 03:05:05 | 001,664,560 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)

SRV - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)

SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.0)

DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.01.24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)

DRV:64bit: - [2012.01.24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)

DRV:64bit: - [2012.01.18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)

DRV:64bit: - [2012.01.18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)

DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2011.11.10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011.11.10 04:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011.10.17 19:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.04.02 11:27:43 | 000,057,288 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)

DRV:64bit: - [2011.04.02 11:27:35 | 000,074,184 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)

DRV:64bit: - [2011.04.02 11:26:02 | 000,048,584 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)

DRV:64bit: - [2011.04.02 11:25:55 | 000,034,760 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)

DRV:64bit: - [2011.04.02 11:11:31 | 000,042,952 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.05.05 21:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)

DRV:64bit: - [2010.05.05 21:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)

DRV:64bit: - [2010.05.05 21:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV:64bit: - [2010.05.05 21:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV:64bit: - [2010.05.05 21:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)

DRV:64bit: - [2010.05.05 21:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)

DRV:64bit: - [2010.05.05 21:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)

DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)

DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)

DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)

DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)

DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009.11.17 02:16:43 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)

DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)

DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)

DRV:64bit: - [2009.03.20 02:03:00 | 000,014,120 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)

DRV - [2012.10.01 08:34:30 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)

DRV - [2009.10.28 07:09:33 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 68 66 0D FC 25 CC 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {2016611B-8A4B-42C2-9469-F95EE3477331}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{2016611B-8A4B-42C2-9469-F95EE3477331}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "www.spiegel.de"

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.25 19:52:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2011.04.02 17:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli\AppData\Roaming\mozilla\Extensions

[2011.04.02 17:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2012.09.25 19:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011.04.02 11:27:06 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}

[2012.07.15 22:26:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012.09.05 17:26:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.09.05 17:21:39 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml

[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2012.09.26 21:15:24 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG)

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG)

O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)

O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G DATA Software AG)

O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\ssmmgr.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Creative Software AutoUpdate Support Package 1)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75A3CA0E-161F-4AE2-85AE-3D6100F4961F}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0A71D75-3B44-4A9E-B0A2-A5FADD0C1D2A}: DhcpNameServer = 192.168.178.1

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.01 14:41:43 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\VERKAUFEEEEEEEEN

[2012.09.26 21:17:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2012.09.26 21:12:02 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe

[2012.09.26 15:08:27 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2012.09.26 15:07:29 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs

[2012.09.26 15:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

[2012.09.26 15:07:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com

[2012.09.26 08:57:26 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe

[2012.09.25 21:41:58 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\XAVAS - Gespaltene Persönlichkeit (2012)

[2012.09.25 19:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012.09.25 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Miguel - Kaleidoscope Dream (Album)

[2012.09.24 16:36:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012.09.24 16:36:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.09.24 16:36:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012.09.24 16:36:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012.09.24 16:36:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.09.24 16:36:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.09.24 16:36:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012.09.24 16:36:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012.09.24 16:36:44 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012.09.24 16:36:44 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012.09.24 16:36:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.09.24 16:36:44 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012.09.24 16:36:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.09.24 16:36:43 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012.09.24 16:36:42 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.09.24 16:23:56 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Bücher Verkauf

[2012.09.17 23:25:35 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Auto Stick Songz

[2012.09.17 22:34:03 | 000,000,000 | ---D | C] -- C:\_OTL

[2012.09.16 20:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.09.16 20:21:52 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\Malwarebytes

[2012.09.16 20:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.09.16 20:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.09.16 20:21:34 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.09.16 20:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.09.16 20:12:57 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN

[2012.09.16 14:07:59 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2012.09.16 14:07:59 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2012.09.16 14:07:59 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2012.09.16 14:07:53 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012.09.16 14:07:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2012.09.16 13:25:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS

[2012.09.16 13:25:46 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\FIFA 13

[2012.09.16 13:25:06 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\FIFA 13 Demo

[2012.09.16 13:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 13 Demo

[2012.09.16 13:14:29 | 000,000,000 | ---D | C] -- C:\Config.Msi

[2012.09.16 10:44:37 | 000,600,064 | ---- | C] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe

[2012.09.13 09:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

[2012.09.13 09:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos

[2012.09.12 20:13:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys

[2012.09.12 20:13:25 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll

[2012.09.12 20:13:25 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys

[2012.09.12 20:13:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS

[2012.09.11 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Daddy_Yankee-Prestige-2012

[2012.09.10 22:24:13 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Olli\Desktop\HiJackThis204.exe

[2012.09.10 22:17:31 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\YourFileDownloader

[2012.09.10 19:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters

[2012.09.10 12:21:42 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\TrojanHunter

[2012.09.10 09:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.5

[2012.09.10 09:40:40 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe

[2012.09.10 09:40:32 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe

[2012.09.10 09:40:32 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

[2012.09.10 09:40:32 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll

[2012.09.10 09:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012.09.10 09:35:22 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Miguel - Kaleidoscope Dream The Air Preview - EP BMF

[2012.09.10 09:28:33 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\QuickScan

[2012.09.05 23:46:49 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Nas-Life_is_Good-2012-NOiR

[2012.09.05 23:42:46 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\DJ Khaled  Kiss The Ring (Deluxe Edition) 2012-CR

[2012.09.05 23:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2

[2012.09.05 23:25:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2

[2012.09.05 23:24:40 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\Guild Wars 2

[2012.09.05 23:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2012.09.05 22:56:16 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Talib Kweli  Z-Trip - Attack The Block

[2012.09.05 17:26:11 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2012.09.05 17:26:10 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2012.09.05 17:26:10 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2012.09.05 16:47:44 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll

[2012.09.05 16:47:41 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2012.09.05 16:47:41 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2012.09.05 16:47:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe

[2012.09.05 16:47:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll

[2012.09.05 16:47:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll

[2012.09.05 16:47:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll

[2012.09.05 16:47:36 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.01 17:54:39 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.10.01 17:54:39 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.10.01 17:54:39 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.10.01 17:54:39 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.10.01 17:54:39 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.10.01 17:54:22 | 000,013,760 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.01 17:54:22 | 000,013,760 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.01 17:49:13 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.10.01 17:49:09 | 536,223,743 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.01 16:20:23 | 000,061,344 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012.10.01 16:20:23 | 000,061,344 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012.10.01 16:20:23 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012.10.01 08:34:30 | 000,106,224 | ---- | M] (G Data Software) -- C:\Windows\SysWow64\drivers\GRD.sys

[2012.09.26 21:28:26 | 000,029,680 | ---- | M] () -- C:\Users\Olli\Desktop\vdv23.jpg

[2012.09.26 21:17:41 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2012.09.26 21:15:24 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012.09.26 15:12:02 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat

[2012.09.26 15:07:25 | 000,002,247 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk

[2012.09.25 22:08:50 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2012.09.25 22:08:50 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2012.09.25 22:08:39 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2012.09.25 19:39:37 | 000,053,880 | ---- | M] () -- C:\Users\Olli\bookmarks-2012-09-25.json

[2012.09.25 19:33:09 | 002,700,544 | ---- | M] () -- C:\Users\Olli\Desktop\Swimming Pools (Remix) Feat. August.mp3

[2012.09.25 19:31:32 | 004,844,902 | ---- | M] () -- C:\Users\Olli\Desktop\Swiss Francs (Remix) Feat. Booba.mp3

[2012.09.25 19:09:05 | 003,976,869 | ---- | M] () -- C:\Users\Olli\Desktop\Ludacris feat Kelly Rowland - Representin' BMF.mp3

[2012.09.19 21:08:35 | 005,969,488 | ---- | M] () -- C:\Users\Olli\Desktop\Hamilton Park feat Meek Mill - Suicide BMF.mp3

[2012.09.18 21:32:23 | 004,711,029 | ---- | M] () -- C:\Users\Olli\Desktop\Fat Joe feat Trey Songz, Pusha T, Ashanti & Miguel - Pride N Joy (Remix) BMF.mp3

[2012.09.18 20:53:36 | 000,053,880 | ---- | M] () -- C:\Users\Olli\bookmarks-2012-09-18.json

[2012.09.17 20:58:45 | 000,163,441 | ---- | M] () -- C:\Users\Olli\fblaednichtvollstaendig.jpg

[2012.09.16 20:21:37 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.09.16 20:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_536

[2012.09.16 13:14:39 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk

[2012.09.16 10:44:38 | 000,600,064 | ---- | M] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe

[2012.09.16 10:39:36 | 000,002,097 | ---- | M] () -- C:\Users\Olli\Desktop\hjtscanlist.zip

[2012.09.12 22:41:24 | 003,825,977 | ---- | M] () -- C:\Users\Olli\Desktop\Aaliyah featuring Drake - Enough Said.mp3

[2012.09.12 22:28:20 | 003,119,814 | ---- | M] () -- C:\Users\Olli\Desktop\Casper - Halbe Mille (HD Video).mp3

[2012.09.12 21:26:54 | 003,986,583 | ---- | M] () -- C:\Users\Olli\Desktop\Jonesmann feat Manuellsen   Wo wär ich.mp3

[2012.09.12 21:24:22 | 004,787,559 | ---- | M] () -- C:\Users\Olli\Desktop\Samson Jones __ _Bis ans Meer_.mp3

[2012.09.12 21:21:32 | 003,757,029 | ---- | M] () -- C:\Users\Olli\Desktop\Jonesmann - So Viel (Thug Life).mp3

[2012.09.12 21:19:00 | 002,847,047 | ---- | M] () -- C:\Users\Olli\Desktop\Samson Jones - Wir bleiben zusammen [HD].mp3

[2012.09.12 21:13:24 | 003,745,134 | ---- | M] () -- C:\Users\Olli\Desktop\First To Last.mp3

[2012.09.12 20:13:58 | 013,759,737 | ---- | M] () -- C:\Users\Olli\Desktop\Matt Struve Fitness - Ultimate 6-Pack Abs Exercise.mp4

[2012.09.11 22:28:29 | 002,291,552 | ---- | M] () -- C:\Users\Olli\Desktop\Foto.JPG

[2012.09.11 14:29:00 | 007,223,973 | ---- | M] () -- C:\Users\Olli\Desktop\19 Fuck U Bitch.mp3

[2012.09.11 14:28:50 | 008,071,465 | ---- | M] () -- C:\Users\Olli\Desktop\20 Love That Bitch (Feat. Jannyce).mp3

[2012.09.10 22:51:57 | 008,812,564 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii feat. Mike Posner - Stay With You (OverLine Edit).mp3

[2012.09.10 22:50:21 | 013,885,765 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Avicii Exclusive Ralph Lauren Denim & Supply Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:48:42 | 015,930,629 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Lazy Rich Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:24:14 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Olli\Desktop\HiJackThis204.exe

[2012.09.10 22:05:58 | 014,287,351 | ---- | M] () -- C:\Users\Olli\Desktop\Calvin Harris Ft. Florence Welch - Sweet Nothing (Extended Mix).mp3

[2012.09.10 22:00:56 | 007,723,216 | ---- | M] () -- C:\Users\Olli\Desktop\Daddy Yankee Ft. Nicky Jam - El Party Me Llama.mp3

[2012.09.10 21:57:40 | 009,719,280 | ---- | M] () -- C:\Users\Olli\Desktop\R.J. ft. Pitbull - Live 4 Die 4 (David May Extended Mix).mp3

[2012.09.10 12:21:34 | 000,228,375 | ---- | M] () -- C:\Users\Olli\trojaner.jpg

[2012.09.10 09:51:35 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll

[2012.09.10 09:40:25 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll

[2012.09.10 09:40:23 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe

[2012.09.10 09:40:23 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe

[2012.09.10 09:40:23 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

[2012.09.10 09:40:22 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll

[2012.09.10 09:40:22 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll

[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.09.05 23:36:34 | 012,945,033 | ---- | M] () -- C:\Users\Olli\Desktop\Swedish House Mafia Feat. John Martin - Don't You Worry Child (Extended Mix) www.FreeNutka.pl .mp3

[2012.09.05 23:29:53 | 006,280,213 | ---- | M] () -- C:\Users\Olli\Desktop\Ryan Leslie feat. Fabolous - Beautiful Lie (Final Version).mp3

[2012.09.05 23:28:44 | 004,595,331 | ---- | M] () -- C:\Users\Olli\Desktop\Ryan Leslie - _Winning.mp3

[2012.09.05 23:28:11 | 005,346,387 | ---- | M] () -- C:\Users\Olli\Desktop\Jackie Boyz - Talk To Me (Prod. by Covea Jiles) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:27:25 | 009,178,758 | ---- | M] () -- C:\Users\Olli\Desktop\T-Town ft. Mike Hough - Here With Me (Produced by T-Town).mp3

[2012.09.05 23:25:04 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk

[2012.09.05 23:10:16 | 007,704,956 | ---- | M] () -- C:\Users\Olli\Desktop\Alicia Keys feat. Nicki Minaj - Girl On Fire (Inferno Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:09:36 | 006,253,436 | ---- | M] () -- C:\Users\Olli\Desktop\Alicia Keys - Girl on Fire (Blue Light Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:07:58 | 003,606,108 | ---- | M] () -- C:\Users\Olli\Desktop\Lemar - The First Time [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:07:46 | 004,491,347 | ---- | M] () -- C:\Users\Olli\Desktop\A$AP Rocky - Cockiness (Remix).mp3

[2012.09.05 22:59:15 | 000,001,584 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk

[2012.09.05 17:15:41 | 000,293,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.09.05 16:57:14 | 004,599,541 | ---- | M] () -- C:\Users\Olli\Desktop\Adorn (Remix) Feat. Wiz Khalifa.mp3

[2012.09.05 16:51:44 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.09.05 16:51:44 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

 
 ========== Files Created - No Company Name ==========

 

[2012.09.26 21:28:25 | 000,029,680 | ---- | C] () -- C:\Users\Olli\Desktop\vdv23.jpg

[2012.09.26 21:13:04 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe

[2012.09.26 15:12:02 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat

[2012.09.26 15:07:25 | 000,002,247 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk

[2012.09.25 19:52:40 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012.09.25 19:39:37 | 000,053,880 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-09-25.json

[2012.09.25 19:33:07 | 002,700,544 | ---- | C] () -- C:\Users\Olli\Desktop\Swimming Pools (Remix) Feat. August.mp3

[2012.09.25 19:31:29 | 004,844,902 | ---- | C] () -- C:\Users\Olli\Desktop\Swiss Francs (Remix) Feat. Booba.mp3

