Trojaner-Board - Autorun.inf USB Probleme

Code:

OTL logfile created on: 11.10.2010 09:42:37 - Run 1

OTL by OldTimer - Version 3.2.15.0     Folder = C:\Users\Toshiba\Desktop

 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free

4,00 Gb Paging File | 2,00 Gb Available in Paging File | 52,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 61,52 Gb Total Space | 27,38 Gb Free Space | 44,50% Space Free | Partition Type: NTFS

Drive D: | 171,36 Gb Total Space | 159,62 Gb Free Space | 93,15% Space Free | Partition Type: NTFS

Drive E: | 702,83 Mb Total Space | 697,19 Mb Free Space | 99,20% Space Free | Partition Type: UDF

Drive G: | 3,68 Gb Total Space | 0,68 Gb Free Space | 18,54% Space Free | Partition Type: FAT32

 

Computer Name: TOSHIBA-PC | User Name: Toshiba | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2010.10.11 08:34:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Desktop\OTL.exe

PRC - [2010.09.29 19:16:43 | 000,039,408 | ---- | M] (Google Inc.) -- C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

PRC - [2010.09.29 19:16:35 | 000,304,304 | ---- | M] (Google Inc.) -- C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe

PRC - [2010.09.20 12:39:10 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Programme\Common Files\Real\Update_OB\realsched.exe

PRC - [2010.09.13 00:18:13 | 000,975,928 | ---- | M] (Google Inc.) -- C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe

PRC - [2010.09.01 08:39:18 | 001,164,584 | ---- | M] () -- C:\Programme\DivX\DivX Update\DivXUpdate.exe

PRC - [2010.08.27 01:34:22 | 000,107,008 | ---- | M] () -- C:\Programme\VideoLAN\VLC\vlc.exe

PRC - [2010.05.21 00:52:06 | 011,312,128 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.bin

PRC - [2010.05.21 00:52:04 | 011,318,784 | ---- | M] (OpenOffice.org) -- C:\Programme\OpenOffice.org 3\program\soffice.exe

PRC - [2010.04.29 12:19:18 | 001,090,952 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbam.exe

PRC - [2010.04.16 22:12:28 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Messenger\msnmsgr.exe

PRC - [2010.04.16 18:36:42 | 000,026,480 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Live\Contacts\wlcomm.exe

PRC - [2010.04.01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe

PRC - [2010.03.02 11:28:31 | 000,282,792 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\sched.exe

PRC - [2010.01.14 22:11:00 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009.07.14 03:17:29 | 000,673,048 | ---- | M] (Microsoft Corporation) -- C:\Programme\Internet Explorer\iexplore.exe

PRC - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe

PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sppsvc.exe

PRC - [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

 

 
 ========== Modules (SafeList) ==========

 

MOD - [2010.10.11 08:34:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Desktop\OTL.exe

MOD - [2009.07.14 03:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll

MOD - [2009.07.14 03:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll

MOD - [2009.07.14 03:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll

MOD - [2009.07.14 03:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll

MOD - [2009.07.14 03:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll

MOD - [2009.07.14 03:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll

MOD - [2009.07.14 03:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll

MOD - [2009.07.14 03:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll

MOD - [2009.07.14 03:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll

MOD - [2009.07.14 03:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll

MOD - [2009.07.14 03:14:10 | 000,095,232 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msscript.ocx

MOD - [2009.07.14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2010.04.01 13:33:19 | 000,267,432 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2010.02.24 10:28:09 | 000,135,336 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2009.07.14 03:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)

SRV - [2009.07.14 03:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)

SRV - [2009.07.14 03:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)

SRV - [2009.07.14 03:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)

SRV - [2009.07.14 03:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)

SRV - [2009.07.14 03:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)

SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)

SRV - [2009.07.14 03:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)

SRV - [2009.07.14 03:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)

SRV - [2009.07.14 03:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)

SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009.07.14 03:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)

SRV - [2009.07.14 03:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)

SRV - [2009.07.14 03:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)

SRV - [2009.07.14 03:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)

SRV - [2009.07.14 03:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)

SRV - [2009.07.14 03:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX-Installer (AxInstSV)

SRV - [2009.07.14 03:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)

SRV - [2009.07.14 03:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Toshiba\AppData\Local\Temp\cpuz132\cpuz132_x32.sys -- (cpuz132)

DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Toshiba\AppData\Local\Temp\catchme.sys -- (catchme)

DRV - [2010.04.29 12:19:24 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)

DRV - [2010.03.01 10:05:24 | 000,124,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2010.02.16 14:24:01 | 000,060,936 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2009.10.07 08:49:40 | 006,756,632 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC) Logitech QuickCam Pro 5000(UVC)

DRV - [2009.10.07 08:47:56 | 000,266,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)

DRV - [2009.10.07 08:46:14 | 000,114,712 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lvpopflt.sys -- (lvpopflt)

DRV - [2009.07.14 03:26:21 | 000,015,952 | ---- | M] (CMD Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\cmdide.sys -- (cmdide)

DRV - [2009.07.14 03:26:17 | 000,297,552 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpahci.sys -- (adpahci)

DRV - [2009.07.14 03:26:15 | 000,422,976 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adp94xx.sys -- (adp94xx)

DRV - [2009.07.14 03:26:15 | 000,159,312 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsbs.sys -- (amdsbs)

DRV - [2009.07.14 03:26:15 | 000,146,512 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\adpu320.sys -- (adpu320)

DRV - [2009.07.14 03:26:15 | 000,086,608 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arcsas.sys -- (arcsas)

DRV - [2009.07.14 03:26:15 | 000,079,952 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdsata.sys -- (amdsata)

DRV - [2009.07.14 03:26:15 | 000,076,368 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\arc.sys -- (arc)

DRV - [2009.07.14 03:26:15 | 000,023,616 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\amdxata.sys -- (amdxata)

DRV - [2009.07.14 03:26:15 | 000,014,400 | ---- | M] (Acer Laboratories Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\aliide.sys -- (aliide)

DRV - [2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvstor.sys -- (nvstor)

DRV - [2009.07.14 03:20:44 | 000,117,312 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nvraid.sys -- (nvraid)

DRV - [2009.07.14 03:20:44 | 000,044,624 | ---- | M] (IBM Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\nfrd960.sys -- (nfrd960)

DRV - [2009.07.14 03:20:37 | 000,089,168 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas.sys -- (LSI_SAS)

DRV - [2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iaStorV.sys -- (iaStorV)

DRV - [2009.07.14 03:20:36 | 000,235,584 | ---- | M] (LSI Corporation, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MegaSR.sys -- (MegaSR)

DRV - [2009.07.14 03:20:36 | 000,133,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\ksecpkg.sys -- (KSecPkg)

DRV - [2009.07.14 03:20:36 | 000,096,848 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_scsi.sys -- (LSI_SCSI)

DRV - [2009.07.14 03:20:36 | 000,095,824 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_fc.sys -- (LSI_FC)

DRV - [2009.07.14 03:20:36 | 000,054,864 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\lsi_sas2.sys -- (LSI_SAS2)

DRV - [2009.07.14 03:20:36 | 000,041,040 | ---- | M] (Intel Corp./ICP vortex GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\iirsp.sys -- (iirsp)

DRV - [2009.07.14 03:20:36 | 000,030,800 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\megasas.sys -- (megasas)

DRV - [2009.07.14 03:20:36 | 000,013,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\hwpolicy.sys -- (hwpolicy)

DRV - [2009.07.14 03:20:28 | 000,453,712 | ---- | M] (Emulex) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\elxstor.sys -- (elxstor)

DRV - [2009.07.14 03:20:28 | 000,070,720 | ---- | M] (Adaptec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\djsvs.sys -- (aic78xx)

DRV - [2009.07.14 03:20:28 | 000,067,152 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\HpSAMD.sys -- (HpSAMD)

DRV - [2009.07.14 03:20:28 | 000,046,160 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\fsdepends.sys -- (FsDepends)

DRV - [2009.07.14 03:19:11 | 000,141,904 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vsmraid.sys -- (vsmraid)

DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)

DRV - [2009.07.14 03:19:10 | 000,159,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vhdmp.sys -- (vhdmp)

DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)

DRV - [2009.07.14 03:19:10 | 000,032,832 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vdrvroot.sys -- (vdrvroot)

DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\wimmount.sys -- (WIMMount)

DRV - [2009.07.14 03:19:10 | 000,016,976 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\viaide.sys -- (viaide)

DRV - [2009.07.14 03:19:04 | 001,383,488 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql2300.sys -- (ql2300)

