Herr Graf | 17.11.2012 15:50 | also einfach neu booten, hab ich das jetzt richtig verstanden? oder soll ich das über das programm machen?
da über das program das nicht möglich ist (oder ich nicht weiß wie) muss ichs wohl manuell machen, oder? oder muss ich da auf scan klicken?
so hier ist die logdatei Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2012
Ran by SYSTEM at 17-11-2012 16:30:00
Running from G:\
Windows 7 Home Premium (X86) OS Language: German Standard
The current controlset is ControlSet001
==================== Registry (Whitelisted) ===================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [x]
HKLM\...\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [611672 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] %ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [x]
HKLM\...\Run: [TosReelTimeMonitor] %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [x]
HKLM\...\Run: [Toshiba TEMPRO] C:\Program Files\Toshiba TEMPRO\TemproTray.exe [1050000 2009-08-06] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [x]
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [x]
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [x]
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [x]
HKLM\...\Run: [SmartFaceVWatcher] %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [x]
HKLM\...\Run: [TWebCamera] "%ProgramFiles%\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun [x]
HKLM\...\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-07-30] (Toshiba Europe GmbH)
HKLM\...\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey [645328 2009-05-01] (McAfee, Inc.)
HKLM\...\Run: [HostManager] C:\Program Files\Common Files\AOL\1267025681\ee\AOLSoftware.exe [50736 2006-09-26] (America Online, Inc.)
HKLM\...\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s [85160 2009-05-26] (Elaborate Bytes AG)
HKLM\...\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW [1164584 2010-09-01] ()
HKLM\...\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime [421888 2010-11-29] (Apple Inc.)
HKLM\...\Run: [LCWB] C:\Program Files\LernenUndCo\LCWB.exe AUTOSTART [x]
HKLM\...\Run: [Freecorder FLV Service] "C:\Program Files\Freecorder\FLVSrvc.exe" /run [167936 2011-03-24] (Applian Technologies, Inc.)
HKLM\...\Run: [lxcrmon.exe] "C:\Program Files\Lexmark 2400 Series\lxcrmon.exe" [x]
HKLM\...\Run: [EzPrint] "C:\Program Files\Lexmark 2400 Series\ezprint.exe" [x]
HKLM\...\Run: [facemoods] "C:\Program Files\facemoods.com\facemoods\1.4.17.7\facemoodssrv.exe" /md I [x]
HKLM\...\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59240 2011-09-27] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" [421736 2011-11-13] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [843712 2012-01-02] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [252296 2011-09-30] (Sun Microsystems, Inc.)
HKLM\...\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2011-09-28] (LG Electronics)
HKLM\...\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" [74752 2011-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [vspdfprsrv.exe] C:\Program Files\Visagesoft\eXPert PDF\vspdfprsrv.exe --background [998912 2006-05-04] ()
HKLM\...\Run: [] [x]
HKLM\...\Run: [Adobe Acrobat Speed Launcher] "H:\Acrobat\Acrobat_sl.exe" [x]
HKLM\...\Run: [Acrobat Assistant 8.0] "H:\Acrobat\Acrotray.exe" [x]
HKLM\...\Run: [Regedit32] C:\Windows\system32\regedit.exe [x]
HKLM\...\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2013\APVXDWIN.EXE" /s [1053984 2012-06-21] (Panda Security, S.L.)
HKLM\...\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2013\Inicio.exe" [70432 2012-06-08] (Panda Security, S.L.)
HKU\Default\...\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Default User\...\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Gast\...\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Gast\...\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VR\AOL.EXE" -b [x]
HKU\Marie\...\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Marie\...\Policies\system: [LogonHoursAction] 2
HKU\Marie\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Timo\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-07] (Google Inc.)
HKU\Timo\...\Run: [AnyDVD] "G:\AnyDVD\AnyDVD.exe" [x]
HKU\Timo\...\Run: [LG LinkAir] [x]
HKU\Timo\...\Run: [Akamai NetSession Interface] "C:\Users\Timo\AppData\Local\Akamai\netsession_win.exe" [x]
HKU\Timo\...\Run: [Questler Bonusfinder] C:\Users\Timo\Downloads\Bonusfinder2.exe [x]
HKU\Timo\...\Run: [Media Finder] "C:\Program Files\Media Finder\MF.exe" /opentotray [8587776 2012-03-30] (Media Finder)
HKU\Timo\...\Run: [Regedit32] C:\Windows\system32\regedit.exe [x]
HKU\Timo\...\Run: [Facebook Update] "C:\Users\Timo\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [138096 2012-07-12] (Facebook Inc.)
HKU\Timo\...\Run: [ICQ] "C:\Program Files\ICQ7M\ICQ.exe" silent loginmode=4 [127040 2012-06-29] (ICQ, LLC.)
HKU\Timo\...\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [17418928 2012-07-13] (Skype Technologies S.A.)
HKU\Timo\...\Run: [Spotify Web Helper] "C:\Users\Timo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1199576 2012-11-16] (Spotify Ltd)
HKU\Timo\...\Run: [Spotify] "C:\Users\Timo\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart [7880664 2012-11-16] (Spotify Ltd)
HKU\Timo\...\Policies\system: [LogonHoursAction] 2
HKU\Timo\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Timo\...\Winlogon: [Shell] explorer.exe [x]
HKU\Toshiba\...\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
HKU\Toshiba\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [39408 2009-09-07] (Google Inc.)
HKU\Urlaub\...\Run: [TOSHIBA Online Product Information] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [6203296 2009-08-12] (TOSHIBA)
Winlogon\Notify\avldr: avldr.dll (On-Access Anti-Malware Scanner Sync)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Default\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\Toshiba\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Services (Whitelisted) ===================
2 AOL ACS; "C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe" [46640 2006-10-23] (AOL LLC)
2 cfWiMAXService; "C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe" [185712 2009-08-10] (TOSHIBA CORPORATION)
2 ConfigFree Service; "C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe" [46448 2009-03-10] (TOSHIBA CORPORATION)
2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe /DisableUI [1840128 2011-05-24] (MAGIX AG)
3 FirebirdServerMAGIXInstance; "C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe" [2702848 2011-04-26] (MAGIX®)
3 GameConsoleService; "C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe" [250616 2009-05-22] (WildTangent, Inc.)
3 HRService; "C:\Program Files\Haufe\iDesk\iDeskService\iDeskService.exe" [70336 2009-08-21] ()
2 Mamutu; "C:\Program Files\Mamutu\a2service.exe" [2978720 2011-07-08] (Emsi Software GmbH)
2 McAfee SiteAdvisor Service; "C:\Program Files\McAfee\SiteAdvisor\McSACore.exe" [95232 2012-06-15] (McAfee, Inc.)
3 McComponentHostService; "C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe" [227232 2010-01-15] (McAfee, Inc.)
2 mcmscsvc; C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe [865832 2009-05-01] (McAfee, Inc.)