[2012.09.25 19:09:02 | 003,976,869 | ---- | C] () -- C:\Users\Olli\Desktop\Ludacris feat Kelly Rowland - Representin' BMF.mp3

[2012.09.19 21:08:32 | 005,969,488 | ---- | C] () -- C:\Users\Olli\Desktop\Hamilton Park feat Meek Mill - Suicide BMF.mp3

[2012.09.18 21:32:18 | 004,711,029 | ---- | C] () -- C:\Users\Olli\Desktop\Fat Joe feat Trey Songz, Pusha T, Ashanti & Miguel - Pride N Joy (Remix) BMF.mp3

[2012.09.18 20:53:36 | 000,053,880 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-09-18.json

[2012.09.17 20:58:45 | 000,163,441 | ---- | C] () -- C:\Users\Olli\fblaednichtvollstaendig.jpg

[2012.09.16 20:21:37 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.09.16 14:07:59 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012.09.16 14:07:59 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012.09.16 14:07:59 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012.09.16 14:07:59 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012.09.16 14:07:59 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012.09.16 13:14:39 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk

[2012.09.16 10:39:35 | 000,002,097 | ---- | C] () -- C:\Users\Olli\Desktop\hjtscanlist.zip

[2012.09.12 22:41:23 | 003,825,977 | ---- | C] () -- C:\Users\Olli\Desktop\Aaliyah featuring Drake - Enough Said.mp3

[2012.09.12 22:28:09 | 003,119,814 | ---- | C] () -- C:\Users\Olli\Desktop\Casper - Halbe Mille (HD Video).mp3

[2012.09.12 21:26:38 | 003,986,583 | ---- | C] () -- C:\Users\Olli\Desktop\Jonesmann feat Manuellsen   Wo wär ich.mp3

[2012.09.12 21:24:05 | 004,787,559 | ---- | C] () -- C:\Users\Olli\Desktop\Samson Jones __ _Bis ans Meer_.mp3

[2012.09.12 21:21:17 | 003,757,029 | ---- | C] () -- C:\Users\Olli\Desktop\Jonesmann - So Viel (Thug Life).mp3

[2012.09.12 21:18:46 | 002,847,047 | ---- | C] () -- C:\Users\Olli\Desktop\Samson Jones - Wir bleiben zusammen [HD].mp3

[2012.09.12 21:13:21 | 003,745,134 | ---- | C] () -- C:\Users\Olli\Desktop\First To Last.mp3

[2012.09.12 21:09:41 | 008,071,465 | ---- | C] () -- C:\Users\Olli\Desktop\20 Love That Bitch (Feat. Jannyce).mp3

[2012.09.12 21:09:39 | 007,223,973 | ---- | C] () -- C:\Users\Olli\Desktop\19 Fuck U Bitch.mp3

[2012.09.12 20:13:50 | 013,759,737 | ---- | C] () -- C:\Users\Olli\Desktop\Matt Struve Fitness - Ultimate 6-Pack Abs Exercise.mp4

[2012.09.10 22:54:51 | 002,291,552 | ---- | C] () -- C:\Users\Olli\Desktop\Foto.JPG

[2012.09.10 22:51:52 | 008,812,564 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii feat. Mike Posner - Stay With You (OverLine Edit).mp3

[2012.09.10 22:47:34 | 013,885,765 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Avicii Exclusive Ralph Lauren Denim & Supply Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:45:44 | 015,930,629 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Lazy Rich Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:03:24 | 014,287,351 | ---- | C] () -- C:\Users\Olli\Desktop\Calvin Harris Ft. Florence Welch - Sweet Nothing (Extended Mix).mp3

[2012.09.10 21:59:33 | 007,723,216 | ---- | C] () -- C:\Users\Olli\Desktop\Daddy Yankee Ft. Nicky Jam - El Party Me Llama.mp3

[2012.09.10 21:55:56 | 009,719,280 | ---- | C] () -- C:\Users\Olli\Desktop\R.J. ft. Pitbull - Live 4 Die 4 (David May Extended Mix).mp3

[2012.09.10 12:21:33 | 000,228,375 | ---- | C] () -- C:\Users\Olli\trojaner.jpg

[2012.09.10 09:51:19 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll

[2012.09.05 23:36:22 | 012,945,033 | ---- | C] () -- C:\Users\Olli\Desktop\Swedish House Mafia Feat. John Martin - Don't You Worry Child (Extended Mix) www.FreeNutka.pl .mp3

[2012.09.05 23:28:45 | 006,280,213 | ---- | C] () -- C:\Users\Olli\Desktop\Ryan Leslie feat. Fabolous - Beautiful Lie (Final Version).mp3

[2012.09.05 23:27:54 | 004,595,331 | ---- | C] () -- C:\Users\Olli\Desktop\Ryan Leslie - _Winning.mp3

[2012.09.05 23:27:13 | 005,346,387 | ---- | C] () -- C:\Users\Olli\Desktop\Jackie Boyz - Talk To Me (Prod. by Covea Jiles) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:25:46 | 009,178,758 | ---- | C] () -- C:\Users\Olli\Desktop\T-Town ft. Mike Hough - Here With Me (Produced by T-Town).mp3

[2012.09.05 23:25:04 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk

[2012.09.05 23:08:53 | 007,704,956 | ---- | C] () -- C:\Users\Olli\Desktop\Alicia Keys feat. Nicki Minaj - Girl On Fire (Inferno Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:08:29 | 006,253,436 | ---- | C] () -- C:\Users\Olli\Desktop\Alicia Keys - Girl on Fire (Blue Light Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:07:19 | 003,606,108 | ---- | C] () -- C:\Users\Olli\Desktop\Lemar - The First Time [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:06:58 | 004,491,347 | ---- | C] () -- C:\Users\Olli\Desktop\A$AP Rocky - Cockiness (Remix).mp3

[2012.09.05 22:59:15 | 000,001,584 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk

[2012.09.05 16:57:11 | 004,599,541 | ---- | C] () -- C:\Users\Olli\Desktop\Adorn (Remix) Feat. Wiz Khalifa.mp3

[2012.07.05 12:22:59 | 000,127,215 | ---- | C] () -- C:\Users\Olli\ichhabneuenikes.png

[2012.06.18 21:03:49 | 001,682,393 | ---- | C] () -- C:\Users\Olli\Foto(2).JPG

[2012.06.18 20:55:33 | 001,594,647 | ---- | C] () -- C:\Users\Olli\Foto(1).JPG

[2012.05.28 22:39:54 | 000,015,335 | ---- | C] () -- C:\Users\Olli\monitor.jpg

[2012.05.24 14:54:23 | 000,452,742 | ---- | C] () -- C:\Users\Olli\20LNC2.JPG

[2012.05.24 14:54:23 | 000,448,036 | ---- | C] () -- C:\Users\Olli\20LNC1.JPG

[2012.05.19 10:34:43 | 003,387,997 | ---- | C] () -- C:\Users\Olli\wallpaper020-1920x1080.jpg

[2012.05.13 23:15:01 | 000,442,359 | ---- | C] () -- C:\Users\Olli\image.jpg

[2012.05.01 20:49:22 | 000,274,762 | ---- | C] () -- C:\Users\Olli\464735_292791490805610_211542765597150_705372_237206692_o.jpg

[2012.04.16 12:02:49 | 000,027,629 | ---- | C] () -- C:\Users\Olli\studiengangc9c75d1e-3620-47af-8452-676792999cb2.pdf

[2012.04.16 11:45:01 | 000,010,908 | ---- | C] () -- C:\Users\Olli\Reporteaa90062-9519-4457-b052-5e6d24ef86c7.pdf

[2012.04.15 13:55:25 | 000,224,313 | ---- | C] () -- C:\Users\Olli\Header adidas Trikot neu.jpg

[2012.04.03 07:16:04 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2012.04.01 18:13:29 | 000,559,125 | ---- | C] () -- C:\Users\Olli\457319_3176029072535_1019833424_32975851_559300883_o.jpg

[2012.04.01 12:22:02 | 000,139,656 | ---- | C] () -- C:\Users\Olli\pA_fh_30032012_010.jpg

[2012.04.01 12:20:07 | 000,210,371 | ---- | C] () -- C:\Users\Olli\pA_fh_30032012_095.jpg

[2012.03.26 21:05:12 | 000,118,430 | ---- | C] () -- C:\Users\Olli\plugin-formelsammlung_Kompatibilitaetsmodus_.pdf

[2012.03.20 20:37:41 | 000,037,690 | ---- | C] () -- C:\Users\Olli\408466_294213293984199_100001865927236_732412_1911041712_n.jpg

[2012.03.19 16:32:58 | 000,759,641 | ---- | C] () -- C:\Users\Olli\VM_120319_00001.pdf

[2012.03.16 12:15:50 | 000,038,044 | ---- | C] () -- C:\Users\Olli\Hausratversicherung_Angebot_Oliver Müller.pdf

[2012.03.16 01:28:24 | 000,050,898 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-03-16.json

[2012.03.13 21:10:22 | 002,000,256 | ---- | C] () -- C:\Users\Olli\Foto.JPG

[2012.03.09 11:14:10 | 002,022,949 | ---- | C] () -- C:\Users\Olli\Antrag PHV Single.pdf

[2012.03.09 01:22:35 | 000,061,275 | ---- | C] () -- C:\Users\Olli\roter von rio.jpg

[2012.03.03 15:18:29 | 000,052,788 | ---- | C] () -- C:\Users\Olli\arena.jpg

[2012.02.23 23:28:53 | 000,249,704 | ---- | C] () -- C:\Users\Olli\BMW_X6.jpg

[2012.02.23 23:13:27 | 000,268,584 | ---- | C] () -- C:\Users\Olli\audiA8Seite.jpg

[2012.02.21 12:12:26 | 000,010,908 | R--- | C] () -- C:\Users\Olli\StudibescheinigungSS12.PDF

[2012.02.05 10:36:54 | 000,199,564 | ---- | C] () -- C:\Users\Olli\SALAA.jpg

[2012.01.27 22:49:54 | 000,289,874 | ---- | C] () -- C:\Users\Olli\Picture of me 1.png

[2012.01.18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll

[2012.01.18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll

[2012.01.18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

[2011.12.17 11:42:37 | 000,457,385 | ---- | C] () -- C:\Users\Olli\2. Seite Haftpflichtversicherungsrechnung 001.jpg

[2011.12.17 11:42:32 | 000,338,840 | ---- | C] () -- C:\Users\Olli\1. Seite Haftpflichtversicherungsrechnung 001.jpg

[2011.12.15 19:13:31 | 000,099,211 | ---- | C] () -- C:\Users\Olli\holstentor.jpg

[2011.12.15 17:00:14 | 021,294,420 | ---- | C] () -- C:\Users\Olli\Bauchmuskeltraining 8 Minuten Deutsch.mp4

[2011.12.07 20:00:48 | 000,167,187 | ---- | C] () -- C:\Users\Olli\stier2.png

[2011.12.07 19:58:58 | 000,267,296 | ---- | C] () -- C:\Users\Olli\stier.png

[2011.12.04 19:48:53 | 000,096,111 | ---- | C] () -- C:\Users\Olli\toere800-1323015415.jpg

[2011.12.01 16:52:25 | 001,406,612 | ---- | C] () -- C:\Users\Olli\Schimmel 1.JPG

[2011.12.01 16:52:02 | 001,096,324 | ---- | C] () -- C:\Users\Olli\Schimmel 2.JPG

[2011.11.20 17:49:35 | 000,093,166 | ---- | C] () -- C:\Users\Olli\Mueller, Oliver - 2010 Steuer.pdf

[2011.11.20 17:49:30 | 000,175,794 | ---- | C] () -- C:\Users\Olli\Müller, Oliver - 2009 Steuer.pdf

[2011.11.17 16:44:38 | 000,463,480 | ---- | C] () -- C:\Users\Olli\drizzy.jpg

[2011.11.13 22:06:24 | 000,065,862 | ---- | C] () -- C:\Users\Olli\389951_291343820896138_100000615686743_889845_603073080_n.jpg

[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll

[2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2011.11.04 17:15:06 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe

[2011.11.04 17:14:21 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe

[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll

[2011.10.03 19:08:02 | 000,035,052 | ---- | C] () -- C:\Users\Olli\foodprocessing.jpg

[2011.09.27 23:37:31 | 000,096,337 | ---- | C] () -- C:\Users\Olli\tumblr_lmuuycsF2T1qk8ks2o1_500.jpg

[2011.09.27 23:37:00 | 000,042,707 | ---- | C] () -- C:\Users\Olli\tumblr_lnof9adIeE1qjt5kqo1_400.jpg

[2011.09.27 23:33:19 | 000,067,250 | ---- | C] () -- C:\Users\Olli\tumblr_lpmvc8Rt971qhhun0o1_500.jpg

[2011.09.27 23:32:23 | 000,029,801 | ---- | C] () -- C:\Users\Olli\tumblr_lrtqjeGkwI1qc1mlvo1_500.jpg

[2011.09.21 21:44:37 | 000,047,789 | ---- | C] () -- C:\Users\Olli\16440-i-love-house-music-house-music-symbol.jpg

[2011.09.21 21:43:20 | 000,164,995 | ---- | C] () -- C:\Users\Olli\i_love_housemusic.jpg

[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011.08.31 19:24:11 | 001,864,407 | ---- | C] () -- C:\Users\Olli\DSC01699.JPG

[2011.08.31 19:23:41 | 002,554,778 | ---- | C] () -- C:\Users\Olli\DSC01693.JPG

[2011.08.31 17:02:12 | 002,650,681 | ---- | C] () -- C:\Users\Olli\DSC01623.JPG

[2011.05.11 17:55:08 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.04.04 19:01:00 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.04.03 12:47:05 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe

[2011.04.03 12:47:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.04.02 11:40:15 | 000,001,065 | ---- | C] () -- C:\Windows\winamp.ini

[2011.04.02 11:33:26 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2011.04.02 11:33:26 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2011.04.02 11:32:47 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL

[2011.04.02 10:55:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

 
 ========== LOP Check ==========

 

[2011.12.04 16:30:29 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\DVDVideoSoft

[2011.11.08 17:39:41 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.04.06 20:35:22 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Foxit Software

[2012.04.29 14:45:55 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\FreeAudioPack

[2012.01.27 20:38:00 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Leadertech

[2011.06.09 19:37:49 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\LolClient

[2012.03.30 16:11:09 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\OpenOffice.org

[2012.03.16 01:31:22 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Opera

[2012.09.15 20:35:41 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Origin

[2011.04.15 17:15:26 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\PunkBuster

[2012.09.10 09:47:56 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\QuickScan

[2012.05.07 11:14:07 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TeamViewer

[2011.04.02 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Thunderbird

[2012.09.10 12:21:42 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TrojanHunter

[2009.09.18 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TS3Client

[2011.07.21 20:07:43 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TubeBox

[2012.09.10 22:17:31 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\YourFileDownloader

[2012.06.24 10:45:03 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:47F1DFAC
 

< End of report >

--- --- ---

Windows-Taste+R > Combofix /Uninstall > Enter drücken

OTL öffnen > Button Bereinigung drücken

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Ehm, ich glaube ich spinne -.- als ich soeben Combofix deinstalliert habe und auf Facebook gehe, ist das Problem wieder da, das die Seite wieder nicht richtig läd

....

