| doobiedan | 31.01.2013 16:07 |
Avast Antivirus, sowie Malwarebytes stürzen bei Scan ab!
Hallo,
Ich habe ein Windows 7 Home Premium, 64-Bit Betriebssystem.
Vor kurzem hatte ich ein Problem, dass mein PC ziemlich langsam war und nach einer kurzen Zeit abgestürzt ist. Ich habe dann recheriert und es sollte wohlmöglich daran liegen, dass der Windows Updater nicht mehr geupdated hat und die Updates immer fehlgeschlagen sind.
Das lag daran, dass der Intelligente Hintergrundübertragungsdienst nicht in services.msc aufgeführt war und nachdem ich diesen wiederherstellen konnte, konnte ich die Windows Updates installieren und jetzt läuft der Rechner wieder einigermaßen.
Nun kam das nächste Problem, ich wollte einen kompletten check durchführen mit Avast Antivir, doch Avast ist komplett abgestürzt nach einiger Zeit.
Dann dachte ich mir lass ich mal Malwarebytes drüberlaufen, doch auch Malwarebytes ist schon nach kurzer Zeit abgestürzt (Kein Rückmeldung). Ich habe den Vorgang durchgeführt, beide Male ist der Scan in diesem Ordner abgestürzt:
C:\AMD\Support\12-10_vista_win7_win8_64_dd_ccc_whql_net4
Bei dem Quickscan von OTL wurde folgende log-datei erstellt:
OTL Logfile: Code:
OTL logfile created on: 31.01.2013 15:52:44 - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Daniel\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,86 Gb Total Physical Memory | 5,54 Gb Available Physical Memory | 70,47% Memory free
15,71 Gb Paging File | 13,13 Gb Available in Paging File | 83,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678,54 Gb Total Space | 437,88 Gb Free Space | 64,53% Space Free | Partition Type: NTFS
Computer Name: DANIEL-PC | User Name: Daniel | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Daniel\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Programme\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
PRC - C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Minilyrics\MiniLyrics.exe (Crintsoft)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
PRC - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
PRC - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll ()
MOD - C:\Program Files (x86)\Minilyrics\Plugins\mlp_G15.dll ()
MOD - C:\Program Files (x86)\Win7codecs\filters\libbluray.dll ()
MOD - C:\Program Files (x86)\Win7codecs\filters\avcodec-lav-53.dll ()
MOD - C:\Program Files (x86)\Win7codecs\filters\avformat-lav-53.dll ()
MOD - C:\Program Files (x86)\Win7codecs\filters\avutil-lav-51.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\PROGRA~2\MICROS~4\Office12\ADDINS\UMOUTL~1.DLL ()
MOD - C:\Program Files (x86)\NTI\Packard Bell MyBackup\sqlite3.dll ()
MOD - C:\PROGRA~2\MICROS~4\Office12\ADDINS\COLLEA~1.DLL ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (avast! Antivirus) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (vpnagent) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Cisco Systems, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Live Updater Service) -- C:\Programme\Packard Bell\Packard Bell Updater\UpdaterService.exe (Acer Incorporated)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (Sony Ericsson PCCompanion) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe (Avanquest Software)
SRV - (GREGService) -- C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (ePowerSvc) -- C:\Programme\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Packard Bell MyBackup\IScheduleSvc.exe (NTI Corporation)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (TurboBoost) -- C:\Programme\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (AdobeActiveFileMonitor9.0) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (pgsql-8.3) -- C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe (PostgreSQL Global Development Group)
========== Driver Services (SafeList) ==========
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (aswTdi) -- C:\windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (aswKbd) -- C:\windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (vpnva) -- C:\Windows\SysNative\drivers\vpnva64.sys (Cisco Systems, Inc.)