3 McODS; C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe [365072 2009-05-08] (McAfee, Inc.)
2 McShield; C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe [144704 2009-05-13] (McAfee, Inc.)
4 McSysmon; C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe [606736 2009-05-08] (McAfee, Inc.)
2 MpfService; "C:\Program Files\McAfee\MPF\MPFSrv.exe" [893112 2009-05-08] (McAfee, Inc.)
2 MSK80Service; "C:\Program Files\McAfee\MSK\MskSrver.exe" [26640 2009-04-09] (McAfee, Inc.)
2 Panda Software Controller; "C:\Program Files\Panda Security\Panda Internet Security 2013\PsCtrls.exe" [177440 2012-06-19] (Panda Security, S.L.)
2 PAVFNSVR; "C:\Program Files\Panda Security\Panda Internet Security 2013\PavFnSvr.exe" [202016 2012-06-15] (Panda Security, S.L.)
2 PavPrSrv; "C:\Program Files\Common Files\Panda Security\PavShld\pavprsrv.exe" [62768 2008-02-04] (Panda Security, S.L.)
2 PAVSRV; "C:\Program Files\Panda Security\Panda Internet Security 2013\pavsrvx86.exe" [313664 2011-04-13] (Panda Security, S.L.)
2 PSIMSVC; "C:\Program Files\Panda Security\Panda Internet Security 2013\PsImSvc.exe" [108288 2008-06-19] (Panda Security S.L.)
2 PskSvcRetail; "C:\Program Files\Panda Security\Panda Internet Security 2013\PskSvc.exe" [28992 2010-08-16] (Panda Security, S.L.)
2 RSELSVC; C:\Program Files\TOSHIBA\RSelect\RSelSvc.exe /Service [62832 2009-07-07] (TOSHIBA Corporation)
2 TemproMonitoringService; "C:\Program Files\Toshiba TEMPRO\TemproSvc.exe" [116104 2009-08-06] (Toshiba Europe GmbH)
3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [51512 2009-08-17] (TOSHIBA Corporation)
2 TosCoSrv; "C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe" [464224 2009-08-05] (TOSHIBA Corporation)
3 TOSHIBA HDD SSD Alert Service; "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" [111960 2009-08-03] (TOSHIBA Corporation)
2 TPSrv; "C:\Program Files\Panda Security\Panda Internet Security 2013\TPSrv.exe" [156992 2011-04-14] (Panda Security, S.L.)
3 UPnPService; C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG)
3 lxcr_device; C:\Windows\system32\lxcrcoms.exe -service [x]
2 McNASvc; "c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe" [x]
2 McProxy; c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe [x]
2 PSHost; "c:\program files\panda security\panda internet security 2013\firewall\PSHOST.EXE" [x]
==================== Drivers (Whitelisted) ====================
3 a2acc; \??\C:\PROGRAM FILES\MAMUTU\a2accx86.sys [51632 2011-11-02] (Emsi Software GmbH)
1 a2injectiondriver; \??\C:\Program Files\Mamutu\a2dix86.sys [34768 2011-11-02] (Emsi Software GmbH)
1 a2util; \??\C:\Program Files\Mamutu\a2util32.sys [11776 2010-05-05] (Emsi Software GmbH)
2 ACEDRV07; \??\C:\Windows\system32\drivers\ACEDRV07.sys [101376 2010-10-09] (Protect Software GmbH)
2 AmFSM; C:\Windows\System32\DRIVERS\amm8660.sys [59656 2012-03-26] (Panda Security, S.L.)
3 Andbus; C:\Windows\System32\DRIVERS\lgandbus.sys [14336 2010-12-07] (LG Electronics Inc.)
3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag.sys [20736 2010-12-07] (LG Electronics Inc.)
3 AndGps; C:\Windows\System32\DRIVERS\lgandgps.sys [20096 2010-12-07] (LG Electronics Inc.)
3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem.sys [25088 2010-12-07] (LG Electronics Inc.)
3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [25728 2010-08-02] (Google Inc)
3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [108480 2010-09-14] (SlySoft, Inc.)
2 APPFLT; \??\C:\Windows\system32\Drivers\APPFLT.SYS [83528 2011-01-31] (Panda Security, S.L.)
2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2010-05-16] ()
2 ComFiltr; \??\C:\Windows\system32\DRIVERS\COMFiltr.sys [13880 2012-11-16] ()
1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [0 2012-11-16] ()
2 DSAFLT; \??\C:\Windows\system32\Drivers\DSAFLT.SYS [53256 2009-09-25] (Panda Security, S.L.)
1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30376 2010-09-30] (Elaborate Bytes AG)
2 FNETMON; \??\C:\Windows\system32\Drivers\fnetmon.SYS [22024 2009-09-25] (Panda Security, S.L.)
2 IDSFLT; \??\C:\Windows\system32\Drivers\IDSFLT.SYS [193864 2010-09-09] (Panda Security, S.L.)
2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2010-05-16] ()
3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [79816 2009-05-13] (McAfee, Inc.)
3 mfebopk; C:\Windows\System32\drivers\mfebopk.sys [35272 2009-05-13] (McAfee, Inc.)
1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [214024 2009-05-13] (McAfee, Inc.)
3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [34248 2009-05-13] (McAfee, Inc.)
3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [40552 2009-05-13] (McAfee, Inc.)
1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [130424 2009-04-09] (McAfee, Inc.)
2 NETFLTDI; \??\C:\Windows\system32\Drivers\NETFLTDI.SYS [159112 2009-09-25] (Panda Security, S.L.)
3 NETIMFLT01060044; C:\Windows\System32\DRIVERS\neti1644.sys [201032 2010-09-01] (Panda Security, S.L.)
0 pavboot; C:\Windows\System32\Drivers\pavboot.sys [26696 2010-06-22] (Panda Security, S.L.)