Du willst mich ärgern stimmts? :D

Poste mal ein frisches OTL logfile.

Nachdem ich OTL "Bereinigen" getätigt habe, war ein Neustart erforderlich.

Jetzt ist OTL verschwunden...Habe es soeben neu geladen, allerdings erhalte ich jetzt eine Fehlermeldung des Programms, sobald ich auf "Scan" klicke.

Oh man...

Screenshot der Fehlermeldung im Anhang...

Kannst Du mir auch nen Screenshot anhängen von der fehlerhaften FB-Seite?

OTL löschen und neu laden, nochmal versuchen bitte :)

FB Screen...
OTL lösche ich jetzt und lade es nochmal neu...

Neu geladen...Fehlermeldung erscheint immernoch

Downloade dir bitte dds ( von sUBs ) von einem der folgenden Downloadspiegel und speichere die Datei auf deinem Desktop.

dds.com
dds.scr
dds.pif

Schließe alle laufenden Programme.
Starte DDS mit Doppelklick.
Es wird 2 Logfiles erstellen.
- dds.txt
- attach.txt
Speichere beide Logfiles auf deinem Desktop
Poste beide Logfiles hier.

Probiere FB mal bitte mit dem Internet Explorer.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.DDS Logfile:

Code:

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume1

Install Date: 01.04.2011 22:11:08

System Uptime: 01.10.2012 20:32:14 (1 hours ago)

.

Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD |  | 770-C45 (MS-7599)

Processor: AMD Athlon(tm) II X4 630 Processor | CPU 1 | 2800/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 298 GiB total, 195,502 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 466 GiB total, 344,406 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: AODDriver4.01

Device ID: ROOT\LEGACY_AODDRIVER4.01\0000

Manufacturer: 

Name: AODDriver4.01

PNP Device ID: ROOT\LEGACY_AODDRIVER4.01\0000

Service: AODDriver4.01

.

==== System Restore Points ===================

.

RP203: 01.10.2012 20:27:34 - ComboFix created restore point

.

==== Installed Programs ======================

.

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Apple Application Support

Apple Software Update

AVM FRITZ!WLAN

Battlefield 3™

Battlelog Web Plugins

CameraHelperMsi

Compatibility Pack für 2007 Office System

Creative Audio-Systemsteuerung

Creative Software AutoUpdate

Creative Sound Blaster Properties x64 Edition

Diablo III

erLT

ESET Online Scanner v3

ESN Sonar

FIFA 13 Demo

Foxit Reader

Free YouTube Download version 3.0.18.1123

Free YouTube to MP3 Converter version 3.10.13.1123

G Data InternetSecurity

Guild Wars 2

Java Auto Updater

Java(TM) 6 Update 22

Java(TM) 6 Update 35

Logitech Webcam-Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware Version 1.65.0.1400

Microsoft Office Word Viewer 2003

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Mozilla Firefox 15.0.1 (x86 de)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NVIDIA PhysX

NVIDIA Stereoscopic 3D Driver

OpenAL

OpenOffice.org 3.3

Opera 12.02

Origin

PokerStars.net

PunkBuster Services

QuickTime

Revo Uninstaller 1.93

Samsung SCX-3200 Series

Samsung_MonSetup

Scan Assistant

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870)

Skype™ 5.10

Sophos Anti-Rootkit 1.5.20

System Requirements Lab

Tweaking.com - Windows Repair (All in One)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Virtual DJ - Atomix Productions

VLC media player 1.1.9

Winamp (remove only)

.

==== End Of File ===========================
 

.DDS Logfile:
 

        Code:


        
DDS (Ver_2011-08-26.01) - NTFSAMD64 

Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_35

Run by Olli at 21:30:46 on 2012-10-01

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6143.4357 [GMT 2:00]

.

AV: G Data InternetSecurity 2010 *Enabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: G Data Personal Firewall *Enabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe

C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe

C:\Program Files (x86)\avmwlanstick\WlanNetService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k secsvcs

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\rundll32.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

C:\Windows\SysWOW64\Ctxfihlp.exe

C:\Windows\Samsung\PanelMgr\SSMMgr.exe

C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

C:\Program Files (x86)\iTunes\iTunesHelper.exe

C:\Windows\Samsung\PanelMgr\caller64.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\SysWOW64\CTXFISPI.EXE

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Winamp\Winamp.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe

C:\Windows\splwow64.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = about:blank

BHO: G Data WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll

BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

TB: G Data WebFilter: {0124123d-61b4-456f-af86-78c53a0790c5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll

mRun: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

mRun: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

mRun: [CTxfiHlp] CTXFIHLP.EXE

mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun

mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe

mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: Free YouTube Download - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab

TCP: DhcpNameServer = 192.168.178.1

TCP: Interfaces\{75A3CA0E-161F-4AE2-85AE-3D6100F4961F} : DhcpNameServer = 192.168.178.1

TCP: Interfaces\{F0A71D75-3B44-4A9E-B0A2-A5FADD0C1D2A} : DhcpNameServer = 192.168.178.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

{0124123D-61B4-456f-AF86-78C53A0790C5}

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

{DBC80044-A445-435b-BC74-9C25C1C588A9}

{0124123D-61B4-456f-AF86-78C53A0790C5}

mRun-x64: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

mRun-x64: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

mRun-x64: [CTxfiHlp] CTXFIHLP.EXE

mRun-x64: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun

mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

mRun-x64: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide

mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime

mRun-x64: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe

mRun-x64: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Olli\AppData\Roaming\Mozilla\Firefox\Profiles\7zy9oa8l.default\

FF - prefs.js: browser.startup.homepage - SPIEGEL ONLINE - Nachrichten

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll

FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

============= SERVICES / DRIVERS ===============

.

R0 GDBehave;GDBehave;C:\Windows\system32\drivers\GDBehave.sys --> C:\Windows\system32\drivers\GDBehave.sys [?]

R1 gdwfpcd;G DATA WFP CD;C:\Windows\system32\DRIVERS\gdwfpcd64.sys --> C:\Windows\system32\DRIVERS\gdwfpcd64.sys [?]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AVKProxy;G Data AntiVirus Proxy;C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2011-4-2 1128008]

R2 AVKService;G Data Scheduler;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2009-8-8 397896]

R2 AVKWCtl;G Data Dateisystem Wächter;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2011-4-2 1731504]

R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-9-16 399432]

R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2011-11-4 11576]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-4-3 382272]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

R3 FWLANUSB;AVM FRITZ!WLAN;C:\Windows\system32\DRIVERS\fwlanusb.sys --> C:\Windows\system32\DRIVERS\fwlanusb.sys [?]

R3 GDFwSvc;G Data Personal Firewall;C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2011-4-2 1664560]

R3 GDMnIcpt;GDMnIcpt;\??\C:\Windows\system32\drivers\MiniIcpt.sys --> C:\Windows\system32\drivers\MiniIcpt.sys [?]

R3 GDPkIcpt;GDPkIcpt;\??\C:\Windows\system32\drivers\PktIcpt.sys --> C:\Windows\system32\drivers\PktIcpt.sys [?]

R3 GDScan;G Data Scanner;C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe [2011-4-2 302152]

R3 HookCentre;HookCentre;\??\C:\Windows\system32\drivers\HookCentre.sys --> C:\Windows\system32\drivers\HookCentre.sys [?]

R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

R3 LVUVC64;Logitech HD Webcam C270(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-9-16 676936]

S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-2-22 1262912]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]

S3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

S3 avmeject;AVM Eject;C:\Windows\system32\drivers\avmeject.sys --> C:\Windows\system32\drivers\avmeject.sys [?]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-4-2 79360]

S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-9-25 114144]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\system32\Drivers\usbaapl64.sys --> C:\Windows\system32\Drivers\usbaapl64.sys [?]

S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

.

=============== Created Last 30 ================

.

2012-10-01 18:33:03        --------        d-sh--w-        C:\$RECYCLE.BIN

2012-10-01 06:35:30        9308616        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{18ABD1A1-B485-4A4A-8DA2-779ABD01D9FB}\mpengine.dll

2012-09-26 19:14:25        --------        d-----w-        C:\Windows\SysWow64\wbem\Performance

2012-09-26 19:13:04        303616        ----a-w-        C:\SetACL.exe

2012-09-26 19:12:02        290304        ----a-w-        C:\subinacl.exe

2012-09-26 13:07:29        --------        d-----w-        C:\Tweaking.com_Windows_Repair_Logs

2012-09-26 13:07:23        --------        d-----w-        C:\Program Files (x86)\Tweaking.com

2012-09-26 06:57:26        245760        ----a-w-        C:\Windows\System32\OxpsConverter.exe

2012-09-16 18:28:50        --------        d-----w-        C:\Program Files (x86)\ESET

2012-09-16 18:21:52        --------        d-----w-        C:\Users\Olli\AppData\Roaming\Malwarebytes

2012-09-16 18:21:36        --------        d-----w-        C:\ProgramData\Malwarebytes

2012-09-16 18:21:34        25928        ----a-w-        C:\Windows\System32\drivers\mbam.sys

2012-09-16 18:21:34        --------        d-----w-        C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-09-16 11:25:54        --------        d-sh--w-        C:\ProgramData\DSS

2012-09-13 07:04:37        --------        d-----w-        C:\Program Files (x86)\Sophos

2012-09-12 18:13:27        950128        ----a-w-        C:\Windows\System32\drivers\ndis.sys

2012-09-12 18:13:27        41472        ----a-w-        C:\Windows\System32\drivers\RNDISMP.sys

2012-09-12 18:13:25        574464        ----a-w-        C:\Windows\System32\d3d10level9.dll

2012-09-12 18:13:25        490496        ----a-w-        C:\Windows\SysWow64\d3d10level9.dll

2012-09-12 18:13:25        376688        ----a-w-        C:\Windows\System32\drivers\netio.sys

2012-09-12 18:13:25        1913200        ----a-w-        C:\Windows\System32\drivers\tcpip.sys

2012-09-12 18:13:24        288624        ----a-w-        C:\Windows\System32\drivers\FWPKCLNT.SYS

2012-09-10 20:17:31        --------        d-----w-        C:\Users\Olli\AppData\Roaming\YourFileDownloader

2012-09-10 17:32:27        --------        d-----w-        C:\ProgramData\Fighters

2012-09-10 10:21:42        --------        d-----w-        C:\Users\Olli\AppData\Roaming\TrojanHunter

2012-09-10 07:51:19        --------        d-----w-        C:\Program Files (x86)\TrojanHunter 5.5

2012-09-10 07:40:32        108008        ----a-w-        C:\Windows\System32\WindowsAccessBridge-64.dll

2012-09-10 07:28:33        --------        d-----w-        C:\Users\Olli\AppData\Roaming\QuickScan

2012-09-05 21:25:03        --------        d-----w-        C:\Program Files (x86)\Guild Wars 2

.

==================== Find3M  ====================

.

2012-10-01 06:34:30        106224        ----a-w-        C:\Windows\SysWow64\drivers\GRD.sys

2012-09-25 20:08:50        281520        ----a-w-        C:\Windows\SysWow64\PnkBstrB.xtr

2012-09-25 20:08:50        281520        ----a-w-        C:\Windows\SysWow64\PnkBstrB.exe

2012-09-25 20:08:39        280904        ----a-w-        C:\Windows\SysWow64\PnkBstrB.ex0

2012-09-10 07:40:22        916456        ----a-w-        C:\Windows\System32\deployJava1.dll

2012-09-10 07:40:22        1034216        ----a-w-        C:\Windows\System32\npdeployJava1.dll

2012-09-05 14:51:44        73416        ----a-w-        C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-05 14:51:44        696520        ----a-w-        C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-28 18:24:56        477168        ----a-w-        C:\Windows\SysWow64\npdeployJava1.dll

2012-08-28 18:24:53        473072        ----a-w-        C:\Windows\SysWow64\deployJava1.dll

2012-08-24 10:31:32        2312704        ----a-w-        C:\Windows\System32\jscript9.dll

2012-08-24 10:21:18        1392128        ----a-w-        C:\Windows\System32\wininet.dll

2012-08-24 10:20:11        1494528        ----a-w-        C:\Windows\System32\inetcpl.cpl

2012-08-24 10:14:45        173056        ----a-w-        C:\Windows\System32\ieUnatt.exe

2012-08-24 10:13:29        599040        ----a-w-        C:\Windows\System32\vbscript.dll

2012-08-24 10:09:42        2382848        ----a-w-        C:\Windows\System32\mshtml.tlb

2012-08-24 06:59:17        1800704        ----a-w-        C:\Windows\SysWow64\jscript9.dll

2012-08-24 06:51:27        1129472        ----a-w-        C:\Windows\SysWow64\wininet.dll

2012-08-24 06:51:02        1427968        ----a-w-        C:\Windows\SysWow64\inetcpl.cpl

2012-08-24 06:47:26        142848        ----a-w-        C:\Windows\SysWow64\ieUnatt.exe

2012-08-24 06:47:12        420864        ----a-w-        C:\Windows\SysWow64\vbscript.dll

2012-08-24 06:43:58        2382848        ----a-w-        C:\Windows\SysWow64\mshtml.tlb

2012-07-18 18:15:06        3148800        ----a-w-        C:\Windows\System32\win32k.sys

2012-07-04 22:13:27        59392        ----a-w-        C:\Windows\System32\browcli.dll

2012-07-04 22:13:27        136704        ----a-w-        C:\Windows\System32\browser.dll

2012-07-04 21:14:34        41984        ----a-w-        C:\Windows\SysWow64\browcli.dll

.

============= FINISH: 21:31:13,91 ===============

--- --- ---
--- --- ---

Im IE passiert noch weniger...er läd und läd aber es passiert gar nichts...

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

ICh weiss nicht ob wir das schonmal geklärt haben. Hast Du noch einen Rechner? Wenn ja da auch Probleme mit FB?