DRV:64bit: - (acsock) -- C:\Windows\SysNative\drivers\acsock64.sys (Cisco Systems, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ggsemc) -- C:\Windows\SysNative\drivers\ggsemc.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (ggflt) -- C:\Windows\SysNative\drivers\ggflt.sys (Sony Ericsson Mobile Communications)
DRV:64bit: - (taphss) -- C:\Windows\SysNative\drivers\taphss.sys (AnchorFree Inc)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://packardbell.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=APBTDF&pc=MAPB&src=IE-SearchBox
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: searchdictcc%40roughael:3.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..network.proxy.http: "212.224.92.183"
FF - prefs.js..network.proxy.http_port: 3129
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Daniel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.08 14:18:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 18:29:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.19 18:29:10 | 000,000,000 | ---D | M]
[2011.09.05 20:45:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Extensions
[2012.12.11 12:06:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\iwo5mkej.default\extensions
[2012.09.16 10:30:15 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Daniel\AppData\Roaming\mozilla\Firefox\Profiles\iwo5mkej.default\extensions\ich@maltegoetz.de
[2012.09.26 16:10:17 | 000,037,531 | ---- | M] () (No name found) -- C:\Users\Daniel\AppData\Roaming\mozilla\firefox\profiles\iwo5mkej.default\extensions\searchdictcc@roughael.xpi
[2013.01.19 18:29:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.19 18:29:13 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.02.16 12:02:53 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.04 14:40:23 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.16 12:02:53 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.16 12:02:53 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.16 12:02:53 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.16 12:02:53 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2012.07.24 20:12:07 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe (Cisco Systems, Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - Startup: C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~4\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe (PokerStars)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - Reg Error: Value error. File not found
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Daniel\Desktop\PartyPoker.lnk File not found
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Users\Daniel\Desktop\PartyPoker.lnk File not found
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5DA2D02C-0AA9-4BB0-95F9-AC380EB2DDE4}: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A42F22A6-403E-4F6A-BAD3-BA7668E70C45}: DhcpNameServer = 212.54.40.25 212.54.35.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BD0B791D-1566-4638-AD61-5B315802A713}: DhcpNameServer = 192.168.42.129
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.31 15:52:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2013.01.31 01:46:15 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Apps
[2013.01.30 23:22:00 | 015,328,952 | ---- | C] (Online Media Technologies Ltd. ) -- C:\Users\Daniel\Desktop\AVSRegistryCleaner.exe
[2013.01.30 23:13:01 | 000,000,000 | ---D | C] -- C:\Users\Public\Desktop\CC Support
[2013.01.30 22:33:20 | 000,347,424 | ---- | C] (Microsoft Corporation) -- C:\Users\Daniel\MicrosoftFixit.wu.LB.3628300852549170.1.1.Run.exe
[2013.01.25 22:21:39 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\Programs
[2013.01.25 11:03:13 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Documents\SPSSInc
[2013.01.25 11:01:20 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Application Data
[2013.01.25 11:01:14 | 000,000,000 | ---D | C] -- C:\Users\Daniel\.spss
[2013.01.25 11:01:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\javasharedresources
[2013.01.25 11:01:12 | 000,000,000 | ---D | C] -- C:\Users\Daniel\AppData\Local\IBM
[2013.01.25 10:58:53 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2013.01.25 10:58:35 | 000,000,000 | ---D | C] -- C:\ProgramData\SPSS
[2013.01.25 10:58:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IBM SPSS Statistics
[2013.01.25 10:57:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\IBM
[2013.01.25 10:56:55 | 000,000,000 | ---D | C] -- C:\Program Files\IBM
[2013.01.24 18:13:53 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Unterlagen