2 PavProc; \??\C:\Windows\system32\DRIVERS\PavProc.sys [164488 2012-05-08] (Panda Security, S.L.)
3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)
3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-01-03] (RapidSolution Software AG)
3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [31848 2012-01-03] (RapidSolution Software AG)
3 RTHDMIAzAudService; C:\Windows\System32\drivers\RtHDMIV.sys [159776 2009-06-24] (Realtek Semiconductor Corp.)
3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [376320 2009-08-13] (Realtek Semiconductor Corporation )
3 s0016bus; C:\Windows\System32\DRIVERS\s0016bus.sys [89256 2008-05-16] (MCCI Corporation)
3 s0016mdfl; C:\Windows\System32\DRIVERS\s0016mdfl.sys [15016 2008-05-16] (MCCI Corporation)
3 s0016mdm; C:\Windows\System32\DRIVERS\s0016mdm.sys [120744 2008-05-16] (MCCI Corporation)
3 s0016mgmt; C:\Windows\System32\DRIVERS\s0016mgmt.sys [114216 2008-05-16] (MCCI Corporation)
3 s0016nd5; C:\Windows\System32\DRIVERS\s0016nd5.sys [25512 2008-05-16] (MCCI Corporation)
3 s0016obex; C:\Windows\System32\DRIVERS\s0016obex.sys [110632 2008-05-16] (MCCI Corporation)
3 s0016unic; C:\Windows\System32\DRIVERS\s0016unic.sys [115752 2008-05-16] (MCCI Corporation)
1 ShldDrv; C:\Windows\System32\DRIVERS\ShlDrv51.sys [37448 2011-02-21] (Panda Security, S.L.)
3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [39016 2012-01-03] (RapidSolution Software AG)
3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-29] (America Online, Inc.)
2 WNMFLT; \??\C:\Windows\system32\Drivers\WNMFLT.SYS [46856 2009-09-25] (Panda Security, S.L.)
3 AvFlt; C:\Windows\system32\drivers\av5flt.sys [x]
3 lgbusenum; C:\Windows\System32\DRIVERS\lgbtbus.sys [x]
3 massfilter; C:\Windows\System32\drivers\massfilter.sys [x]
3 PavSRK.sys; \??\C:\Windows\system32\PavSRK.sys [x]
3 PavTPK.sys; \??\C:\Windows\system32\PavTPK.sys [x]
3 RSUSBSTOR; C:\Windows\System32\Drivers\RtsUStor.sys [x]
3 RtsUIR; C:\Windows\System32\DRIVERS\Rts516xIR.sys [x]
3 USBCCID; C:\Windows\System32\DRIVERS\RtsUCcid.sys [x]
3 ZTEusbmdm6k; C:\Windows\System32\DRIVERS\ZTEusbmdm6k.sys [x]
3 ZTEusbnmea; C:\Windows\System32\DRIVERS\ZTEusbnmea.sys [x]
3 ZTEusbser6k; C:\Windows\System32\DRIVERS\ZTEusbser6k.sys [x]
==================== NetSvcs (Whitelisted) ===================
NETSVC: VC4CB104 -> No Registry Path.
==================== One Month Created Files and Folders ========
2012-11-17 15:49 - 2012-11-17 15:49 - 00000000 ____D C:\FRST
2012-11-17 15:02 - 2012-11-17 15:03 - 00000000 ____D C:\Users\Timo\Desktop\mbar
2012-11-17 15:02 - 2012-11-17 14:39 - 12961620 ____A C:\Users\Timo\Desktop\mbar-1.01.0.1009.zip
2012-11-17 14:52 - 2012-11-17 14:55 - 00000000 ___SD C:\ComboFix
2012-11-17 14:33 - 2011-06-26 07:45 - 00256000 ____A C:\Windows\PEV.exe
2012-11-17 14:33 - 2010-11-07 18:20 - 00208896 ____A C:\Windows\MBR.exe
2012-11-17 14:33 - 2009-04-20 05:56 - 00060416 ____A (NirSoft) C:\Windows\NIRCMD.exe
2012-11-17 14:33 - 2000-08-31 01:00 - 00518144 ____A (SteelWerX) C:\Windows\SWREG.exe
2012-11-17 14:33 - 2000-08-31 01:00 - 00406528 ____A (SteelWerX) C:\Windows\SWSC.exe
2012-11-17 14:33 - 2000-08-31 01:00 - 00098816 ____A C:\Windows\sed.exe
2012-11-17 14:33 - 2000-08-31 01:00 - 00080412 ____A C:\Windows\grep.exe
2012-11-17 14:33 - 2000-08-31 01:00 - 00068096 ____A C:\Windows\zip.exe
2012-11-17 14:09 - 2012-11-17 14:19 - 00000000 ____D C:\Qoobox
2012-11-17 14:07 - 2012-11-17 14:07 - 00000000 ____D C:\Windows\erdnt
2012-11-17 13:06 - 2012-11-17 13:06 - 00185996 ____A C:\Users\Timo\Desktop\Panda.txt
2012-11-17 11:40 - 2012-11-17 11:40 - 00082354 ____A C:\Users\Timo\Desktop\Extras.Txt
2012-11-17 11:36 - 2012-11-17 11:36 - 00186036 ____A C:\Users\Timo\Desktop\OTL.Txt
2012-11-17 10:43 - 2012-11-17 10:38 - 00602112 ____A (OldTimer Tools) C:\Users\Timo\Desktop\OTL.exe
2012-11-16 17:49 - 2012-11-17 09:45 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetLoc.wlt
2012-11-16 17:49 - 2012-11-16 17:49 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetLoc.wlt.bck
2012-11-16 17:48 - 2012-11-17 09:50 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg.bck
2012-11-16 17:48 - 2012-11-17 09:50 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg
2012-11-16 17:48 - 2012-11-16 17:48 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg.bck
2012-11-16 17:48 - 2012-11-16 17:48 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg
2012-11-16 17:47 - 2012-11-17 16:25 - 00000060 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt.bck
2012-11-16 17:47 - 2012-11-17 16:25 - 00000060 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt
2012-11-16 17:47 - 2012-11-17 09:50 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg.bck
2012-11-16 17:47 - 2012-11-17 09:50 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg
2012-11-16 17:44 - 2012-11-17 16:23 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg.bck
2012-11-16 17:43 - 2012-11-17 16:25 - 00000136 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg.bck
2012-11-16 17:43 - 2012-11-17 16:25 - 00000136 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg
2012-11-16 17:43 - 2012-11-17 16:23 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg
2012-11-16 17:41 - 2012-11-16 17:47 - 00008627 ____A C:\Windows\System32\PAV_FOG.OPC