Hi Schrauber,

Nein, ich habe nur diesen einen Desktop-PC.

Combofix Logfile:

Code:

ComboFix 12-10-02.02 - Olli 02.10.2012  18:10:02.3.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6143.4248 [GMT 2:00]

ausgeführt von:: c:\users\Olli\Desktop\ComboFix.exe

AV: G Data InternetSecurity 2010 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}

FW: G Data Personal Firewall *Enabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-09-02 bis 2012-10-02  ))))))))))))))))))))))))))))))

.

.

2012-10-02 16:18 . 2012-10-02 16:18        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2012-10-02 16:18 . 2012-10-02 16:18        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-10-01 06:35 . 2012-08-30 07:27        9308616        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{18ABD1A1-B485-4A4A-8DA2-779ABD01D9FB}\mpengine.dll

2012-09-26 19:14 . 2012-09-26 19:14        --------        d-----w-        c:\windows\SysWow64\wbem\Performance

2012-09-26 19:13 . 2008-05-08 05:03        303616        ----a-w-        C:\SetACL.exe

2012-09-26 19:12 . 2004-06-11 23:33        290304        ----a-w-        C:\subinacl.exe

2012-09-26 13:08 . 2012-09-26 19:17        181064        ----a-w-        c:\windows\PSEXESVC.EXE

2012-09-26 13:07 . 2012-09-26 19:13        --------        d-----w-        C:\Tweaking.com_Windows_Repair_Logs

2012-09-26 13:07 . 2012-09-26 13:07        --------        d-----w-        c:\program files (x86)\Tweaking.com

2012-09-26 06:57 . 2012-08-21 21:01        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe

2012-09-24 14:36 . 2012-08-24 11:23        174216        ----a-w-        c:\program files\Internet Explorer\sqmapi.dll

2012-09-16 18:28 . 2012-09-16 18:28        --------        d-----w-        c:\program files (x86)\ESET

2012-09-16 18:21 . 2012-09-16 18:21        --------        d-----w-        c:\users\Olli\AppData\Roaming\Malwarebytes

2012-09-16 18:21 . 2012-09-16 18:21        --------        d-----w-        c:\programdata\Malwarebytes

2012-09-16 18:21 . 2012-09-16 18:21        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-09-16 18:21 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-09-16 11:25 . 2012-09-16 11:25        --------        d-sh--w-        c:\programdata\DSS

2012-09-13 07:04 . 2012-09-13 07:04        --------        d-----w-        c:\program files (x86)\Sophos

2012-09-12 18:13 . 2012-08-22 18:12        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys

2012-09-12 18:13 . 2012-07-04 20:26        41472        ----a-w-        c:\windows\system32\drivers\RNDISMP.sys

2012-09-12 18:13 . 2012-08-22 18:12        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-09-12 18:13 . 2012-08-22 18:12        376688        ----a-w-        c:\windows\system32\drivers\netio.sys

2012-09-12 18:13 . 2012-08-02 17:58        574464        ----a-w-        c:\windows\system32\d3d10level9.dll

2012-09-12 18:13 . 2012-08-02 16:57        490496        ----a-w-        c:\windows\SysWow64\d3d10level9.dll

2012-09-12 18:13 . 2012-08-22 18:12        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

2012-09-10 20:17 . 2012-09-10 20:17        --------        d-----w-        c:\users\Olli\AppData\Roaming\YourFileDownloader

2012-09-10 17:32 . 2012-09-10 17:32        --------        d-----w-        c:\programdata\Fighters

2012-09-10 10:21 . 2012-09-10 10:21        --------        d-----w-        c:\users\Olli\AppData\Roaming\TrojanHunter

2012-09-10 07:51 . 2012-09-10 17:43        --------        d-----w-        c:\program files (x86)\TrojanHunter 5.5

2012-09-10 07:40 . 2012-09-10 07:40        289768        ----a-w-        c:\windows\system32\javaws.exe

2012-09-10 07:40 . 2012-09-10 07:40        108008        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll

2012-09-10 07:40 . 2012-09-10 07:40        189416        ----a-w-        c:\windows\system32\javaw.exe

2012-09-10 07:40 . 2012-09-10 07:40        188904        ----a-w-        c:\windows\system32\java.exe

2012-09-10 07:40 . 2012-09-10 07:40        --------        d-----w-        c:\program files\Java

2012-09-10 07:28 . 2012-09-10 07:47        --------        d-----w-        c:\users\Olli\AppData\Roaming\QuickScan

2012-09-05 21:25 . 2012-09-05 22:47        --------        d-----w-        c:\program files (x86)\Guild Wars 2

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-01 06:34 . 2011-04-08 12:57        106224        ----a-w-        c:\windows\SysWow64\drivers\GRD.sys

2012-09-25 20:08 . 2011-04-04 17:01        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe

2012-09-25 20:08 . 2011-04-03 10:57        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr

2012-09-25 20:08 . 2011-04-04 17:01        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0

2012-09-12 19:03 . 2011-04-01 20:35        64462936        ----a-w-        c:\windows\system32\MRT.exe

2012-09-10 07:40 . 2012-04-24 15:41        916456        ----a-w-        c:\windows\system32\deployJava1.dll

2012-09-10 07:40 . 2012-04-24 15:41        1034216        ----a-w-        c:\windows\system32\npdeployJava1.dll

2012-09-05 14:51 . 2012-04-04 06:59        696520        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-05 14:51 . 2011-05-19 14:30        73416        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-28 18:24 . 2012-07-15 20:26        477168        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll

2012-08-28 18:24 . 2011-05-24 09:15        473072        ----a-w-        c:\windows\SysWow64\deployJava1.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2009-09-24 1124424]

"G DATA AntiVirus Trayapplication"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2009-09-18 924232]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-10-28 618496]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2009-03-20 1904640]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [x]

R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-04-03 1262912]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 ALSysIO;ALSysIO;c:\users\Olli\AppData\Local\Temp\ALSysIO64.sys [x]

R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 10567680]

R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 325632]

R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]

R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2009-03-20 14120]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-04-02 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-05 202840]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-05 94808]

R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\C7F1.tmp [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]

R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-09 1255736]

S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-04-02 34760]

S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\DRIVERS\gdwfpcd64.sys [2011-04-02 48584]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]

S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2009-12-07 1128008]

S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2009-08-08 397896]

S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2009-11-25 1731504]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]

S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-11-17 11576]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-04-03 382272]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-05 202840]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-05 94808]

S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2009-03-20 460800]

S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2009-11-25 1664560]

S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-04-02 74184]

S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-04-02 57288]

S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G DATA\GDScan\GDScan.exe [2009-11-26 302152]

S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-04-02 42952]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

.

.

.

--------- X64 Entries -----------

.

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube Download - c:\users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.178.1

FF - ProfilePath - c:\users\Olli\AppData\Roaming\Mozilla\Firefox\Profiles\7zy9oa8l.default\

FF - prefs.js: browser.startup.homepage - www.spiegel.de

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]

"ImagePath"="\??\c:\windows\system32\C7F1.tmp"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-452341925-160998940-2424023990-1001\Software\SecuROM\License information*]

"datasecu"=hex:6c,fe,80,ac,c4,a4,32,69,7c,4e,0c,30,26,81,45,da,80,c1,19,6c,18,

   69,c9,17,c1,1d,fa,59,5f,51,5c,95,ae,2e,80,c3,96,4a,b6,51,ca,4e,d8,6c,1d,82,\

"rkeysecu"=hex:31,c0,5b,a3,ad,5c,9a,f0,e8,84,d9,4f,bb,7c,dd,c0

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-10-02  18:33:10

ComboFix-quarantined-files.txt  2012-10-02 16:33

.

Vor Suchlauf: 16 Verzeichnis(se), 208.774.664.192 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 208.837.623.808 Bytes frei

.

- - End Of File - - C2034544AAA7184951630100F27A5070

--- --- ---

COMBOFIX.txt:

Combofix Logfile:

Code:

ComboFix 12-10-02.02 - Olli 02.10.2012  18:10:02.3.4 - x64

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6143.4248 [GMT 2:00]

ausgeführt von:: c:\users\Olli\Desktop\ComboFix.exe

AV: G Data InternetSecurity 2010 *Disabled/Updated* {54ACC2FC-837E-E665-7A92-5352D560D5EF}

FW: G Data Personal Firewall *Enabled* {6C9743D9-C911-E73D-51CD-FA672BB39294}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-09-02 bis 2012-10-02  ))))))))))))))))))))))))))))))

.

.

2012-10-02 16:18 . 2012-10-02 16:18        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2012-10-02 16:18 . 2012-10-02 16:18        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-10-01 06:35 . 2012-08-30 07:27        9308616        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{18ABD1A1-B485-4A4A-8DA2-779ABD01D9FB}\mpengine.dll

2012-09-26 19:14 . 2012-09-26 19:14        --------        d-----w-        c:\windows\SysWow64\wbem\Performance

2012-09-26 19:13 . 2008-05-08 05:03        303616        ----a-w-        C:\SetACL.exe

2012-09-26 19:12 . 2004-06-11 23:33        290304        ----a-w-        C:\subinacl.exe

2012-09-26 13:08 . 2012-09-26 19:17        181064        ----a-w-        c:\windows\PSEXESVC.EXE

2012-09-26 13:07 . 2012-09-26 19:13        --------        d-----w-        C:\Tweaking.com_Windows_Repair_Logs

2012-09-26 13:07 . 2012-09-26 13:07        --------        d-----w-        c:\program files (x86)\Tweaking.com

2012-09-26 06:57 . 2012-08-21 21:01        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe

2012-09-24 14:36 . 2012-08-24 11:23        174216        ----a-w-        c:\program files\Internet Explorer\sqmapi.dll

2012-09-16 18:28 . 2012-09-16 18:28        --------        d-----w-        c:\program files (x86)\ESET

2012-09-16 18:21 . 2012-09-16 18:21        --------        d-----w-        c:\users\Olli\AppData\Roaming\Malwarebytes

2012-09-16 18:21 . 2012-09-16 18:21        --------        d-----w-        c:\programdata\Malwarebytes

2012-09-16 18:21 . 2012-09-16 18:21        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-09-16 18:21 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-09-16 11:25 . 2012-09-16 11:25        --------        d-sh--w-        c:\programdata\DSS

2012-09-13 07:04 . 2012-09-13 07:04        --------        d-----w-        c:\program files (x86)\Sophos

2012-09-12 18:13 . 2012-08-22 18:12        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys

2012-09-12 18:13 . 2012-07-04 20:26        41472        ----a-w-        c:\windows\system32\drivers\RNDISMP.sys

2012-09-12 18:13 . 2012-08-22 18:12        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-09-12 18:13 . 2012-08-22 18:12        376688        ----a-w-        c:\windows\system32\drivers\netio.sys

2012-09-12 18:13 . 2012-08-02 17:58        574464        ----a-w-        c:\windows\system32\d3d10level9.dll

2012-09-12 18:13 . 2012-08-02 16:57        490496        ----a-w-        c:\windows\SysWow64\d3d10level9.dll

2012-09-12 18:13 . 2012-08-22 18:12        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

2012-09-10 20:17 . 2012-09-10 20:17        --------        d-----w-        c:\users\Olli\AppData\Roaming\YourFileDownloader

2012-09-10 17:32 . 2012-09-10 17:32        --------        d-----w-        c:\programdata\Fighters

2012-09-10 10:21 . 2012-09-10 10:21        --------        d-----w-        c:\users\Olli\AppData\Roaming\TrojanHunter

2012-09-10 07:51 . 2012-09-10 17:43        --------        d-----w-        c:\program files (x86)\TrojanHunter 5.5

2012-09-10 07:40 . 2012-09-10 07:40        289768        ----a-w-        c:\windows\system32\javaws.exe

2012-09-10 07:40 . 2012-09-10 07:40        108008        ----a-w-        c:\windows\system32\WindowsAccessBridge-64.dll

2012-09-10 07:40 . 2012-09-10 07:40        189416        ----a-w-        c:\windows\system32\javaw.exe

2012-09-10 07:40 . 2012-09-10 07:40        188904        ----a-w-        c:\windows\system32\java.exe

2012-09-10 07:40 . 2012-09-10 07:40        --------        d-----w-        c:\program files\Java

2012-09-10 07:28 . 2012-09-10 07:47        --------        d-----w-        c:\users\Olli\AppData\Roaming\QuickScan

2012-09-05 21:25 . 2012-09-05 22:47        --------        d-----w-        c:\program files (x86)\Guild Wars 2

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-01 06:34 . 2011-04-08 12:57        106224        ----a-w-        c:\windows\SysWow64\drivers\GRD.sys

2012-09-25 20:08 . 2011-04-04 17:01        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe

2012-09-25 20:08 . 2011-04-03 10:57        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr

2012-09-25 20:08 . 2011-04-04 17:01        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0

2012-09-12 19:03 . 2011-04-01 20:35        64462936        ----a-w-        c:\windows\system32\MRT.exe

2012-09-10 07:40 . 2012-04-24 15:41        916456        ----a-w-        c:\windows\system32\deployJava1.dll

2012-09-10 07:40 . 2012-04-24 15:41        1034216        ----a-w-        c:\windows\system32\npdeployJava1.dll

2012-09-05 14:51 . 2012-04-04 06:59        696520        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-05 14:51 . 2011-05-19 14:30        73416        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-28 18:24 . 2012-07-15 20:26        477168        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll

2012-08-28 18:24 . 2011-05-24 09:15        473072        ----a-w-        c:\windows\SysWow64\deployJava1.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"GDFirewallTray"="c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe" [2009-09-24 1124424]

"G DATA AntiVirus Trayapplication"="c:\program files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe" [2009-09-18 924232]

"CTxfiHlp"="CTXFIHLP.EXE" [2010-05-05 25600]

"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-10-28 618496]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"LWS"="c:\program files (x86)\Logitech\LWS\Webcam Software\LWS.exe" [2011-11-11 205336]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]

"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2009-03-20 1904640]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-03-06 421736]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

.