DRV - [2009.07.14 03:19:04 | 000,173,648 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\rdyboost.sys -- (rdyboost)

DRV - [2009.07.14 03:19:04 | 000,106,064 | ---- | M] (QLogic Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\ql40xx.sys -- (ql40xx)

DRV - [2009.07.14 03:19:04 | 000,077,888 | ---- | M] (Silicon Integrated Systems) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\sisraid4.sys -- (SiSRaid4)

DRV - [2009.07.14 03:19:04 | 000,043,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pcw.sys -- (pcw)

DRV - [2009.07.14 03:19:04 | 000,040,016 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\SiSRaid2.sys -- (SiSRaid2)

DRV - [2009.07.14 03:19:04 | 000,021,072 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\stexstor.sys -- (stexstor)

DRV - [2009.07.14 03:17:54 | 000,369,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\cng.sys -- (CNG)

DRV - [2009.07.14 02:57:25 | 000,272,128 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\Brserid.sys -- (Brserid) Brother MFC Serial Port Interface Driver (WDM)

DRV - [2009.07.14 02:02:41 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\rdpbus.sys -- (rdpbus)

DRV - [2009.07.14 02:01:41 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\RDPREFMP.sys -- (RDPREFMP)

DRV - [2009.07.14 01:55:00 | 000,049,152 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\agilevpn.sys -- (RasAgileVpn) WAN Miniport (IKEv2)

DRV - [2009.07.14 01:53:51 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\wfplwf.sys -- (WfpLwf)

DRV - [2009.07.14 01:52:44 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ndiscap.sys -- (NdisCap)

DRV - [2009.07.14 01:52:02 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vwifibus.sys -- (vwifibus)

DRV - [2009.07.14 01:52:00 | 000,163,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\1394ohci.sys -- (1394ohci)

DRV - [2009.07.14 01:51:35 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\umpass.sys -- (UmPass)

DRV - [2009.07.14 01:51:23 | 000,080,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAUDIO.sys -- (usbaudio) USB-Audiotreiber (WDM)

DRV - [2009.07.14 01:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2009.07.14 01:51:08 | 000,004,096 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mshidkmdf.sys -- (mshidkmdf)

DRV - [2009.07.14 01:46:55 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\MTConfig.sys -- (MTConfig)

DRV - [2009.07.14 01:45:26 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\CompositeBus.sys -- (CompositeBus)

DRV - [2009.07.14 01:36:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\appid.sys -- (AppID)

DRV - [2009.07.14 01:33:50 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | Unknown | Stopped] -- C:\Windows\System32\drivers\scfilter.sys -- (scfilter)

DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)

DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)

DRV - [2009.07.14 01:24:05 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\discache.sys -- (discache)

DRV - [2009.07.14 01:16:36 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\acpipmi.sys -- (AcpiPmi)

DRV - [2009.07.14 01:11:04 | 000,052,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\amdppm.sys -- (AmdPPM)

DRV - [2009.07.14 00:54:14 | 000,026,624 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\hcw85cir.sys -- (hcw85cir)

DRV - [2009.07.14 00:53:33 | 000,012,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbMdm.sys -- (BrUsbMdm)

DRV - [2009.07.14 00:53:33 | 000,011,904 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrUsbSer.sys -- (BrUsbSer)

DRV - [2009.07.14 00:53:32 | 000,062,336 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\Drivers\BrSerWdm.sys -- (BrSerWdm)

DRV - [2009.07.14 00:53:28 | 000,013,568 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltLo.sys -- (BrFiltLo)

DRV - [2009.07.14 00:53:28 | 000,005,248 | ---- | M] (Brother Industries, Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\BrFiltUp.sys -- (BrFiltUp)

DRV - [2009.07.14 00:13:48 | 001,035,776 | ---- | M] (LSI Corp) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)

DRV - [2009.07.14 00:02:52 | 000,139,776 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rt86win7.sys -- (RTL8167)

DRV - [2009.07.14 00:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32) Intel(R)

DRV - [2009.07.14 00:02:49 | 000,229,888 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\b57nd60x.sys -- (b57nd60x)

DRV - [2009.07.14 00:02:48 | 003,100,160 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\evbdx.sys -- (ebdrv)

DRV - [2009.07.14 00:02:48 | 000,430,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\bxvbdx.sys -- (b06bdrv)

DRV - [2009.06.10 23:19:30 | 004,756,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdkmd32.sys -- (igfx)