2012-11-16 17:40 - 2012-11-16 17:40 - 00013880 ____A C:\Windows\System32\Drivers\COMFiltr.sys
2012-11-16 17:40 - 2012-11-16 17:40 - 00000262 ____A C:\Windows\System32\PavCPL.dat
2012-11-16 17:40 - 2012-11-16 17:40 - 00000000 ____D C:\Users\Timo\AppData\Local\Panda Security
2012-11-16 17:39 - 2012-11-17 10:41 - 00303044 ____A C:\Windows\System32\Drivers\etc\DsaFlt.rls.bck
2012-11-16 17:39 - 2012-11-17 10:41 - 00303044 ____A C:\Windows\System32\Drivers\etc\DsaFlt.rls
2012-11-16 17:39 - 2012-11-17 09:50 - 00183180 ____A C:\Windows\System32\Drivers\APPFCONT.DAT.bck
2012-11-16 17:39 - 2012-11-17 09:50 - 00183180 ____A C:\Windows\System32\Drivers\APPFCONT.DAT
2012-11-16 17:39 - 2012-11-17 09:49 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG.bck
2012-11-16 17:39 - 2012-11-17 09:49 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG
2012-11-16 17:39 - 2012-11-16 17:39 - 00002481 ____A C:\Users\Public\Desktop\Remote-Zugriff installieren.lnk
2012-11-16 17:39 - 2012-11-16 17:39 - 00002200 ____A C:\Users\Public\Desktop\Panda Internet Security 2013.lnk
2012-11-16 17:39 - 2012-11-16 17:39 - 00000000 ____D C:\Users\All Users\Backup
2012-11-16 17:39 - 2011-01-31 16:41 - 00083528 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\APPFLT.SYS
2012-11-16 17:39 - 2010-09-09 16:23 - 00193864 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\idsflt.sys
2012-11-16 17:39 - 2010-06-22 18:13 - 00026696 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\pavboot.sys
2012-11-16 17:39 - 2009-09-25 14:54 - 00159112 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\NETFLTDI.SYS
2012-11-16 17:39 - 2009-09-25 14:54 - 00053256 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\dsaflt.sys
2012-11-16 17:39 - 2009-09-25 14:54 - 00046856 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\wnmflt.sys
2012-11-16 17:39 - 2009-09-25 14:54 - 00022024 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\fnetmon.sys
2012-11-16 17:39 - 2007-03-15 19:38 - 00054832 ____A (Panda Software) C:\Windows\System32\pavcpl.cpl
2012-11-16 17:38 - 2012-11-16 17:39 - 00000000 ____D C:\Program Files\Panda Security
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Windows\System32\PAV
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Panda Security
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Users\All Users\Panda Security
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Program Files\Common Files\Panda Security
2012-11-16 17:38 - 2012-05-17 16:42 - 00087328 ____A (Panda Security, S.L.) C:\Windows\System32\PavLspHook.dll
2012-11-16 17:38 - 2012-05-08 11:31 - 00164488 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\PavProc.sys
2012-11-16 17:38 - 2012-04-20 13:42 - 00518656 ____A (Panda Security, S.L.) C:\Windows\System32\PavSHook.dll
2012-11-16 17:38 - 2012-03-26 18:57 - 00059656 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\amm8660.sys
2012-11-16 17:38 - 2011-02-21 14:38 - 00037448 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\ShlDrv51.sys
2012-11-16 17:38 - 2010-09-01 11:09 - 00201032 ____A (Panda Security, S.L.) C:\Windows\System32\Drivers\neti1644.sys
2012-11-16 17:38 - 2010-06-21 17:02 - 00193344 ____A (Panda Security, S.L.) C:\Windows\System32\TpUtil.dll
2012-11-16 17:38 - 2010-06-21 17:01 - 00055616 ____A (Panda Security, S.L.) C:\Windows\System32\pavipc.dll
2012-11-16 17:38 - 2010-03-24 12:55 - 00055552 ____A (On-Access Anti-Malware Scanner Sync) C:\Windows\System32\avldr.dll
2012-11-16 17:38 - 2007-02-08 10:53 - 00107568 ____A (Panda Software) C:\Windows\System32\SYSTOOLS.DLL
2012-11-16 17:34 - 2012-11-16 17:34 - 00918432 ____A C:\Users\Timo\Downloads\PandaIS13.exe
2012-11-16 17:11 - 2012-07-26 04:39 - 00526952 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\Wdf01000.sys
2012-11-16 17:11 - 2012-07-26 04:39 - 00047720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WdfLdr.sys
2012-11-16 17:11 - 2012-07-26 03:46 - 00009728 ____A (Microsoft Corporation) C:\Windows\System32\Wdfres.dll
2012-11-16 17:11 - 2012-06-02 15:34 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2012-11-16 17:10 - 2012-07-26 04:21 - 00196608 ____A (Microsoft Corporation) C:\Windows\System32\WUDFHost.exe
2012-11-16 17:10 - 2012-07-26 04:20 - 00613888 ____A (Microsoft Corporation) C:\Windows\System32\WUDFx.dll
2012-11-16 17:10 - 2012-07-26 04:20 - 00172032 ____A (Microsoft Corporation) C:\Windows\System32\WUDFPlatform.dll
2012-11-16 17:10 - 2012-07-26 04:20 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\WUDFSvc.dll
2012-11-16 17:10 - 2012-07-26 04:20 - 00038912 ____A (Microsoft Corporation) C:\Windows\System32\WUDFCoinstaller.dll
2012-11-16 17:10 - 2012-07-26 03:33 - 00066560 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFPf.sys
2012-11-16 17:10 - 2012-07-26 03:32 - 00155136 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\WUDFRd.sys