R1 GRD;G Data Rootkit Detector Driver;c:\windows\system32\drivers\GRD.sys [x]

R2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-09-07 676936]

R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-04-03 1262912]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 ALSysIO;ALSysIO;c:\users\Olli\AppData\Local\Temp\ALSysIO64.sys [x]

R3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2011-11-10 10567680]

R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2011-11-10 325632]

R3 AODDriver4.0;AODDriver4.0;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2011-10-17 93712]

R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys [2009-03-20 14120]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-04-02 79360]

R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS [2010-05-05 202840]

R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]

R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS [2010-05-05 94808]

R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\C7F1.tmp [x]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]

R3 MSICDSetup;MSICDSetup;D:\CDriver64.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2012-03-09 1255736]

S0 GDBehave;GDBehave;c:\windows\system32\drivers\GDBehave.sys [2011-04-02 34760]

S1 gdwfpcd;G DATA WFP CD;c:\windows\system32\DRIVERS\gdwfpcd64.sys [2011-04-02 48584]

S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-11-10 204288]

S2 AVKProxy;G Data AntiVirus Proxy;c:\program files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe [2009-12-07 1128008]

S2 AVKService;G Data Scheduler;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2009-08-08 397896]

S2 AVKWCtl;G Data Dateisystem Wächter;c:\program files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2009-11-25 1731504]

S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-09-07 399432]

S2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2009-11-17 11576]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-04-03 382272]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS [2010-05-05 202840]

S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS [2010-05-05 1417304]

S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS [2010-05-05 94808]

S3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys [2009-03-20 460800]

S3 GDFwSvc;G Data Personal Firewall;c:\program files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2009-11-25 1664560]

S3 GDMnIcpt;GDMnIcpt;c:\windows\system32\drivers\MiniIcpt.sys [2011-04-02 74184]

S3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys [2011-04-02 57288]

S3 GDScan;G Data Scanner;c:\program files (x86)\Common Files\G DATA\GDScan\GDScan.exe [2009-11-26 302152]

S3 HookCentre;HookCentre;c:\windows\system32\drivers\HookCentre.sys [2011-04-02 42952]

S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

S3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-09-07 25928]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-01-17 188224]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

.

.

.

--------- X64 Entries -----------

.

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = about:blank

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: Free YouTube Download - c:\users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm

IE: Free YouTube to MP3 Converter - c:\users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: DhcpNameServer = 192.168.178.1

FF - ProfilePath - c:\users\Olli\AppData\Roaming\Mozilla\Firefox\Profiles\7zy9oa8l.default\

FF - prefs.js: browser.startup.homepage - www.spiegel.de

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2]

"ImagePath"="\??\c:\windows\system32\C7F1.tmp"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-452341925-160998940-2424023990-1001\Software\SecuROM\License information*]

"datasecu"=hex:6c,fe,80,ac,c4,a4,32,69,7c,4e,0c,30,26,81,45,da,80,c1,19,6c,18,

   69,c9,17,c1,1d,fa,59,5f,51,5c,95,ae,2e,80,c3,96,4a,b6,51,ca,4e,d8,6c,1d,82,\

"rkeysecu"=hex:31,c0,5b,a3,ad,5c,9a,f0,e8,84,d9,4f,bb,7c,dd,c0

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-10-02  18:33:10

ComboFix-quarantined-files.txt  2012-10-02 16:33

.

Vor Suchlauf: 16 Verzeichnis(se), 208.774.664.192 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 208.837.623.808 Bytes frei

.

- - End Of File - - C2034544AAA7184951630100F27A5070

--- --- ---

Und Jetzt bitte ne frische Version von OTL laden, der Fehler wurde behoben. Bitte dann das Log posten.

Hast Du einen Router?

Hi Schrauber, ich bin erst am Montag wieder Zuhause!

Ich melde mich dann mit einem neuem OTL Logfile wieder.

Ja, ich habe einen WLAN-Router, Fritzbox.

Gut, zur Not müssen wir da auch noch ran.

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 04.10.2012 09:21:16 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Olli\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,28 Gb Available Physical Memory | 71,42% Memory free

12,00 Gb Paging File | 9,84 Gb Available in Paging File | 81,99% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 297,99 Gb Total Space | 194,58 Gb Free Space | 65,30% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 344,41 Gb Free Space | 73,95% Space Free | Partition Type: NTFS

 

Computer Name: OLLI-PC | User Name: Olli | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /BOOKMARK "%1" (Nullsoft)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\Winamp.exe" /ADD "%1" (Nullsoft)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\Winamp.exe" "%1" (Nullsoft)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0B27798B-3178-4790-A712-383F9C42360E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{1C850CD3-5BED-4FB4-B2F9-04746A1AD3E8}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{1F0437C4-4E33-49EC-988C-E6B827AEA310}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{25BA41DF-9DEE-42BC-8273-D9D73314D379}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{51142666-9F1C-46BB-8679-B50B6837DC42}" = lport=137 | protocol=17 | dir=in | app=system | 

"{5118F14A-BC94-4CD7-B4A2-9481E2CFECEC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{601E5A0B-BD8F-40E7-8446-38F04E31EA20}" = lport=139 | protocol=6 | dir=in | app=system | 

"{6DDCCA7C-B368-46B5-A99C-C1C7467BC913}" = lport=445 | protocol=6 | dir=in | app=system | 

"{79F897F7-2E70-4589-B68E-E80C5A33B3F8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{7DCDDCC9-B4F7-473F-8632-82DB712FC5AD}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{8C371489-5FC2-4598-95AF-4F1A25FD486E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{94F902E1-51DC-4D07-8802-495151B6A94E}" = lport=138 | protocol=17 | dir=in | app=system | 

"{A077AEB6-E2FC-41A9-92E8-D2E7747AB0ED}" = rport=139 | protocol=6 | dir=out | app=system | 

"{A78EB2BC-42E3-4234-8ADE-390BA51A84AA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{A8B561C3-76F3-4FFB-A250-036754E6A91E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{BBB32DD2-D4B4-47D9-B9D5-DA5A06534B6E}" = rport=137 | protocol=17 | dir=out | app=system | 

"{BE6150F9-47D9-4F57-8AFC-B0909E5D578D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{C892C80E-412C-4D32-AC4C-8F26DDCE144D}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{CE3398D4-96FA-41AF-9BF8-08B4BE63AF03}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{E4117EA7-13BC-4BFA-B144-8EA5A676ED2F}" = rport=138 | protocol=17 | dir=out | app=system | 

"{E8771B98-DB70-425C-BB36-8FC2009470D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{EE35D0E9-370B-4DD7-A4B9-F631F1A0203F}" = rport=445 | protocol=6 | dir=out | app=system | 

"{F4CEDFD8-CC51-4FC5-AC9B-AC461108AC1B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{04582BB0-6CDD-420F-A908-9940FEDA551C}" = protocol=6 | dir=in | app=x:\games\codmw2\steamapps\dipset85\counter-strike\hl.exe | 

"{072C331B-4EEC-47B7-88F5-78A42D798622}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 

"{08A0BE2D-A884-4095-90DB-AA1954A298EF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{09277CA0-F9BF-46AC-9D4E-E1A8CFA9DEB8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{0DAF2A75-A05A-4EFB-A35D-91570484355B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{10DB6B99-0F5A-4E85-A4B8-340042E6CF27}" = protocol=17 | dir=in | app=x:\games\codmw2\steam.exe | 

"{18B1EAFE-D7FD-467D-BDE3-F7799CBB56B4}" = protocol=17 | dir=in | app=x:\games\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 

"{21D4BFB7-46D0-46A8-9CEB-DF8102D7AFDF}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{29D168C8-4AAB-48A4-BAE9-60EF6ACA196C}" = protocol=17 | dir=in | app=x:\games\steam.exe | 

"{2D44CC73-29A2-4833-BDC9-56843EED16E5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{30EF4FF0-8188-45A0-B566-31D4E04E555D}" = protocol=6 | dir=in | app=x:\games\codmw2\steam.exe | 

"{314FFE5A-F7D7-4C81-8DA8-2966C6134016}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{319F6D45-0E4A-42F8-A861-767A14A97F91}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{33B4CBBF-37A1-4F20-B726-7C75D1D2D144}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe | 

"{38ECC067-F02B-41E9-AE3B-95440A6D9AD5}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe | 

"{3AE25A6F-433D-4BCB-8439-6C1E0DDC46F3}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 

"{3FA56E71-8C36-4CCE-BC74-FEDF5F0381DD}" = protocol=17 | dir=in | app=x:\games\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 

"{406313EB-21CC-42CF-9392-B786CEA8BA43}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{451AAD12-168D-4922-A4E7-266A8C26AD02}" = protocol=17 | dir=in | app=c:\bf3\battlefield 3\bf3.exe | 

"{490518CF-54F9-49EF-A39A-14670E1C1BA4}" = protocol=6 | dir=in | app=x:\games\bfbc2\bfbc2updater.exe | 

"{49296814-66AA-4432-B47F-865B57A387BB}" = protocol=6 | dir=in | app=x:\games\assasinscreed\acbmp.exe | 

"{5227BBB7-890C-4398-9FCE-136BC76E5E6F}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{54E02F73-958A-4BA5-ABA8-58E6F25386B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{57CDA3E0-71E9-4F4E-B5DA-E0C66664EA20}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{587C7944-05E0-43FE-A8E7-F88CB5FD76EB}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{5A61F4C0-1FE3-4936-8C27-2C70EC55F5F1}" = protocol=17 | dir=in | app=x:\games\assasinscreed\acbmp.exe | 

"{605B6514-306E-4D86-BBF0-80EF10E8771D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{6070BAF5-49D4-4D70-A068-BD931CF22BD3}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 

"{746F494A-8BCF-4C04-AEC0-7813910B1BA6}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{76E87143-8688-4E46-9D13-94F42E754340}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 

"{772145FF-FDAE-4E70-9789-CDC31040BD76}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{79BBCEC2-C6CF-471B-A784-43235F69B889}" = protocol=17 | dir=in | app=x:\games\bfbc2\bfbc2updater.exe | 

"{7A120BC3-093F-464A-BADD-8C8778FFE26A}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scx3200\scan2pc.exe | 

"{7B309D9D-54E7-4F10-B27F-EA1610ECA3FB}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{869B4E44-833F-4987-9BA0-00CD3F5D4F50}" = protocol=17 | dir=in | app=x:\games\codmw2\steamapps\dipset85\counter-strike\hl.exe | 

"{8AA69F28-AC42-48F6-9E85-D69230215D2E}" = protocol=17 | dir=in | app=c:\bf3\fifa 13 demo\game\fifa13_demo.exe | 

"{8AB2E934-E847-45A4-BA96-69872648C092}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{8AEBD122-DFF5-4A79-8553-AAF50CEA0435}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{9030B53F-96DA-411C-9D02-CAF42BC6579A}" = protocol=6 | dir=in | app=x:\games\steamapps\common\call of duty modern warfare 2\iw4sp.exe | 

"{933FA251-53FA-4E44-A096-8A8C719847D6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{94B2370E-2D15-4F35-AEEF-BEACCE963669}" = protocol=6 | dir=in | app=x:\games\steamapps\common\call of duty modern warfare 2\iw4mp.exe | 

"{965C6832-8F77-484A-B0BA-FC8AE481419D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{96A53AD8-C628-4183-8FDB-9A0EECEE9214}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe | 

"{9CB6E031-D89C-447B-88D3-E9C5A16E4D18}" = protocol=6 | dir=in | app=c:\program files (x86)\yourfiledownloader\yourfile.exe | 

"{9FC2F99F-C7DF-4933-BEB5-584007E956F7}" = protocol=6 | dir=in | app=c:\windows\twain_32\samsung\scanmgr.exe | 

"{A0515EC3-7622-4DF2-9754-8035E278AF9A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{AA95F302-552C-43AE-ADE1-A33601E997FF}" = protocol=17 | dir=in | app=c:\program files (x86)\yourfiledownloader\downloader.exe | 

"{AB4C3FF6-5DCB-4818-8DF6-1970E1F3D5B0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{ACCF4CE8-4989-4D09-94A9-82764E87F815}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{AF11DFE2-F4E5-4B47-974F-B919BB2B78E3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{B9E85375-EBBE-425A-A16A-20564C835863}" = protocol=6 | dir=in | app=x:\games\steam.exe | 

"{BA5BF999-CC6E-45F5-9F28-EC714C22CB18}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{BABB5D13-77AB-4743-9BFD-D22845E79355}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{BB6DF1F3-32A1-445F-B6F8-FB2F339A0609}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{C644EACB-45B7-43D6-9DF1-C952AE330E94}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{C7EB74D4-C45E-4B3C-AC8C-40C941024357}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.3\sonarhost.exe | 

"{D18EC2C1-AE10-4E59-BC06-346FA99D9FC6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{D69FEDDE-EF56-401A-80CE-8D52ABA9CA7F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{DD1E2249-4871-47E8-AEB2-CCD3C0C122F7}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{DF969C55-8DC3-4B17-B605-190FCE9516AF}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.3\sonarhost.exe | 

"{E463A517-79C4-48CA-B399-720BA3BE20C9}" = protocol=6 | dir=in | app=c:\bf3\fifa 13 demo\game\fifa13_demo.exe | 

"{F3A6B580-D3A2-4105-B48B-3FBAA79ECA46}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{F76DC445-6F86-4500-AF4F-440866E057A7}" = protocol=17 | dir=in | app=c:\windows\twain_32\samsung\scx3200\sscan2io.exe | 

"{FC3C33A2-3B8D-454C-BEF9-40E5DDD70199}" = protocol=6 | dir=out | app=system | 

"{FF4E06C1-557E-4538-A26F-A0506A0EF198}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{FF56C5BF-B698-40DE-BE77-CDE8BDD93744}" = protocol=6 | dir=in | app=c:\bf3\battlefield 3\bf3.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects

"{26A24AE4-039D-4CA4-87B4-2F86417007FF}" = Java 7 Update 7 (64-bit)

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 301.24

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 301.24

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 301.24

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 301.24

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0213

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.8.12

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.12.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"WinRAR archiver" = WinRAR 4.00 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video

"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi

"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main

"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin

"{26A24AE4-039D-4CA4-87B4-2F83216022F0}" = Java(TM) 6 Update 22

"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35

"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT

"{3F499657-766A-4A5F-AEE9-A1F8D295A4CE}" = FIFA 13 Demo

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery

"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher

"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software

"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup

"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System

"{90850407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Word Viewer 2003

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin

"{BF6CF460-40C3-49BA-800A-4B934B6498B1}" = Scan Assistant

"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update

"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam-Software

"{D729E05E-B2B9-4DC4-AF57-47310576EDE0}" = G Data InternetSecurity

"{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}" = NVIDIA PhysX

"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"AudioCS" = Creative Audio-Systemsteuerung

"AVMWLANCLI" = AVM FRITZ!WLAN

"Battlelog Web Plugins" = Battlelog Web Plugins

"Creative Software AutoUpdate" = Creative Software AutoUpdate

"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition

"Diablo III" = Diablo III

"ESET Online Scanner" = ESET Online Scanner v3

"ESN Sonar-0.70.4" = ESN Sonar

"Foxit Reader" = Foxit Reader

"Free YouTube Download_is1" = Free YouTube Download version 3.0.18.1123

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.13.1123

"Guild Wars 2" = Guild Wars 2

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400

"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"OpenAL" = OpenAL

"Opera 12.02.1578" = Opera 12.02

"Origin" = Origin

"PokerStars.net" = PokerStars.net

"PunkBusterSvc" = PunkBuster Services

"Revo Uninstaller" = Revo Uninstaller 1.93

"Samsung SCX-3200 Series" = Samsung SCX-3200 Series

"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.20

"SystemRequirementsLab" = System Requirements Lab

"Tweaking.com - Windows Repair (All in One)" = Tweaking.com - Windows Repair (All in One)

"Virtual DJ - Atomix Productions" = Virtual DJ - Atomix Productions

"VLC media player" = VLC media player 1.1.9

"Winamp" = Winamp (remove only)

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 01.10.2012 09:22:38 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = ResolveSimultaneousProbe: 00000000004CBFD0 Our Record 3 lost: 84BF8EBE

   16 Olli-PC.local. AAAA FE80:0000:0000:0000:2C91:F609:2257:3AC0

 

Error - 01.10.2012 09:22:38 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Ignoring response received before we even

 began probing:    4 Olli-PC.local. Addr 192.168.178.21

 

Error - 01.10.2012 09:22:38 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Ignoring response received before we even

 began probing:   16 Olli-PC.local. AAAA FE80:0000:0000:0000:2C91:F609:2257:3AC0

 

Error - 01.10.2012 09:22:38 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Ignoring response received before we even

 began probing:    4 Olli-PC.local. Addr 192.168.178.21

 

Error - 01.10.2012 09:22:38 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Ignoring response received before we even

 began probing:   16 Olli-PC.local. AAAA FE80:0000:0000:0000:2C91:F609:2257:3AC0

 

Error - 01.10.2012 09:22:39 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: Received from 192.168.178.25:5353    4 Olli-PC.local.