DRV - [2009.05.11 10:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2008.02.15 19:04:42 | 000,017,408 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\semcreserved.sys -- (SEMCReserved)

DRV - [2008.02.06 16:16:32 | 000,337,408 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembwwan.sys -- (sembwwan) Sony Ericsson PC300 Mobile Broadband Ethernet Control Drivers (WDM)

DRV - [2008.02.06 16:16:10 | 000,344,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembunic.sys -- (sembunic) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (WDM)

DRV - [2008.02.06 16:16:02 | 000,024,960 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembnd5.sys -- (sembnd5) Sony Ericsson PC300 Mobile Broadband Network Adapter SENECA (NDIS)

DRV - [2008.02.06 16:15:56 | 000,343,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembmgmt.sys -- (sembmgmt) Sony Ericsson PC300 Mobile Broadband Device Management Drivers (WDM)

DRV - [2008.02.06 16:15:48 | 000,380,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembmdm2.sys -- (sembmdm2)

DRV - [2008.02.06 16:15:34 | 000,014,976 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembmdfl2.sys -- (sembmdfl2)

DRV - [2008.02.06 16:14:52 | 000,337,408 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembcard.sys -- (sembcard) Sony Ericsson PC300 Mobile Broadband Command Interface Drivers (WDM)

DRV - [2008.02.06 16:14:44 | 000,260,992 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sembbus.sys -- (sembbus) SEMC WMC Composite Device driver (WDM)

DRV - [2007.11.09 05:00:52 | 000,023,640 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\TVALZ_O.SYS -- (TVALZ)

DRV - [2007.08.14 10:15:18 | 000,012,672 | ---- | M] (Sony Ericsson) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\sesc.sys -- (Sony_EricssonWWSC)

DRV - [2006.11.14 17:35:20 | 000,037,376 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)

DRV - [2005.04.27 22:24:20 | 000,120,128 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\USBAV191.SYS -- (USBAV191)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.09.20 12:39:31 | 000,000,000 | ---D | M]

 

 

O1 HOSTS File: ([2010.10.10 14:55:03 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Programme\FlashGet\jccatch.dll (www.flashget.com)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)

O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Programme\FlashGet\getflash.dll (www.flashget.com)

O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Programme\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [DivXUpdate] C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()

O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)

O4 - HKCU..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - Startup: C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk = C:\Programme\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 8

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O8 - Extra context menu item: &Alles mit FlashGet laden - C:\Programme\FlashGet\JC_ALL.HTM ()

O8 - Extra context menu item: &Mit FlashGet laden - C:\Programme\FlashGet\JC_LINK.HTM ()

O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll (Google Inc.)

O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Programme\Paltalk Messenger\paltalk.exe (AVM Software Inc.)

O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)

O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Programme\FlashGet\flashget.exe (FlashGet.com)

O15 - HKCU\..Trusted Domains: campusspeicher.de ([server14] https in Vertrauenswürdige Sites)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab (Java Plug-in 1.6.0_20)

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} hxxp://gfx1.hotmail.com/mail/w4/m3/photouploadcontrol/VistaMSNPUpldde-de.cab (Windows Live Hotmail Photo Upload Tool)

O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - Reg Error: Key error. File not found

O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *) -  File not found

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = ComFile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2010.10.11 08:33:58 | 000,576,512 | ---- | C] (OldTimer Tools) -- C:\Users\Toshiba\Desktop\OTL.exe

[2010.10.11 08:29:09 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Malwarebytes

[2010.10.11 08:28:03 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys

[2010.10.11 08:28:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2010.10.11 08:27:59 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys

[2010.10.11 08:27:59 | 000,000,000 | ---D | C] -- C:\Programme\Malwarebytes' Anti-Malware

[2010.10.10 23:30:48 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\vlc

[2010.10.10 20:14:58 | 038,163,432 | ---- | C] (Logitech, Inc.) -- C:\Users\Toshiba\Desktop\qc1110_x64.exe

[2010.10.10 19:39:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\logishrd

[2010.10.10 17:38:22 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Scheikh Abd assalam

[2010.10.10 16:17:25 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Desktop2

[2010.10.10 14:55:10 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN

[2010.10.10 14:47:25 | 000,000,000 | ---D | C] -- C:\Windows\temp

[2010.10.10 14:41:23 | 000,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe

[2010.10.10 14:41:23 | 000,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe

[2010.10.10 14:41:23 | 000,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe

[2010.10.10 14:41:16 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT

[2010.10.10 14:41:15 | 000,000,000 | ---D | C] -- C:\ComboFix

[2010.10.10 14:40:21 | 000,000,000 | ---D | C] -- C:\Qoobox

[2010.10.10 14:39:54 | 000,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe

[2010.10.09 22:26:01 | 000,000,000 | ---D | C] -- C:\Programme\Boilsoft Video Splitter

[2010.10.09 21:59:38 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Boilsoft

[2010.10.09 21:42:21 | 000,000,000 | ---D | C] -- C:\Programme\Haali

[2010.10.09 17:53:16 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Piere Vogel

[2010.10.08 23:17:13 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Avira

[2010.10.08 17:52:17 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys

[2010.10.08 17:52:16 | 000,124,784 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys

[2010.10.08 17:52:16 | 000,060,936 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys

[2010.10.08 17:52:16 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntdd.sys

[2010.10.08 17:52:16 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\System32\drivers\avgntmgr.sys

[2010.10.08 17:52:16 | 000,000,000 | ---D | C] -- C:\Programme\Avira

[2010.10.08 17:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2010.10.08 09:49:53 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\Emicsoft Studio

[2010.10.08 09:49:42 | 000,000,000 | ---D | C] -- C:\Programme\Emicsoft Studio

[2010.10.08 08:03:58 | 000,000,000 | ---D | C] -- C:\Downloads

[2010.10.08 08:03:27 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\FlashGet

[2010.10.08 08:03:22 | 000,000,000 | ---D | C] -- C:\Programme\FlashGet

[2010.10.07 03:18:47 | 000,000,000 | ---D | C] -- C:\Neuer Ordner

[2010.10.06 23:49:40 | 000,000,000 | ---D | C] -- C:\ProgramData\QuickMediaConverter

[2010.10.06 23:48:38 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\CocoonSoftware

[2010.10.06 23:48:32 | 000,000,000 | ---D | C] -- C:\Programme\QuickMediaConverter

[2010.10.06 23:48:27 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\WDSetup

[2010.10.06 18:37:12 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Leawo

[2010.10.06 18:37:08 | 000,000,000 | ---D | C] -- C:\Programme\K-Lite Codec Pack

[2010.10.06 18:36:40 | 000,000,000 | ---D | C] -- C:\Programme\Leawo

[2010.10.06 18:28:03 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\SWF Studio

[2010.10.06 18:27:59 | 000,000,000 | ---D | C] -- C:\Programme\Riva

[2010.10.06 16:50:22 | 000,260,992 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembbus.sys

[2010.10.06 16:50:22 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembwhnt.sys

[2010.10.06 16:50:22 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembwh.sys

[2010.10.06 16:50:20 | 000,344,064 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembunic.sys

[2010.10.06 16:50:20 | 000,010,752 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembcr.sys

[2010.10.06 16:50:19 | 000,380,672 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembmdm2.sys

[2010.10.06 16:50:19 | 000,014,976 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembmdfl2.sys

[2010.10.06 16:50:18 | 000,012,672 | ---- | C] (Sony Ericsson) -- C:\Windows\System32\drivers\sesc.sys

[2010.10.06 16:50:17 | 000,337,408 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembwwan.sys

[2010.10.06 16:50:16 | 000,337,408 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembcard.sys

[2010.10.06 16:50:14 | 000,343,680 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembmgmt.sys

[2010.10.06 16:50:14 | 000,084,992 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\sembir32.dll

[2010.10.06 16:50:14 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembcmnt.sys

[2010.10.06 16:50:14 | 000,012,160 | ---- | C] (MCCI Corporation) -- C:\Windows\System32\drivers\sembcm.sys

[2010.10.06 16:49:37 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Sony Ericsson

[2010.10.06 16:49:37 | 000,000,000 | ---D | C] -- C:\Programme\Sony Ericsson

[2010.10.06 16:43:14 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Adobe

[2010.10.06 16:43:14 | 000,000,000 | ---D | C] -- C:\Programme\Adobe

[2010.10.04 22:27:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Videos

[2010.10.04 21:40:31 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Drivers HeadQuarters

[2010.10.04 21:38:29 | 000,000,000 | ---D | C] -- C:\Intel

[2010.10.04 21:28:04 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\Sony PMB