2012-11-16 17:10 - 2012-06-02 15:57 - 00000003 ____A C:\Windows\System32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2012-11-16 17:09 - 2012-10-08 09:28 - 12320768 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-11-16 17:09 - 2012-10-08 09:02 - 09738240 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-11-16 17:09 - 2012-10-08 08:56 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-11-16 17:09 - 2012-10-08 08:48 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-11-16 17:09 - 2012-10-08 08:48 - 01103872 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-11-16 17:09 - 2012-10-08 08:47 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-11-16 17:09 - 2012-10-08 08:46 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-11-16 17:09 - 2012-10-08 08:45 - 00065024 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-11-16 17:09 - 2012-10-08 08:44 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2012-11-16 17:09 - 2012-10-08 08:43 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-11-16 17:09 - 2012-10-08 08:43 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2012-11-16 17:09 - 2012-10-08 08:42 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2012-11-16 17:09 - 2012-10-08 08:41 - 01793024 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-11-16 17:09 - 2012-10-08 08:41 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-11-16 17:09 - 2012-10-08 08:40 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-11-16 17:09 - 2012-10-08 08:37 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-11-16 17:06 - 2012-11-16 17:06 - 00000944 ____A C:\Users\Public\Desktop\Mamutu.lnk
2012-11-16 17:05 - 2012-11-17 09:50 - 00000000 ____D C:\Program Files\Mamutu
2012-11-16 16:49 - 2012-11-17 09:51 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2012-11-16 16:49 - 2012-11-16 16:49 - 00044544 ____A (Microsoft Corporation) C:\Users\All Users\lsass.exe
2012-11-16 12:02 - 2012-10-18 18:57 - 02344960 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-11-16 12:02 - 2012-09-25 22:55 - 00078336 ____A (Microsoft Corporation) C:\Windows\System32\synceng.dll
2012-11-14 16:25 - 2012-11-14 16:38 - 52369616 ____A C:\Users\Timo\Desktop\Interview_Isabel_121102.wav
2012-11-14 15:56 - 2012-11-14 16:10 - 00004835 ____A C:\Users\Timo\Documents\impressum.html
2012-11-14 15:56 - 2012-11-14 15:56 - 00013630 ____A C:\Users\Timo\Documents\datenschutz.html
2012-11-08 14:39 - 2012-11-08 14:39 - 00145600 ____A C:\Windows\Minidump\110812-67642-01.dmp
2012-11-07 19:30 - 2012-11-07 20:53 - 00395132 ____A C:\Users\Timo\Documents\Papst.pptx
2012-11-07 19:30 - 2012-11-07 19:30 - 00000165 ___AH C:\Users\Timo\Documents\~$Papst.pptx
2012-11-06 19:35 - 2012-11-06 19:35 - 00000000 ____D C:\Users\Timo\Downloads\metamorph_greenex
2012-11-06 19:34 - 2012-11-06 19:34 - 00000000 ____D C:\Users\Timo\Downloads\underground_grey
2012-11-06 19:33 - 2012-11-06 19:33 - 00136927 ____A C:\Users\Timo\Downloads\underground_grey.zip
2012-11-06 19:32 - 2012-11-06 19:33 - 01043660 ____A C:\Users\Timo\Downloads\metamorph_greenex.zip
2012-11-04 18:02 - 2012-11-04 18:02 - 00145536 ____A C:\Windows\Minidump\110412-33883-01.dmp
2012-11-04 18:01 - 2012-11-04 18:01 - 00000000 ____A C:\Windows\Minidump\110412-34991-01.dmp
2012-11-03 14:57 - 2012-11-03 14:57 - 00006921 ____A C:\Users\Timo\Desktop\SKATERS WORLD GmbH.htm
2012-11-03 14:57 - 2012-11-03 14:57 - 00000000 ____D C:\Users\Timo\Desktop\SKATERS WORLD GmbH_files
2012-11-03 10:29 - 2012-11-03 10:29 - 00179090 ____A C:\Users\Timo\Documents\versicherung.xps
2012-11-03 10:28 - 2012-11-03 10:28 - 00098071 ____A C:\Users\Timo\Downloads\tarif_kfz_pkw_201301.do
2012-11-01 11:49 - 2012-11-01 11:49 - 00001031 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-11-01 11:43 - 2012-11-01 11:48 - 22912657 ____A C:\Users\Timo\Documents\vlc-2.0.4-win32.exe
2012-11-01 11:40 - 2012-11-01 11:40 - 00380066 ____A C:\Users\Timo\Downloads\shoutcast-dsp-2-2-3-windows.exe
2012-10-29 18:12 - 2012-10-30 13:28 - 00000000 ____D C:\Users\Timo\Documents\TicketCreator
2012-10-29 18:01 - 2012-10-29 18:01 - 00001274 ____A C:\Users\Public\Desktop\BarcodeChecker.lnk
2012-10-29 18:01 - 2012-10-29 18:01 - 00000000 ____D C:\Program Files\TicketCreator
2012-10-29 18:01 - 2011-12-05 19:55 - 00069632 ____A (MW6 Technologies, Inc.) C:\Windows\System32\QRCodeFont.dll
2012-10-29 18:01 - 2009-06-01 12:06 - 00102400 ____A (www.metois.com) C:\Windows\System32\EymBarcodeReader.ocx
2012-10-29 18:01 - 2009-03-24 12:52 - 00151376 ____A (Microsoft Corporation) C:\Windows\System32\msmapi32.Ocx
2012-10-29 18:01 - 2009-03-24 12:52 - 00127808 ____A (Microsoft Corporation) C:\Windows\System32\MSWINSCK.ocx
2012-10-29 18:01 - 2009-03-24 12:52 - 00119616 ____A (Microsoft Corporation) C:\Windows\System32\mscomm32.ocx
2012-10-29 18:01 - 2008-08-17 18:48 - 00397312 ____A (Fath Software) C:\Windows\System32\fathzip.dll
2012-10-29 18:01 - 2005-07-06 17:55 - 00147456 ____A (GDCL (hxxp://www.gdcl.co.uk)) C:\Windows\System32\FSFWrap.dll
2012-10-29 18:01 - 2001-10-30 16:47 - 00073728 ____A () C:\Windows\System32\CapStill.dll
2012-10-29 18:01 - 2000-10-01 23:00 - 00125712 ____A (Microsoft Corporation) C:\Windows\System32\VB6DE.DLL
2012-10-29 18:01 - 1999-05-06 23:00 - 00244232 ____A (Microsoft Corporation) C:\Windows\System32\MSFLXGRD.OCX
2012-10-29 18:01 - 1998-07-06 01:00 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\MSMPIDE.DLL
2012-10-29 18:01 - 1998-07-06 01:00 - 00014336 ____A (Microsoft Corporation) C:\Windows\System32\MSCOMDE.DLL
2012-10-29 18:01 - 1998-07-05 23:00 - 00158208 ____A (Microsoft Corporation) C:\Windows\System32\MSCMCDE.DLL
2012-10-29 18:01 - 1998-07-05 23:00 - 00064512 ____A (Microsoft Corporation) C:\Windows\System32\MSCC2DE.DLL