 Addr 192.168.178.25

 

Error - 01.10.2012 09:22:39 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = mDNSCoreReceiveResponse: ProbeCount 1; will deregister    4 Olli-PC.local.

 Addr 192.168.178.21

 

Error - 01.10.2012 09:22:39 | Computer Name = Olli-PC | Source = Bonjour Service | ID = 100

Description = Local Hostname Olli-PC.local already in use; will try Olli-PC-2.local

 instead

 

Error - 01.10.2012 13:02:29 | Computer Name = Olli-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files

 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder

 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion

 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt

 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error - 02.10.2012 11:46:14 | Computer Name = Olli-PC | Source = SideBySide | ID = 16842832

Description = Fehler beim Generieren des Aktivierungskontexts für "c:\program files

 (x86)\ESET\eset online scanner\ESETSmartInstaller.exe". Fehler in  Manifest- oder

 Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion

 steht in Konflikt mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt

 stehende Komponenten:.  Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente

 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

[ System Events ]

Error - 02.10.2012 12:12:29 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 02.10.2012 12:19:04 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 02.10.2012 12:39:00 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht 

gestartet:   %%3

 

Error - 02.10.2012 12:39:01 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 02.10.2012 12:41:08 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 02.10.2012 12:41:08 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 04.10.2012 02:24:27 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "AODDriver4.01" wurde aufgrund folgenden Fehlers nicht 

gestartet:   %%3

 

Error - 04.10.2012 02:24:28 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:

   %%2

 

Error - 04.10.2012 02:26:34 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 04.10.2012 02:26:34 | Computer Name = Olli-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

 

< End of report >

--- --- ---

OTL Logfile:

Code:

OTL logfile created on: 04.10.2012 09:21:16 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Olli\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,28 Gb Available Physical Memory | 71,42% Memory free

12,00 Gb Paging File | 9,84 Gb Available in Paging File | 81,99% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 297,99 Gb Total Space | 194,58 Gb Free Space | 65,30% Space Free | Partition Type: NTFS

Drive E: | 465,76 Gb Total Space | 344,41 Gb Free Space | 73,95% Space Free | Partition Type: NTFS

 

Computer Name: OLLI-PC | User Name: Olli | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.04 09:21:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe

PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2012.09.05 16:51:44 | 001,807,560 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_265.exe

PRC - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.02.19 22:26:04 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

PRC - [2011.11.11 15:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

PRC - [2010.10.28 12:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

PRC - [2010.05.05 19:56:42 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe

PRC - [2010.05.05 19:51:56 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe

PRC - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe

PRC - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe

PRC - [2009.09.24 10:50:56 | 001,124,424 | ---- | M] (G DATA Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe

PRC - [2009.09.18 15:49:08 | 000,924,232 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe

PRC - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe

PRC - [2009.03.20 02:03:00 | 001,904,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe

PRC - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe

PRC - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2012.09.05 16:51:44 | 009,813,704 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll

MOD - [2012.04.03 07:15:22 | 000,368,448 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

MOD - [2011.09.27 08:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.09.27 08:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.08.12 13:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTXml4.dll

MOD - [2011.08.12 13:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll

MOD - [2011.08.12 13:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll

MOD - [2011.08.12 13:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTGui4.dll

MOD - [2011.08.12 13:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files (x86)\Logitech\LWS\Webcam Software\QTCore4.dll

MOD - [2010.10.28 12:14:44 | 000,618,496 | ---- | M] () -- C:\Windows\Samsung\PanelMgr\SSMMgr.exe

MOD - [2009.03.26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL

MOD - [2006.06.09 15:20:04 | 000,003,072 | ---- | M] () -- C:\Windows\SysWOW64\CTXFIGER.DLL

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2011.11.10 05:11:32 | 000,204,288 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.04.03 19:18:00 | 001,262,912 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.04.03 07:15:44 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.02.19 22:26:04 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012.01.18 08:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)

SRV - [2011.04.02 11:34:17 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.12.07 15:38:02 | 001,128,008 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G DATA\AVKProxy\AVKProxy.exe -- (AVKProxy)

SRV - [2009.11.26 13:50:52 | 000,302,152 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G DATA\GDScan\GDScan.exe -- (GDScan)

SRV - [2009.11.25 03:07:32 | 001,731,504 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe -- (AVKWCtl)

SRV - [2009.11.25 03:05:05 | 001,664,560 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe -- (GDFwSvc)

SRV - [2009.08.08 12:33:28 | 000,397,896 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe -- (AVKService)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.03.20 02:03:00 | 000,368,640 | R--- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WLanNetService.exe -- (AVM WLAN Connection Service)

SRV - [2009.02.23 11:43:54 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - File not found [Kernel | Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.01)

DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys -- (AODDriver4.0)

DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.01.24 09:47:56 | 000,052,160 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiBus.sys -- (SaiNtBus)

DRV:64bit: - [2012.01.24 09:47:56 | 000,024,640 | ---- | M] (Saitek) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SaiMini.sys -- (SaiMini)

DRV:64bit: - [2012.01.18 08:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)

DRV:64bit: - [2012.01.18 08:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)

DRV:64bit: - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2011.11.10 05:45:30 | 010,567,680 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2011.11.10 04:12:44 | 000,325,632 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2011.10.17 19:40:50 | 000,093,712 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)

DRV:64bit: - [2011.06.10 07:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.04.02 11:27:43 | 000,057,288 | ---- | M] (G DATA Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt)

DRV:64bit: - [2011.04.02 11:27:35 | 000,074,184 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt)

DRV:64bit: - [2011.04.02 11:26:02 | 000,048,584 | ---- | M] (G DATA Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd)

DRV:64bit: - [2011.04.02 11:25:55 | 000,034,760 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave)

DRV:64bit: - [2011.04.02 11:11:31 | 000,042,952 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.05.05 21:30:52 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)

DRV:64bit: - [2010.05.05 21:30:42 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)

DRV:64bit: - [2010.05.05 21:30:34 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)

DRV:64bit: - [2010.05.05 21:30:26 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)

DRV:64bit: - [2010.05.05 21:30:18 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)

DRV:64bit: - [2010.05.05 21:30:10 | 000,684,376 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)

DRV:64bit: - [2010.05.05 21:30:02 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)

DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)

DRV:64bit: - [2010.05.05 21:29:52 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)

DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)

DRV:64bit: - [2010.05.05 21:29:42 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)

DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)

DRV:64bit: - [2010.05.05 21:29:34 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)

DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)

DRV:64bit: - [2009.11.17 02:16:43 | 000,011,576 | R--- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\SSPORT.sys -- (SSPORT)

DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 02:01:09 | 000,679,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xnacc.sys -- (xnacc)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GearAspiWDM)

DRV:64bit: - [2009.03.20 02:03:00 | 000,460,800 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusb.sys -- (FWLANUSB)

DRV:64bit: - [2009.03.20 02:03:00 | 000,014,120 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)

DRV - [2012.10.01 08:34:30 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD)

DRV - [2009.10.28 07:09:33 | 000,011,576 | ---- | M] (Samsung Electronics) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\SSPORT.SYS -- (SSPORT)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 68 66 0D FC 25 CC 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {2016611B-8A4B-42C2-9469-F95EE3477331}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\..\SearchScopes\{2016611B-8A4B-42C2-9469-F95EE3477331}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "www.spiegel.de"

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.104.0: C:\Program Files (x86)\Battlelog Web Plugins\1.104.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.116.0: C:\Program Files (x86)\Battlelog Web Plugins\1.116.0\npesnlaunch.dll File not found

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.25 19:52:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2011.04.02 17:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli\AppData\Roaming\mozilla\Extensions

[2011.04.02 17:18:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Olli\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2012.09.25 19:52:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011.04.02 11:27:06 | 000,000,000 | ---D | M] (G Data WebFilter) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170633FE}

[2012.07.15 22:26:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

[2012.09.05 17:26:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.09.05 17:21:39 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml

[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2012.09.26 21:15:24 | 000,000,855 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG)

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O3:64bit: - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIEx64.dll (G Data Software AG)

O3 - HKLM\..\Toolbar: (G Data WebFilter) - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:\Program Files (x86)\G Data\InternetSecurity\Webfilter\AVKWebIE.dll (G Data Software AG)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\WLanGUI.exe (AVM Berlin)

O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [G DATA AntiVirus Trayapplication] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG)

O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (G DATA Software AG)

O4 - HKLM..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)

O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)

O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab (Creative Software AutoUpdate Support Package 2)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15116/CTPID.cab (Creative Software AutoUpdate Support Package 1)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{75A3CA0E-161F-4AE2-85AE-3D6100F4961F}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0A71D75-3B44-4A9E-B0A2-A5FADD0C1D2A}: DhcpNameServer = 192.168.178.1

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.04 09:21:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe

[2012.10.02 18:40:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2012.10.02 18:08:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2012.10.02 18:08:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2012.10.02 18:08:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2012.10.02 18:08:46 | 000,000,000 | ---D | C] -- C:\Qoobox

[2012.10.02 18:04:58 | 004,759,935 | R--- | C] (Swearware) -- C:\Users\Olli\Desktop\ComboFix.exe

[2012.10.02 18:03:41 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Paul Kalkbrenner - Icke Wieder (2011)

[2012.10.02 18:03:23 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Paul Kalkbrenner Berlin Calling The.Soundtrack 2008 CHEERIOS

[2012.10.01 21:29:44 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Olli\Desktop\dds.scr

[2012.10.01 14:41:43 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\VERKAUFEEEEEEEEN

[2012.09.26 21:17:12 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution

[2012.09.26 21:12:02 | 000,290,304 | ---- | C] (Microsoft Corporation) -- C:\subinacl.exe

[2012.09.26 15:08:27 | 000,181,064 | ---- | C] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2012.09.26 15:07:29 | 000,000,000 | ---D | C] -- C:\Tweaking.com_Windows_Repair_Logs

[2012.09.26 15:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com

[2012.09.26 15:07:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tweaking.com

[2012.09.26 08:57:26 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe

[2012.09.25 21:41:58 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\XAVAS - Gespaltene Persönlichkeit (2012)

[2012.09.25 19:52:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012.09.25 19:49:52 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Miguel - Kaleidoscope Dream (Album)

[2012.09.24 16:36:46 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012.09.24 16:36:46 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.09.24 16:36:45 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012.09.24 16:36:45 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012.09.24 16:36:45 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.09.24 16:36:45 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.09.24 16:36:45 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012.09.24 16:36:45 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012.09.24 16:36:44 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012.09.24 16:36:44 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012.09.24 16:36:44 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.09.24 16:36:44 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012.09.24 16:36:43 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.09.24 16:36:43 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012.09.24 16:36:42 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.09.24 16:23:56 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Bücher Verkauf

[2012.09.17 23:25:35 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Auto Stick Songz

[2012.09.16 20:28:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.09.16 20:21:52 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\Malwarebytes

[2012.09.16 20:21:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.09.16 20:21:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.09.16 20:21:34 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.09.16 20:21:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.09.16 14:07:41 | 000,000,000 | ---D | C] -- C:\Windows\erdnt

[2012.09.16 13:25:54 | 000,000,000 | -HSD | C] -- C:\ProgramData\DSS

[2012.09.16 13:25:46 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\FIFA 13

[2012.09.16 13:25:06 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\FIFA 13 Demo

[2012.09.16 13:14:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 13 Demo

[2012.09.16 13:14:29 | 000,000,000 | ---D | C] -- C:\Config.Msi

[2012.09.13 09:04:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos

[2012.09.13 09:04:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos

[2012.09.12 20:13:27 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys

[2012.09.12 20:13:25 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll

[2012.09.12 20:13:25 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys

[2012.09.12 20:13:24 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS

[2012.09.11 22:12:38 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Daddy_Yankee-Prestige-2012

[2012.09.10 22:24:13 | 000,388,608 | ---- | C] (Trend Micro Inc.) -- C:\Users\Olli\Desktop\HiJackThis204.exe

[2012.09.10 22:17:31 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\YourFileDownloader

[2012.09.10 19:32:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Fighters

[2012.09.10 12:21:42 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\TrojanHunter

[2012.09.10 09:51:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TrojanHunter 5.5

[2012.09.10 09:40:40 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe

[2012.09.10 09:40:32 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe

[2012.09.10 09:40:32 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

[2012.09.10 09:40:32 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll

[2012.09.10 09:40:20 | 000,000,000 | ---D | C] -- C:\Program Files\Java

[2012.09.10 09:35:22 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Miguel - Kaleidoscope Dream The Air Preview - EP BMF