[2013.01.24 18:10:40 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\games
[2013.01.19 19:21:30 | 000,000,000 | ---D | C] -- C:\Users\Daniel\Desktop\Bewerbung
[2013.01.19 18:29:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[1 C:\Users\Daniel\Desktop\*.tmp files -> C:\Users\Daniel\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.01.31 15:53:02 | 000,016,976 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 15:53:02 | 000,016,976 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.31 15:52:13 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Daniel\Desktop\OTL.exe
[2013.01.31 15:43:06 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2013.01.31 15:42:59 | 2030,981,119 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.31 13:18:15 | 000,000,884 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2013.01.31 05:26:01 | 000,001,142 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3520827184-2771211456-251009465-1000UA.job
[2013.01.31 00:46:53 | 001,682,260 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2013.01.31 00:46:53 | 000,719,172 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2013.01.31 00:46:53 | 000,662,948 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2013.01.31 00:46:53 | 000,155,154 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2013.01.31 00:46:53 | 000,127,310 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2013.01.31 00:14:23 | 000,436,272 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2013.01.31 00:11:00 | 001,638,162 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013.01.30 23:28:31 | 015,328,952 | ---- | M] (Online Media Technologies Ltd. ) -- C:\Users\Daniel\Desktop\AVSRegistryCleaner.exe
[2013.01.30 11:26:00 | 000,001,120 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3520827184-2771211456-251009465-1000Core.job
[2013.01.27 16:58:23 | 305,101,805 | ---- | M] () -- C:\windows\MEMORY.DMP
[2013.01.26 13:35:41 | 000,025,894 | ---- | M] () -- C:\Users\Daniel\Desktop\Bild 1.png
[2013.01.25 15:56:58 | 000,018,537 | ---- | M] () -- C:\Users\Daniel\Desktop\POS_IBA_2012_2013_Exam_incl_oudres_plus_BB.pdf
[2013.01.25 15:56:43 | 000,025,614 | ---- | M] () -- C:\Users\Daniel\Desktop\assignment-grades-bb.pdf
[2013.01.25 15:11:00 | 000,031,985 | -HS- | M] () -- C:\Users\Daniel\Desktop\Folder.jpg
[2013.01.25 15:11:00 | 000,006,820 | -HS- | M] () -- C:\Users\Daniel\Desktop\AlbumArtSmall.jpg
[2013.01.25 14:56:02 | 009,180,874 | ---- | M] () -- C:\Users\Daniel\Desktop\12 - Rick Ross - 100 Black Coffins [Explicit].mp3
[2013.01.25 12:01:10 | 000,116,073 | ---- | M] () -- C:\Users\Daniel\Desktop\DOSB_Flyer_GewaltgegenFrauen_Seite-2A.pdf
[2013.01.25 12:00:36 | 000,250,796 | ---- | M] () -- C:\Users\Daniel\Desktop\DOSB_Flyer_GewaltgegenFrauen_Seite-1.pdf
[2013.01.25 10:56:48 | 000,001,025 | ---- | M] () -- C:\windows\SysWow64\sysprs7.tgz
[2013.01.25 10:56:48 | 000,001,025 | ---- | M] () -- C:\windows\SysWow64\sysprs7.dll
[2013.01.25 10:56:48 | 000,000,219 | ---- | M] () -- C:\windows\SysWow64\lsprst7.tgz
[2013.01.25 10:56:48 | 000,000,205 | ---- | M] () -- C:\windows\SysWow64\lsprst7.dll
[2013.01.25 10:56:48 | 000,000,016 | -H-- | M] () -- C:\windows\SysWow64\servdat.slm
[2013.01.25 08:56:00 | 000,002,031 | ---- | M] () -- C:\windows\wininit.ini
[2013.01.25 08:55:58 | 000,001,024 | ---- | M] () -- C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.01.09 11:21:52 | 001,132,605 | ---- | M] () -- C:\Users\Daniel\Desktop\solmath2jan13.pdf
[1 C:\Users\Daniel\Desktop\*.tmp files -> C:\Users\Daniel\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.01.31 00:05:30 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2013.01.30 23:48:46 | 000,000,003 | ---- | C] () -- C:\windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2013.01.27 16:58:23 | 305,101,805 | ---- | C] () -- C:\windows\MEMORY.DMP
[2013.01.26 13:35:41 | 000,025,894 | ---- | C] () -- C:\Users\Daniel\Desktop\Bild 1.png
[2013.01.25 16:14:33 | 835,315,713 | ---- | C] () -- C:\Users\Daniel\Desktop\Der.G-Punkt-German.DVDRip.XViD.avi
[2013.01.25 15:56:58 | 000,018,537 | ---- | C] () -- C:\Users\Daniel\Desktop\POS_IBA_2012_2013_Exam_incl_oudres_plus_BB.pdf
[2013.01.25 14:55:52 | 009,180,874 | ---- | C] () -- C:\Users\Daniel\Desktop\12 - Rick Ross - 100 Black Coffins [Explicit].mp3
[2013.01.25 12:01:10 | 000,116,073 | ---- | C] () -- C:\Users\Daniel\Desktop\DOSB_Flyer_GewaltgegenFrauen_Seite-2A.pdf
[2013.01.25 12:00:35 | 000,250,796 | ---- | C] () -- C:\Users\Daniel\Desktop\DOSB_Flyer_GewaltgegenFrauen_Seite-1.pdf