2012-10-29 18:01 - 1998-07-05 23:00 - 00042496 ____A (Microsoft Corporation) C:\Windows\System32\FLXGDDE.DLL
2012-10-29 18:01 - 1998-07-05 23:00 - 00033792 ____A (Microsoft Corporation) C:\Windows\System32\CMDLGDE.DLL
2012-10-29 17:59 - 2012-10-29 17:59 - 11493840 ____A (www.TicketCreator.de ) C:\Users\Timo\Downloads\tc500setup.exe
2012-10-24 08:10 - 2012-11-05 18:21 - 08290586 ____A C:\Users\Timo\Documents\Hoher Beschäftigungsstand.pptx
2012-10-24 08:09 - 2012-10-24 08:09 - 00033690 ____A C:\Users\Timo\Documents\Folgen der Arbeistlosigkeit.xmind
2012-10-23 18:09 - 2012-10-23 18:09 - 00071883 ____A C:\Users\Timo\Downloads\Dschingis Khan - Dschingis Khan Medley Medley 1.mid
2012-10-23 18:08 - 2012-10-23 18:08 - 00105906 ____A C:\Users\Timo\Downloads\Ludwig van Beethoven - 5th Symphony Part 1.mid
2012-10-21 12:10 - 2012-10-21 12:26 - 00032258 ____H C:\Users\Timo\Downloads\~WRL0003.tmp
2012-10-20 13:10 - 2012-10-20 13:11 - 20228344 ____A (Mozilla) C:\Users\Timo\Downloads\firefox-19.0a1.en-US.win32.installer.exe
2012-10-20 13:09 - 2012-10-20 13:10 - 62018008 ____A (DVDVideoSoft Ltd. ) C:\Users\Timo\Downloads\FreeStudio.exe
==================== One Month Modified Files and Folders ========
2012-11-17 16:25 - 2012-11-17 16:23 - 00008212 ____A C:\Windows\mfebcdata
2012-11-17 16:25 - 2012-11-16 17:47 - 00000060 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt.bck
2012-11-17 16:25 - 2012-11-16 17:47 - 00000060 ____A C:\Windows\System32\Drivers\etc\NetAR.wlt
2012-11-17 16:25 - 2012-11-16 17:43 - 00000136 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg.bck
2012-11-17 16:25 - 2012-11-16 17:43 - 00000136 ____A C:\Windows\System32\Drivers\etc\NetAdapt.cfg
2012-11-17 16:24 - 2009-07-14 05:53 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-11-17 16:24 - 2009-07-14 05:39 - 00136085 ____A C:\Windows\setupact.log
2012-11-17 16:23 - 2012-11-16 17:44 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg.bck
2012-11-17 16:23 - 2012-11-16 17:43 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetFlt.cfg
2012-11-17 16:21 - 2010-02-08 14:26 - 01637976 ____A C:\Windows\WindowsUpdate.log
2012-11-17 15:49 - 2012-11-17 15:49 - 00000000 ____D C:\FRST
2012-11-17 15:44 - 2009-07-14 05:34 - 00016080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-11-17 15:44 - 2009-07-14 05:34 - 00016080 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-11-17 15:41 - 2012-09-01 19:33 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2012-11-17 15:28 - 2010-02-24 17:06 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2012-11-17 15:28 - 2010-02-24 17:06 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2012-11-17 15:03 - 2012-11-17 15:02 - 00000000 ____D C:\Users\Timo\Desktop\mbar
2012-11-17 15:01 - 2011-03-10 07:45 - 00000000 ____D C:\Users\Timo\Desktop\alles
2012-11-17 14:55 - 2012-11-17 14:52 - 00000000 ___SD C:\ComboFix
2012-11-17 14:39 - 2012-11-17 15:02 - 12961620 ____A C:\Users\Timo\Desktop\mbar-1.01.0.1009.zip
2012-11-17 14:19 - 2012-11-17 14:09 - 00000000 ____D C:\Qoobox
2012-11-17 14:07 - 2012-11-17 14:07 - 00000000 ____D C:\Windows\erdnt
2012-11-17 13:36 - 2012-04-12 13:00 - 00001134 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501585131-3938103745-153319493-1003UA.job
2012-11-17 13:36 - 2012-04-12 13:00 - 00001112 ____A C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2501585131-3938103745-153319493-1003Core.job
2012-11-17 13:06 - 2012-11-17 13:06 - 00185996 ____A C:\Users\Timo\Desktop\Panda.txt
2012-11-17 11:40 - 2012-11-17 11:40 - 00082354 ____A C:\Users\Timo\Desktop\Extras.Txt
2012-11-17 11:36 - 2012-11-17 11:36 - 00186036 ____A C:\Users\Timo\Desktop\OTL.Txt
2012-11-17 10:46 - 2010-12-14 18:55 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Skype
2012-11-17 10:44 - 2009-09-07 07:10 - 00005194 ____A C:\Windows\System32\PerfStringBackup.INI
2012-11-17 10:41 - 2012-11-16 17:39 - 00303044 ____A C:\Windows\System32\Drivers\etc\DsaFlt.rls.bck
2012-11-17 10:41 - 2012-11-16 17:39 - 00303044 ____A C:\Windows\System32\Drivers\etc\DsaFlt.rls
2012-11-17 10:38 - 2012-11-17 10:43 - 00602112 ____A (OldTimer Tools) C:\Users\Timo\Desktop\OTL.exe
2012-11-17 09:51 - 2012-11-16 16:49 - 95023320 ___AT C:\Users\All Users\dsgsdgdsgdsgw.pad
2012-11-17 09:51 - 2012-09-13 15:31 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Spotify
2012-11-17 09:50 - 2012-11-16 17:48 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg.bck
2012-11-17 09:50 - 2012-11-16 17:48 - 00000056 ____A C:\Windows\System32\Drivers\etc\DsaFlt.cfg
2012-11-17 09:50 - 2012-11-16 17:47 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg.bck
2012-11-17 09:50 - 2012-11-16 17:47 - 00000252 ____A C:\Windows\System32\Drivers\etc\IdsFlt.cfg
2012-11-17 09:50 - 2012-11-16 17:39 - 00183180 ____A C:\Windows\System32\Drivers\APPFCONT.DAT.bck
2012-11-17 09:50 - 2012-11-16 17:39 - 00183180 ____A C:\Windows\System32\Drivers\APPFCONT.DAT
2012-11-17 09:50 - 2012-11-16 17:05 - 00000000 ____D C:\Program Files\Mamutu
2012-11-17 09:49 - 2012-11-16 17:39 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG.bck
2012-11-17 09:49 - 2012-11-16 17:39 - 00001132 ____A C:\Windows\System32\Drivers\APPFLTR.CFG
2012-11-17 09:45 - 2012-11-16 17:49 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetLoc.wlt