[2012.09.10 09:28:33 | 000,000,000 | ---D | C] -- C:\Users\Olli\AppData\Roaming\QuickScan

[2012.09.05 23:46:49 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Nas-Life_is_Good-2012-NOiR

[2012.09.05 23:42:46 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\DJ Khaled  Kiss The Ring (Deluxe Edition) 2012-CR

[2012.09.05 23:25:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2

[2012.09.05 23:25:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Guild Wars 2

[2012.09.05 23:24:40 | 000,000,000 | ---D | C] -- C:\Users\Olli\Documents\Guild Wars 2

[2012.09.05 23:02:42 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP

[2012.09.05 22:56:16 | 000,000,000 | ---D | C] -- C:\Users\Olli\Desktop\Talib Kweli  Z-Trip - Attack The Block

[2012.09.05 17:26:11 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2012.09.05 17:26:10 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2012.09.05 17:26:10 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2012.09.05 16:47:44 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll

[2012.09.05 16:47:41 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll

[2012.09.05 16:47:41 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll

[2012.09.05 16:47:41 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe

[2012.09.05 16:47:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll

[2012.09.05 16:47:38 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll

[2012.09.05 16:47:38 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll

[2012.09.05 16:47:36 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.04 09:21:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Olli\Desktop\OTL.exe

[2012.10.04 09:11:24 | 000,142,494 | ---- | M] () -- C:\Users\Olli\Desktop\Groupon-5652315535.pdf

[2012.10.04 08:32:51 | 000,013,760 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.04 08:32:51 | 000,013,760 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.04 08:28:51 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.10.04 08:28:51 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.10.04 08:28:51 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.10.04 08:28:51 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.10.04 08:28:51 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.10.04 08:24:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.10.04 08:23:56 | 536,223,743 | -HS- | M] () -- C:\hiberfil.sys

[2012.10.02 19:21:12 | 000,061,344 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012.10.02 19:21:12 | 000,061,344 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012.10.02 19:21:12 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000003-00000000-00000007-00001102-00000005-00211102}.rfx

[2012.10.02 19:15:31 | 010,064,118 | ---- | M] () -- C:\Users\Olli\Desktop\Kendrick Lamar feat. Dr. Dre - Compton.mp3

[2012.10.02 19:08:43 | 008,680,379 | ---- | M] () -- C:\Users\Olli\Desktop\Tyga feat 2 Chainz - Do My Dance BMF.mp3

[2012.10.02 18:05:23 | 004,759,935 | R--- | M] (Swearware) -- C:\Users\Olli\Desktop\ComboFix.exe

[2012.10.01 21:29:47 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Olli\Desktop\dds.scr

[2012.10.01 20:48:08 | 000,166,451 | ---- | M] () -- C:\Users\Olli\FBScreen.jpg

[2012.10.01 20:39:53 | 000,026,667 | ---- | M] () -- C:\Users\Olli\Desktop\FehlermeldungOTL.jpg

[2012.10.01 08:34:30 | 000,106,224 | ---- | M] (G Data Software) -- C:\Windows\SysWow64\drivers\GRD.sys

[2012.09.26 21:28:26 | 000,029,680 | ---- | M] () -- C:\Users\Olli\Desktop\vdv23.jpg

[2012.09.26 21:17:41 | 000,181,064 | ---- | M] (Sysinternals) -- C:\Windows\PSEXESVC.EXE

[2012.09.26 21:15:24 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2012.09.26 15:07:25 | 000,002,247 | ---- | M] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk

[2012.09.25 22:08:50 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2012.09.25 22:08:50 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2012.09.25 22:08:39 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2012.09.25 19:39:37 | 000,053,880 | ---- | M] () -- C:\Users\Olli\bookmarks-2012-09-25.json

[2012.09.25 19:33:09 | 002,700,544 | ---- | M] () -- C:\Users\Olli\Desktop\Swimming Pools (Remix) Feat. August.mp3

[2012.09.25 19:31:32 | 004,844,902 | ---- | M] () -- C:\Users\Olli\Desktop\Swiss Francs (Remix) Feat. Booba.mp3

[2012.09.25 19:09:05 | 003,976,869 | ---- | M] () -- C:\Users\Olli\Desktop\Ludacris feat Kelly Rowland - Representin' BMF.mp3

[2012.09.19 21:08:35 | 005,969,488 | ---- | M] () -- C:\Users\Olli\Desktop\Hamilton Park feat Meek Mill - Suicide BMF.mp3

[2012.09.18 21:32:23 | 004,711,029 | ---- | M] () -- C:\Users\Olli\Desktop\Fat Joe feat Trey Songz, Pusha T, Ashanti & Miguel - Pride N Joy (Remix) BMF.mp3

[2012.09.18 20:53:36 | 000,053,880 | ---- | M] () -- C:\Users\Olli\bookmarks-2012-09-18.json

[2012.09.17 20:58:45 | 000,163,441 | ---- | M] () -- C:\Users\Olli\fblaednichtvollstaendig.jpg

[2012.09.16 20:21:37 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.09.16 20:12:50 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts_bak_536

[2012.09.16 13:14:39 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk

[2012.09.16 10:39:36 | 000,002,097 | ---- | M] () -- C:\Users\Olli\Desktop\hjtscanlist.zip

[2012.09.12 22:41:24 | 003,825,977 | ---- | M] () -- C:\Users\Olli\Desktop\Aaliyah featuring Drake - Enough Said.mp3

[2012.09.12 22:28:20 | 003,119,814 | ---- | M] () -- C:\Users\Olli\Desktop\Casper - Halbe Mille (HD Video).mp3

[2012.09.12 21:26:54 | 003,986,583 | ---- | M] () -- C:\Users\Olli\Desktop\Jonesmann feat Manuellsen   Wo wär ich.mp3

[2012.09.12 21:24:22 | 004,787,559 | ---- | M] () -- C:\Users\Olli\Desktop\Samson Jones __ _Bis ans Meer_.mp3

[2012.09.12 21:21:32 | 003,757,029 | ---- | M] () -- C:\Users\Olli\Desktop\Jonesmann - So Viel (Thug Life).mp3

[2012.09.12 21:19:00 | 002,847,047 | ---- | M] () -- C:\Users\Olli\Desktop\Samson Jones - Wir bleiben zusammen [HD].mp3

[2012.09.12 21:13:24 | 003,745,134 | ---- | M] () -- C:\Users\Olli\Desktop\First To Last.mp3

[2012.09.12 20:13:58 | 013,759,737 | ---- | M] () -- C:\Users\Olli\Desktop\Matt Struve Fitness - Ultimate 6-Pack Abs Exercise.mp4

[2012.09.11 22:28:29 | 002,291,552 | ---- | M] () -- C:\Users\Olli\Desktop\Foto.JPG

[2012.09.11 14:29:00 | 007,223,973 | ---- | M] () -- C:\Users\Olli\Desktop\19 Fuck U Bitch.mp3

[2012.09.11 14:28:50 | 008,071,465 | ---- | M] () -- C:\Users\Olli\Desktop\20 Love That Bitch (Feat. Jannyce).mp3

[2012.09.10 22:51:57 | 008,812,564 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii feat. Mike Posner - Stay With You (OverLine Edit).mp3

[2012.09.10 22:50:21 | 013,885,765 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Avicii Exclusive Ralph Lauren Denim & Supply Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:48:42 | 015,930,629 | ---- | M] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Lazy Rich Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:24:14 | 000,388,608 | ---- | M] (Trend Micro Inc.) -- C:\Users\Olli\Desktop\HiJackThis204.exe

[2012.09.10 22:05:58 | 014,287,351 | ---- | M] () -- C:\Users\Olli\Desktop\Calvin Harris Ft. Florence Welch - Sweet Nothing (Extended Mix).mp3

[2012.09.10 22:00:56 | 007,723,216 | ---- | M] () -- C:\Users\Olli\Desktop\Daddy Yankee Ft. Nicky Jam - El Party Me Llama.mp3

[2012.09.10 21:57:40 | 009,719,280 | ---- | M] () -- C:\Users\Olli\Desktop\R.J. ft. Pitbull - Live 4 Die 4 (David May Extended Mix).mp3

[2012.09.10 12:21:34 | 000,228,375 | ---- | M] () -- C:\Users\Olli\trojaner.jpg

[2012.09.10 09:51:35 | 000,059,392 | R--- | M] () -- C:\Windows\SysWow64\streamhlp.dll

[2012.09.10 09:40:25 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll

[2012.09.10 09:40:23 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe

[2012.09.10 09:40:23 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe

[2012.09.10 09:40:23 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe

[2012.09.10 09:40:22 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npdeployJava1.dll

[2012.09.10 09:40:22 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll

[2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.09.05 23:36:34 | 012,945,033 | ---- | M] () -- C:\Users\Olli\Desktop\Swedish House Mafia Feat. John Martin - Don't You Worry Child (Extended Mix) www.FreeNutka.pl .mp3

[2012.09.05 23:29:53 | 006,280,213 | ---- | M] () -- C:\Users\Olli\Desktop\Ryan Leslie feat. Fabolous - Beautiful Lie (Final Version).mp3

[2012.09.05 23:28:44 | 004,595,331 | ---- | M] () -- C:\Users\Olli\Desktop\Ryan Leslie - _Winning.mp3

[2012.09.05 23:28:11 | 005,346,387 | ---- | M] () -- C:\Users\Olli\Desktop\Jackie Boyz - Talk To Me (Prod. by Covea Jiles) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:27:25 | 009,178,758 | ---- | M] () -- C:\Users\Olli\Desktop\T-Town ft. Mike Hough - Here With Me (Produced by T-Town).mp3

[2012.09.05 23:25:04 | 000,000,892 | ---- | M] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk

[2012.09.05 23:10:16 | 007,704,956 | ---- | M] () -- C:\Users\Olli\Desktop\Alicia Keys feat. Nicki Minaj - Girl On Fire (Inferno Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:09:36 | 006,253,436 | ---- | M] () -- C:\Users\Olli\Desktop\Alicia Keys - Girl on Fire (Blue Light Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:07:58 | 003,606,108 | ---- | M] () -- C:\Users\Olli\Desktop\Lemar - The First Time [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:07:46 | 004,491,347 | ---- | M] () -- C:\Users\Olli\Desktop\A$AP Rocky - Cockiness (Remix).mp3

[2012.09.05 22:59:15 | 000,001,584 | ---- | M] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk

[2012.09.05 17:15:41 | 000,293,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.09.05 16:57:14 | 004,599,541 | ---- | M] () -- C:\Users\Olli\Desktop\Adorn (Remix) Feat. Wiz Khalifa.mp3

[2012.09.05 16:51:44 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.09.05 16:51:44 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

 
 ========== Files Created - No Company Name ==========

 

[2012.10.04 09:11:24 | 000,142,494 | ---- | C] () -- C:\Users\Olli\Desktop\Groupon-5652315535.pdf

[2012.10.02 19:13:44 | 010,064,118 | ---- | C] () -- C:\Users\Olli\Desktop\Kendrick Lamar feat. Dr. Dre - Compton.mp3

[2012.10.02 19:08:37 | 008,680,379 | ---- | C] () -- C:\Users\Olli\Desktop\Tyga feat 2 Chainz - Do My Dance BMF.mp3

[2012.10.02 18:08:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe

[2012.10.02 18:08:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe

[2012.10.02 18:08:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2012.10.02 18:08:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2012.10.02 18:08:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2012.10.01 20:48:08 | 000,166,451 | ---- | C] () -- C:\Users\Olli\FBScreen.jpg

[2012.10.01 20:39:53 | 000,026,667 | ---- | C] () -- C:\Users\Olli\Desktop\FehlermeldungOTL.jpg

[2012.09.26 21:28:25 | 000,029,680 | ---- | C] () -- C:\Users\Olli\Desktop\vdv23.jpg

[2012.09.26 21:13:04 | 000,303,616 | ---- | C] ( ) -- C:\SetACL.exe

[2012.09.26 15:07:25 | 000,002,247 | ---- | C] () -- C:\Users\Public\Desktop\Tweaking.com - Windows Repair (All in One).lnk

[2012.09.25 19:52:40 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012.09.25 19:39:37 | 000,053,880 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-09-25.json

[2012.09.25 19:33:07 | 002,700,544 | ---- | C] () -- C:\Users\Olli\Desktop\Swimming Pools (Remix) Feat. August.mp3

[2012.09.25 19:31:29 | 004,844,902 | ---- | C] () -- C:\Users\Olli\Desktop\Swiss Francs (Remix) Feat. Booba.mp3

[2012.09.25 19:09:02 | 003,976,869 | ---- | C] () -- C:\Users\Olli\Desktop\Ludacris feat Kelly Rowland - Representin' BMF.mp3

[2012.09.19 21:08:32 | 005,969,488 | ---- | C] () -- C:\Users\Olli\Desktop\Hamilton Park feat Meek Mill - Suicide BMF.mp3

[2012.09.18 21:32:18 | 004,711,029 | ---- | C] () -- C:\Users\Olli\Desktop\Fat Joe feat Trey Songz, Pusha T, Ashanti & Miguel - Pride N Joy (Remix) BMF.mp3

[2012.09.18 20:53:36 | 000,053,880 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-09-18.json

[2012.09.17 20:58:45 | 000,163,441 | ---- | C] () -- C:\Users\Olli\fblaednichtvollstaendig.jpg

[2012.09.16 20:21:37 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.09.16 13:14:39 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\FIFA 13 Demo.lnk

[2012.09.16 10:39:35 | 000,002,097 | ---- | C] () -- C:\Users\Olli\Desktop\hjtscanlist.zip

[2012.09.12 22:41:23 | 003,825,977 | ---- | C] () -- C:\Users\Olli\Desktop\Aaliyah featuring Drake - Enough Said.mp3

[2012.09.12 22:28:09 | 003,119,814 | ---- | C] () -- C:\Users\Olli\Desktop\Casper - Halbe Mille (HD Video).mp3

[2012.09.12 21:26:38 | 003,986,583 | ---- | C] () -- C:\Users\Olli\Desktop\Jonesmann feat Manuellsen   Wo wär ich.mp3

[2012.09.12 21:24:05 | 004,787,559 | ---- | C] () -- C:\Users\Olli\Desktop\Samson Jones __ _Bis ans Meer_.mp3

[2012.09.12 21:21:17 | 003,757,029 | ---- | C] () -- C:\Users\Olli\Desktop\Jonesmann - So Viel (Thug Life).mp3