[2013.01.25 10:56:48 | 000,001,025 | ---- | C] () -- C:\windows\SysWow64\sysprs7.tgz
[2013.01.25 10:56:48 | 000,001,025 | ---- | C] () -- C:\windows\SysWow64\sysprs7.dll
[2013.01.25 10:56:48 | 000,000,219 | ---- | C] () -- C:\windows\SysWow64\lsprst7.tgz
[2013.01.25 10:56:48 | 000,000,205 | ---- | C] () -- C:\windows\SysWow64\lsprst7.dll
[2013.01.25 10:56:48 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\servdat.slm
[2013.01.09 11:20:45 | 001,132,605 | ---- | C] () -- C:\Users\Daniel\Desktop\solmath2jan13.pdf
[2012.06.11 17:50:16 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012.06.11 17:50:16 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012.03.23 14:32:49 | 000,003,584 | ---- | C] () -- C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.29 20:22:42 | 000,002,031 | ---- | C] () -- C:\windows\wininit.ini
[2011.11.27 01:51:14 | 000,000,373 | ---- | C] () -- C:\Users\Daniel\AppData\Local\postgresinstall.bat
[2011.11.26 02:12:06 | 000,000,193 | ---- | C] () -- C:\windows\wordpad.INI
[2011.11.25 23:17:58 | 000,007,598 | ---- | C] () -- C:\Users\Daniel\AppData\Local\resmon.resmoncfg
[2011.11.13 16:02:03 | 000,005,561 | ---- | C] () -- C:\Users\Daniel\pokervideo.vcf
[2011.11.13 15:20:11 | 000,645,632 | ---- | C] () -- C:\windows\SysWow64\xvidcore.dll
[2011.11.13 15:20:11 | 000,240,640 | ---- | C] () -- C:\windows\SysWow64\xvidvfw.dll
[2011.10.23 06:56:16 | 004,738,560 | ---- | C] () -- C:\windows\SysWow64\x264vfw.dll
[2011.09.28 16:44:14 | 000,179,271 | ---- | C] () -- C:\windows\SysWow64\xlive.dll.cat
[2011.09.25 16:56:26 | 000,216,064 | ---- | C] ( ) -- C:\windows\SysWow64\lagarith.dll
[2011.09.17 13:32:32 | 000,554,496 | ---- | C] () -- C:\windows\SysWow64\dvmsg.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat
[2011.09.03 02:07:25 | 001,638,162 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2011.08.13 06:46:50 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2011.08.13 06:44:07 | 000,003,929 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2011.07.12 15:56:50 | 000,074,752 | ---- | C] () -- C:\windows\SysWow64\ff_vfw.dll
[2011.07.12 04:49:19 | 000,963,116 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2011.07.12 04:49:19 | 000,218,304 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2011.07.12 04:49:18 | 013,359,616 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011.07.12 04:49:18 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2011.07.12 04:49:18 | 000,056,832 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
========== ZeroAccess Check ==========
[2011.11.17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{411f1797-9d1f-d395-4eae-3ff07da78792}\L
[2012.07.24 19:32:01 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{411f1797-9d1f-d395-4eae-3ff07da78792}\U
[2011.11.17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Daniel\AppData\Local\{411f1797-9d1f-d395-4eae-3ff07da78792}\L
[2011.11.17 07:41:18 | 000,000,000 | -HSD | M] -- C:\Users\Daniel\AppData\Local\{411f1797-9d1f-d395-4eae-3ff07da78792}\U
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"ThreadingModel" = Both
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.09.12 23:20:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.11.12 23:41:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\DAEMON Tools Lite
[2013.01.31 15:44:05 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Dropbox
[2012.01.31 22:21:37 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\HEM Data
[2012.08.30 17:47:45 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\HoldemManager
[2013.01.26 22:27:31 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\MiniLyrics
[2012.09.03 19:45:18 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Party
[2012.07.06 21:56:00 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SNS
[2012.12.11 01:49:34 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\SoftGrid Client
[2012.01.03 16:53:44 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Sony
[2013.01.31 00:41:33 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Tobit
[2011.09.03 02:07:52 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\TP
[2011.11.13 15:48:29 | 000,000,000 | ---D | M] -- C:\Users\Daniel\AppData\Roaming\Win7codecs
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 95 bytes -> C:\ProgramData\Temp:538DC028
< End of report >
--- --- ---
Ich hätte meinen System ja auch gerne auf einen früheren Zeitpunkt zurückgesetzt, nur leider musste ich feststellen, dass ich keine Wiederherstellungsdateien mehr habe. |