2012-11-17 08:52 - 2012-04-05 19:46 - 00000000 __SHD C:\Users\Timo\AppData\Local\69303060
2012-11-17 08:51 - 2010-02-14 09:50 - 00000000 ____D C:\users\Timo
2012-11-16 21:07 - 2011-06-20 10:09 - 00000000 ____A C:\Windows\System32\Drivers\dfsc.sys
2012-11-16 17:49 - 2012-11-16 17:49 - 00000068 ____A C:\Windows\System32\Drivers\etc\NetLoc.wlt.bck
2012-11-16 17:48 - 2012-11-16 17:48 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg.bck
2012-11-16 17:48 - 2012-11-16 17:48 - 00000056 ____A C:\Windows\System32\Drivers\etc\WnmFlt.cfg
2012-11-16 17:47 - 2012-11-16 17:41 - 00008627 ____A C:\Windows\System32\PAV_FOG.OPC
2012-11-16 17:43 - 2012-04-05 19:47 - 00000000 __ASH C:\Windows\System32\dds_log_ad13.cmd
2012-11-16 17:43 - 2009-09-07 07:32 - 00564350 ____A C:\Windows\PFRO.log
2012-11-16 17:43 - 2009-07-14 05:53 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-11-16 17:41 - 2009-07-14 03:04 - 00000584 ____A C:\Windows\win.ini
2012-11-16 17:40 - 2012-11-16 17:40 - 00013880 ____A C:\Windows\System32\Drivers\COMFiltr.sys
2012-11-16 17:40 - 2012-11-16 17:40 - 00000262 ____A C:\Windows\System32\PavCPL.dat
2012-11-16 17:40 - 2012-11-16 17:40 - 00000000 ____D C:\Users\Timo\AppData\Local\Panda Security
2012-11-16 17:39 - 2012-11-16 17:39 - 00002481 ____A C:\Users\Public\Desktop\Remote-Zugriff installieren.lnk
2012-11-16 17:39 - 2012-11-16 17:39 - 00002200 ____A C:\Users\Public\Desktop\Panda Internet Security 2013.lnk
2012-11-16 17:39 - 2012-11-16 17:39 - 00000000 ____D C:\Users\All Users\Backup
2012-11-16 17:39 - 2012-11-16 17:38 - 00000000 ____D C:\Program Files\Panda Security
2012-11-16 17:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\DriverStore
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Windows\System32\PAV
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Panda Security
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Users\All Users\Panda Security
2012-11-16 17:38 - 2012-11-16 17:38 - 00000000 ____D C:\Program Files\Common Files\Panda Security
2012-11-16 17:38 - 2009-09-07 07:18 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2012-11-16 17:34 - 2012-11-16 17:34 - 00918432 ____A C:\Users\Timo\Downloads\PandaIS13.exe
2012-11-16 17:26 - 2012-09-13 15:33 - 00000000 ____D C:\Users\Timo\AppData\Local\Spotify
2012-11-16 17:23 - 2010-02-14 09:51 - 00157416 ____A C:\Users\Timo\AppData\Local\GDIPFONTCACHEV1.DAT
2012-11-16 17:22 - 2009-07-14 05:33 - 00514416 ____A C:\Windows\System32\FNTCACHE.DAT
2012-11-16 17:20 - 2009-07-14 09:47 - 00000000 ____D C:\Windows\System32\Drivers\de-DE
2012-11-16 17:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\System32\de-DE
2012-11-16 17:13 - 2010-06-29 12:43 - 64010424 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2012-11-16 17:13 - 2009-09-07 07:51 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-11-16 17:06 - 2012-11-16 17:06 - 00000944 ____A C:\Users\Public\Desktop\Mamutu.lnk
2012-11-16 16:49 - 2012-11-16 16:49 - 00044544 ____A (Microsoft Corporation) C:\Users\All Users\lsass.exe
2012-11-16 16:40 - 2010-05-17 18:55 - 00000000 ____D C:\Users\Timo\Documents\A Wiederherstellungs Speicher Office
2012-11-16 16:39 - 2010-02-24 18:24 - 01260032 __ASH C:\Users\Timo\Documents\Thumbs.db
2012-11-16 16:30 - 2010-02-24 18:03 - 00000000 ____D C:\Users\Timo\AppData\Roaming\vlc
2012-11-16 14:16 - 2010-02-24 18:04 - 00000000 ____D C:\Users\Timo\AppData\Roaming\dvdcss
2012-11-15 15:30 - 2009-09-07 07:36 - 00000378 ____A C:\Windows\Tasks\McDefragTask.job
2012-11-14 17:44 - 2012-09-14 15:55 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Audacity
2012-11-14 16:45 - 2012-03-08 15:33 - 00000000 ____D C:\Users\Timo\AppData\Roaming\FileZilla
2012-11-14 16:38 - 2012-11-14 16:25 - 52369616 ____A C:\Users\Timo\Desktop\Interview_Isabel_121102.wav
2012-11-14 16:10 - 2012-11-14 15:56 - 00004835 ____A C:\Users\Timo\Documents\impressum.html
2012-11-14 15:56 - 2012-11-14 15:56 - 00013630 ____A C:\Users\Timo\Documents\datenschutz.html
2012-11-12 14:44 - 2012-09-16 08:28 - 00000000 ____D C:\Users\Timo\AppData\Roaming\Nvu
2012-11-09 13:07 - 2012-03-29 19:29 - 00697272 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2012-11-09 13:07 - 2011-06-05 12:34 - 00073656 ____A (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
2012-11-09 13:06 - 2009-09-07 07:29 - 00000000 ____D C:\Users\All Users\Adobe
2012-11-08 14:39 - 2012-11-08 14:39 - 00145600 ____A C:\Windows\Minidump\110812-67642-01.dmp
2012-11-08 14:39 - 2010-09-01 12:24 - 00000000 ____D C:\Windows\Minidump
2012-11-07 20:53 - 2012-11-07 19:30 - 00395132 ____A C:\Users\Timo\Documents\Papst.pptx
2012-11-07 20:21 - 2010-02-19 18:43 - 00025600 ____A C:\Users\Timo\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-11-07 19:30 - 2012-11-07 19:30 - 00000165 ___AH C:\Users\Timo\Documents\~$Papst.pptx
2012-11-06 19:35 - 2012-11-06 19:35 - 00000000 ____D C:\Users\Timo\Downloads\metamorph_greenex
2012-11-06 19:34 - 2012-11-06 19:34 - 00000000 ____D C:\Users\Timo\Downloads\underground_grey
2012-11-06 19:33 - 2012-11-06 19:33 - 00136927 ____A C:\Users\Timo\Downloads\underground_grey.zip
2012-11-06 19:33 - 2012-11-06 19:32 - 01043660 ____A C:\Users\Timo\Downloads\metamorph_greenex.zip
2012-11-05 18:21 - 2012-10-24 08:10 - 08290586 ____A C:\Users\Timo\Documents\Hoher Beschäftigungsstand.pptx