[2012.09.12 21:18:46 | 002,847,047 | ---- | C] () -- C:\Users\Olli\Desktop\Samson Jones - Wir bleiben zusammen [HD].mp3

[2012.09.12 21:13:21 | 003,745,134 | ---- | C] () -- C:\Users\Olli\Desktop\First To Last.mp3

[2012.09.12 21:09:41 | 008,071,465 | ---- | C] () -- C:\Users\Olli\Desktop\20 Love That Bitch (Feat. Jannyce).mp3

[2012.09.12 21:09:39 | 007,223,973 | ---- | C] () -- C:\Users\Olli\Desktop\19 Fuck U Bitch.mp3

[2012.09.12 20:13:50 | 013,759,737 | ---- | C] () -- C:\Users\Olli\Desktop\Matt Struve Fitness - Ultimate 6-Pack Abs Exercise.mp4

[2012.09.10 22:54:51 | 002,291,552 | ---- | C] () -- C:\Users\Olli\Desktop\Foto.JPG

[2012.09.10 22:51:52 | 008,812,564 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii feat. Mike Posner - Stay With You (OverLine Edit).mp3

[2012.09.10 22:47:34 | 013,885,765 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Avicii Exclusive Ralph Lauren Denim & Supply Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:45:44 | 015,930,629 | ---- | C] () -- C:\Users\Olli\Desktop\Avicii - Silhouettes (Lazy Rich Remix) [www.MARVIN-VIBEZ.to].mp3

[2012.09.10 22:03:24 | 014,287,351 | ---- | C] () -- C:\Users\Olli\Desktop\Calvin Harris Ft. Florence Welch - Sweet Nothing (Extended Mix).mp3

[2012.09.10 21:59:33 | 007,723,216 | ---- | C] () -- C:\Users\Olli\Desktop\Daddy Yankee Ft. Nicky Jam - El Party Me Llama.mp3

[2012.09.10 21:55:56 | 009,719,280 | ---- | C] () -- C:\Users\Olli\Desktop\R.J. ft. Pitbull - Live 4 Die 4 (David May Extended Mix).mp3

[2012.09.10 12:21:33 | 000,228,375 | ---- | C] () -- C:\Users\Olli\trojaner.jpg

[2012.09.10 09:51:19 | 000,059,392 | R--- | C] () -- C:\Windows\SysWow64\streamhlp.dll

[2012.09.05 23:36:22 | 012,945,033 | ---- | C] () -- C:\Users\Olli\Desktop\Swedish House Mafia Feat. John Martin - Don't You Worry Child (Extended Mix) www.FreeNutka.pl .mp3

[2012.09.05 23:28:45 | 006,280,213 | ---- | C] () -- C:\Users\Olli\Desktop\Ryan Leslie feat. Fabolous - Beautiful Lie (Final Version).mp3

[2012.09.05 23:27:54 | 004,595,331 | ---- | C] () -- C:\Users\Olli\Desktop\Ryan Leslie - _Winning.mp3

[2012.09.05 23:27:13 | 005,346,387 | ---- | C] () -- C:\Users\Olli\Desktop\Jackie Boyz - Talk To Me (Prod. by Covea Jiles) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:25:46 | 009,178,758 | ---- | C] () -- C:\Users\Olli\Desktop\T-Town ft. Mike Hough - Here With Me (Produced by T-Town).mp3

[2012.09.05 23:25:04 | 000,000,892 | ---- | C] () -- C:\Users\Public\Desktop\Guild Wars 2.lnk

[2012.09.05 23:08:53 | 007,704,956 | ---- | C] () -- C:\Users\Olli\Desktop\Alicia Keys feat. Nicki Minaj - Girl On Fire (Inferno Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:08:29 | 006,253,436 | ---- | C] () -- C:\Users\Olli\Desktop\Alicia Keys - Girl on Fire (Blue Light Version) [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:07:19 | 003,606,108 | ---- | C] () -- C:\Users\Olli\Desktop\Lemar - The First Time [www.ILoveRNBMusic.com].mp3

[2012.09.05 23:06:58 | 004,491,347 | ---- | C] () -- C:\Users\Olli\Desktop\A$AP Rocky - Cockiness (Remix).mp3

[2012.09.05 22:59:15 | 000,001,584 | ---- | C] () -- C:\Users\Public\Desktop\Logitech Webcam Software  .lnk

[2012.09.05 16:57:11 | 004,599,541 | ---- | C] () -- C:\Users\Olli\Desktop\Adorn (Remix) Feat. Wiz Khalifa.mp3

[2012.07.05 12:22:59 | 000,127,215 | ---- | C] () -- C:\Users\Olli\ichhabneuenikes.png

[2012.06.18 21:03:49 | 001,682,393 | ---- | C] () -- C:\Users\Olli\Foto(2).JPG

[2012.06.18 20:55:33 | 001,594,647 | ---- | C] () -- C:\Users\Olli\Foto(1).JPG

[2012.05.28 22:39:54 | 000,015,335 | ---- | C] () -- C:\Users\Olli\monitor.jpg

[2012.05.24 14:54:23 | 000,452,742 | ---- | C] () -- C:\Users\Olli\20LNC2.JPG

[2012.05.24 14:54:23 | 000,448,036 | ---- | C] () -- C:\Users\Olli\20LNC1.JPG

[2012.05.19 10:34:43 | 003,387,997 | ---- | C] () -- C:\Users\Olli\wallpaper020-1920x1080.jpg

[2012.05.13 23:15:01 | 000,442,359 | ---- | C] () -- C:\Users\Olli\image.jpg

[2012.05.01 20:49:22 | 000,274,762 | ---- | C] () -- C:\Users\Olli\464735_292791490805610_211542765597150_705372_237206692_o.jpg

[2012.04.16 12:02:49 | 000,027,629 | ---- | C] () -- C:\Users\Olli\studiengangc9c75d1e-3620-47af-8452-676792999cb2.pdf

[2012.04.16 11:45:01 | 000,010,908 | ---- | C] () -- C:\Users\Olli\Reporteaa90062-9519-4457-b052-5e6d24ef86c7.pdf

[2012.04.15 13:55:25 | 000,224,313 | ---- | C] () -- C:\Users\Olli\Header adidas Trikot neu.jpg

[2012.04.03 07:16:04 | 000,423,744 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2012.04.01 18:13:29 | 000,559,125 | ---- | C] () -- C:\Users\Olli\457319_3176029072535_1019833424_32975851_559300883_o.jpg

[2012.04.01 12:22:02 | 000,139,656 | ---- | C] () -- C:\Users\Olli\pA_fh_30032012_010.jpg

[2012.04.01 12:20:07 | 000,210,371 | ---- | C] () -- C:\Users\Olli\pA_fh_30032012_095.jpg

[2012.03.26 21:05:12 | 000,118,430 | ---- | C] () -- C:\Users\Olli\plugin-formelsammlung_Kompatibilitaetsmodus_.pdf

[2012.03.20 20:37:41 | 000,037,690 | ---- | C] () -- C:\Users\Olli\408466_294213293984199_100001865927236_732412_1911041712_n.jpg

[2012.03.19 16:32:58 | 000,759,641 | ---- | C] () -- C:\Users\Olli\VM_120319_00001.pdf

[2012.03.16 12:15:50 | 000,038,044 | ---- | C] () -- C:\Users\Olli\Hausratversicherung_Angebot_Oliver Müller.pdf

[2012.03.16 01:28:24 | 000,050,898 | ---- | C] () -- C:\Users\Olli\bookmarks-2012-03-16.json

[2012.03.13 21:10:22 | 002,000,256 | ---- | C] () -- C:\Users\Olli\Foto.JPG

[2012.03.09 11:14:10 | 002,022,949 | ---- | C] () -- C:\Users\Olli\Antrag PHV Single.pdf

[2012.03.09 01:22:35 | 000,061,275 | ---- | C] () -- C:\Users\Olli\roter von rio.jpg

[2012.03.03 15:18:29 | 000,052,788 | ---- | C] () -- C:\Users\Olli\arena.jpg

[2012.02.23 23:28:53 | 000,249,704 | ---- | C] () -- C:\Users\Olli\BMW_X6.jpg

[2012.02.23 23:13:27 | 000,268,584 | ---- | C] () -- C:\Users\Olli\audiA8Seite.jpg

[2012.02.21 12:12:26 | 000,010,908 | R--- | C] () -- C:\Users\Olli\StudibescheinigungSS12.PDF

[2012.02.05 10:36:54 | 000,199,564 | ---- | C] () -- C:\Users\Olli\SALAA.jpg

[2012.01.27 22:49:54 | 000,289,874 | ---- | C] () -- C:\Users\Olli\Picture of me 1.png

[2012.01.18 08:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll

[2012.01.18 08:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll

[2012.01.18 08:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

[2011.12.17 11:42:37 | 000,457,385 | ---- | C] () -- C:\Users\Olli\2. Seite Haftpflichtversicherungsrechnung 001.jpg

[2011.12.17 11:42:32 | 000,338,840 | ---- | C] () -- C:\Users\Olli\1. Seite Haftpflichtversicherungsrechnung 001.jpg

[2011.12.15 19:13:31 | 000,099,211 | ---- | C] () -- C:\Users\Olli\holstentor.jpg

[2011.12.15 17:00:14 | 021,294,420 | ---- | C] () -- C:\Users\Olli\Bauchmuskeltraining 8 Minuten Deutsch.mp4

[2011.12.07 20:00:48 | 000,167,187 | ---- | C] () -- C:\Users\Olli\stier2.png

[2011.12.07 19:58:58 | 000,267,296 | ---- | C] () -- C:\Users\Olli\stier.png

[2011.12.04 19:48:53 | 000,096,111 | ---- | C] () -- C:\Users\Olli\toere800-1323015415.jpg

[2011.12.01 16:52:25 | 001,406,612 | ---- | C] () -- C:\Users\Olli\Schimmel 1.JPG

[2011.12.01 16:52:02 | 001,096,324 | ---- | C] () -- C:\Users\Olli\Schimmel 2.JPG

[2011.11.20 17:49:35 | 000,093,166 | ---- | C] () -- C:\Users\Olli\Mueller, Oliver - 2010 Steuer.pdf

[2011.11.20 17:49:30 | 000,175,794 | ---- | C] () -- C:\Users\Olli\Müller, Oliver - 2009 Steuer.pdf

[2011.11.17 16:44:38 | 000,463,480 | ---- | C] () -- C:\Users\Olli\drizzy.jpg

[2011.11.13 22:06:24 | 000,065,862 | ---- | C] () -- C:\Users\Olli\389951_291343820896138_100000615686743_889845_603073080_n.jpg

[2011.11.10 04:36:06 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat

[2011.11.10 04:36:06 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat

[2011.11.09 23:39:44 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll

[2011.11.09 23:39:32 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll

[2011.11.04 17:15:06 | 000,482,408 | ---- | C] () -- C:\Windows\ssndii.exe

[2011.11.04 17:14:21 | 000,113,768 | ---- | C] () -- C:\Windows\Wiainst.exe

[2011.10.25 22:21:34 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\OVDecoder.dll

[2011.10.03 19:08:02 | 000,035,052 | ---- | C] () -- C:\Users\Olli\foodprocessing.jpg

[2011.09.27 23:37:31 | 000,096,337 | ---- | C] () -- C:\Users\Olli\tumblr_lmuuycsF2T1qk8ks2o1_500.jpg

[2011.09.27 23:37:00 | 000,042,707 | ---- | C] () -- C:\Users\Olli\tumblr_lnof9adIeE1qjt5kqo1_400.jpg

[2011.09.27 23:33:19 | 000,067,250 | ---- | C] () -- C:\Users\Olli\tumblr_lpmvc8Rt971qhhun0o1_500.jpg

[2011.09.27 23:32:23 | 000,029,801 | ---- | C] () -- C:\Users\Olli\tumblr_lrtqjeGkwI1qc1mlvo1_500.jpg

[2011.09.21 21:44:37 | 000,047,789 | ---- | C] () -- C:\Users\Olli\16440-i-love-house-music-house-music-symbol.jpg

[2011.09.21 21:43:20 | 000,164,995 | ---- | C] () -- C:\Users\Olli\i_love_housemusic.jpg

[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[2011.08.31 19:24:11 | 001,864,407 | ---- | C] () -- C:\Users\Olli\DSC01699.JPG

[2011.08.31 19:23:41 | 002,554,778 | ---- | C] () -- C:\Users\Olli\DSC01693.JPG

[2011.08.31 17:02:12 | 002,650,681 | ---- | C] () -- C:\Users\Olli\DSC01623.JPG

[2011.05.11 17:55:08 | 000,000,056 | ---- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.04.04 19:01:00 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.04.03 12:47:05 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe

[2011.04.03 12:47:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.04.02 11:40:15 | 000,001,065 | ---- | C] () -- C:\Windows\winamp.ini

[2011.04.02 11:33:26 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL

[2011.04.02 11:33:26 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL

[2011.04.02 11:32:47 | 000,003,072 | ---- | C] () -- C:\Windows\SysWow64\CTXFIGER.DLL

[2011.04.02 10:55:54 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2011.12.04 16:30:29 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\DVDVideoSoft

[2011.11.08 17:39:41 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.04.06 20:35:22 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Foxit Software

[2012.04.29 14:45:55 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\FreeAudioPack

[2012.01.27 20:38:00 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Leadertech

[2011.06.09 19:37:49 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\LolClient

[2012.03.30 16:11:09 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\OpenOffice.org

[2012.03.16 01:31:22 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Opera

[2012.09.15 20:35:41 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Origin

[2011.04.15 17:15:26 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\PunkBuster

[2012.09.10 09:47:56 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\QuickScan

[2012.05.07 11:14:07 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TeamViewer

[2011.04.02 17:18:12 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\Thunderbird

[2012.09.10 12:21:42 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TrojanHunter

[2009.09.18 21:03:18 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TS3Client

[2011.07.21 20:07:43 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\TubeBox

[2012.09.10 22:17:31 | 000,000,000 | ---D | M] -- C:\Users\Olli\AppData\Roaming\YourFileDownloader

 
 ========== Purity Check ==========

 

 

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 131 bytes -> C:\ProgramData\TEMP:47F1DFAC
 

< End of report >

--- --- ---

Also IE und FF geht nix, Opera geht?

Hallo Schrauber,

melde mich vorerst zurück!
Also es funktioniert weder im IE, FF oder Opera.

Gruß

Router-Zugangsdaten bekannt? Wenn ja, Router auf Werkseinstellungen resetten. Dann Windows-Taste+R > ipconfig /flushdns > Enter.