2012-11-04 18:02 - 2012-11-04 18:02 - 00145536 ____A C:\Windows\Minidump\110412-33883-01.dmp
2012-11-04 18:01 - 2012-11-04 18:01 - 00000000 ____A C:\Windows\Minidump\110412-34991-01.dmp
2012-11-03 14:57 - 2012-11-03 14:57 - 00006921 ____A C:\Users\Timo\Desktop\SKATERS WORLD GmbH.htm
2012-11-03 14:57 - 2012-11-03 14:57 - 00000000 ____D C:\Users\Timo\Desktop\SKATERS WORLD GmbH_files
2012-11-03 10:29 - 2012-11-03 10:29 - 00179090 ____A C:\Users\Timo\Documents\versicherung.xps
2012-11-03 10:28 - 2012-11-03 10:28 - 00098071 ____A C:\Users\Timo\Downloads\tarif_kfz_pkw_201301.do
2012-11-01 11:49 - 2012-11-01 11:49 - 00001031 ____A C:\Users\Public\Desktop\VLC media player.lnk
2012-11-01 11:48 - 2012-11-01 11:43 - 22912657 ____A C:\Users\Timo\Documents\vlc-2.0.4-win32.exe
2012-11-01 11:41 - 2012-02-12 10:51 - 00000000 ____D C:\Program Files\Winamp
2012-11-01 11:40 - 2012-11-01 11:40 - 00380066 ____A C:\Users\Timo\Downloads\shoutcast-dsp-2-2-3-windows.exe
2012-11-01 10:34 - 2009-09-07 07:36 - 00000348 ____A C:\Windows\Tasks\McQcTask.job
2012-10-30 13:28 - 2012-10-29 18:12 - 00000000 ____D C:\Users\Timo\Documents\TicketCreator
2012-10-29 18:01 - 2012-10-29 18:01 - 00001274 ____A C:\Users\Public\Desktop\BarcodeChecker.lnk
2012-10-29 18:01 - 2012-10-29 18:01 - 00000000 ____D C:\Program Files\TicketCreator
2012-10-29 17:59 - 2012-10-29 17:59 - 11493840 ____A (www.TicketCreator.de ) C:\Users\Timo\Downloads\tc500setup.exe
2012-10-24 08:09 - 2012-10-24 08:09 - 00033690 ____A C:\Users\Timo\Documents\Folgen der Arbeistlosigkeit.xmind
2012-10-23 18:09 - 2012-10-23 18:09 - 00071883 ____A C:\Users\Timo\Downloads\Dschingis Khan - Dschingis Khan Medley Medley 1.mid
2012-10-23 18:08 - 2012-10-23 18:08 - 00105906 ____A C:\Users\Timo\Downloads\Ludwig van Beethoven - 5th Symphony Part 1.mid
2012-10-21 12:26 - 2012-10-21 12:10 - 00032258 ____H C:\Users\Timo\Downloads\~WRL0003.tmp
2012-10-20 13:26 - 2012-04-10 14:50 - 00000000 ____D C:\Users\Timo\AppData\Roaming\DVDVideoSoft
2012-10-20 13:18 - 2012-02-14 18:18 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2012-10-20 13:18 - 2011-07-03 12:21 - 00000000 ____D C:\Program Files\Nightly
2012-10-20 13:16 - 2012-07-25 12:18 - 00001204 ____A C:\Users\Timo\Desktop\DVDVideoSoft Free Studio.lnk
2012-10-20 13:13 - 2012-07-30 10:21 - 00001050 ____A C:\Users\Public\Desktop\Nightly.lnk
2012-10-20 13:12 - 2012-04-10 14:51 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2012-10-20 13:11 - 2012-10-20 13:10 - 20228344 ____A (Mozilla) C:\Users\Timo\Downloads\firefox-19.0a1.en-US.win32.installer.exe
2012-10-20 13:10 - 2012-10-20 13:09 - 62018008 ____A (DVDVideoSoft Ltd. ) C:\Users\Timo\Downloads\FreeStudio.exe
2012-10-18 18:57 - 2012-11-16 12:02 - 02344960 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
ZeroAccess:
C:\Users\Timo\AppData\Local\69303060
C:\Users\Timo\AppData\Local\69303060\@
C:\Users\Timo\AppData\Local\69303060\U
C:\Users\Timo\AppData\Local\69303060\U\000000cb.@
==================== Known DLLs (Whitelisted) =================
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2012-11-17 14:54:36
==================== Memory info ===========================
Percentage of memory in use: 13%
Total physical RAM: 3963.99 MB
Available physical RAM: 3427.48 MB
Total Pagefile: 3962.27 MB
Available Pagefile: 3436.17 MB
Total Virtual: 2047.88 MB
Available Virtual: 1969.61 MB
==================== Partitions =============================
1 Drive c: (WINDOWS) (Fixed) (Total:116.21 GB) (Free:2.07 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:116.28 GB) (Free:83.02 GB) NTFS
3 Drive e: (SYSTEM) (Fixed) (Total:0.39 GB) (Free:0.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
5 Drive g: (USB-STICK) (Removable) (Total:7.56 GB) (Free:0.2 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 232 GB 0 B
Datentr„ger 1 Online 7761 MB 0 B
Partitions of Disk 0:
===============
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Wiederherstellun 400 MB 1024 KB
Partition 2 Prim„r 116 GB 401 MB
Partition 3 Prim„r 116 GB 116 GB
=========================================================
Disk: 0
Partition 1
Typ : 27
Versteckt: Ja
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E SYSTEM NTFS Partition 400 MB Fehlerfre Versteck
=========================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C WINDOWS NTFS Partition 116 GB Fehlerfre
=========================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Data NTFS Partition 116 GB Fehlerfre
=========================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Data NTFS Partition 116 GB Fehlerfre
=========================================================
Partitions of Disk 1:
===============
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 7757 MB 4096 KB
=========================================================
Disk: 1
Partition 1
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G USB-STICK FAT32 Wechselmed 7757 MB Fehlerfre
=========================================================
Disk: 1
Partition 1
Typ : 0B
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G USB-STICK FAT32 Wechselmed 7757 MB Fehlerfre
=========================================================
Last Boot: 2012-09-04 18:02
==================== End Of Log ============================ |