[2010.10.04 21:23:13 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Sony Corporation

[2010.10.04 17:58:04 | 003,727,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_35.dll

[2010.10.04 17:58:04 | 002,388,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_30.dll

[2010.10.04 00:37:05 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft

[2010.10.04 00:36:46 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live SkyDrive

[2010.10.04 00:36:12 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH

[2010.10.02 21:43:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\DRVSTORE

[2010.10.02 21:40:33 | 000,515,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAudio2_5.dll

[2010.10.02 21:40:33 | 000,453,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx10_42.dll

[2010.10.02 21:40:33 | 000,069,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\XAPOFX1_3.dll

[2010.10.02 21:40:15 | 003,426,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3dx9_32.dll

[2010.10.02 21:39:28 | 000,000,000 | ---D | C] -- C:\Programme\Microsoft Silverlight

[2010.10.02 21:39:08 | 002,983,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbon.dll

[2010.10.02 21:39:07 | 001,164,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\UIRibbonRes.dll

[2010.10.02 21:38:24 | 000,196,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mfreadwrite.dll

[2010.10.02 21:38:23 | 003,181,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mf.dll

[2010.10.02 21:38:23 | 001,619,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\WMVDECOD.DLL

[2010.10.02 21:34:33 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Windows Live

[2010.09.29 19:25:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Google

[2010.09.29 19:16:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Google

[2010.09.29 18:17:28 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Desktop\Moschee

[2010.09.28 11:02:39 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt

[2010.09.28 10:33:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Shareaza

[2010.09.28 10:33:12 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Shareaza

[2010.09.28 10:33:10 | 000,000,000 | ---D | C] -- C:\Programme\Shareaza

[2010.09.26 22:28:50 | 000,000,000 | ---D | C] -- C:\TEMP

[2010.09.26 22:20:15 | 000,000,000 | ---D | C] -- C:\Programme\IrfanView

[2010.09.26 11:26:16 | 000,000,000 | ---D | C] -- C:\Programme\Windows Live Safety Center

[2010.09.26 11:25:18 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\Meine empfangenen Dateien

[2010.09.22 03:08:38 | 000,000,000 | ---D | C] -- C:\Programme\VideoLAN

[2010.09.21 21:41:40 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\WinRAR

[2010.09.21 21:41:08 | 000,000,000 | ---D | C] -- C:\Programme\WinRAR

[2010.09.21 12:18:58 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\PSpad

[2010.09.21 12:18:49 | 000,000,000 | ---D | C] -- C:\Programme\PSPad editor

[2010.09.21 12:09:07 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Paltalk

[2010.09.21 12:09:04 | 000,000,000 | ---D | C] -- C:\Windows\PaltalkScene

[2010.09.21 12:09:04 | 000,000,000 | ---D | C] -- C:\Programme\Paltalk Messenger

[2010.09.20 23:53:49 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\gtk-2.0

[2010.09.20 23:48:31 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\.thumbnails

[2010.09.20 23:47:19 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\Documents\gegl-0.0

[2010.09.20 23:47:19 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\.gimp-2.6

[2010.09.20 23:41:52 | 000,000,000 | ---D | C] -- C:\Programme\GIMP-2.0

[2010.09.20 22:32:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe

[2010.09.20 22:30:40 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Adobe

[2010.09.20 21:58:14 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\FileZilla

[2010.09.20 21:57:54 | 000,000,000 | ---D | C] -- C:\Programme\FileZilla FTP Client

[2010.09.20 12:39:29 | 000,185,920 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll

[2010.09.20 12:39:27 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll

[2010.09.20 12:39:27 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll

[2010.09.20 12:39:22 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\xing shared

[2010.09.20 12:39:13 | 000,499,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll

[2010.09.20 12:39:13 | 000,348,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll

[2010.09.20 12:39:13 | 000,278,528 | ---- | C] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll

[2010.09.20 12:39:11 | 000,000,000 | ---D | C] -- C:\Programme\Real

[2010.09.20 12:39:09 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Real

[2010.09.20 12:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Real

[2010.09.20 12:39:08 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Real

[2010.09.19 22:07:55 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\skypePM

[2010.09.19 22:05:51 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Skype

[2010.09.19 22:05:33 | 000,000,000 | R--D | C] -- C:\Programme\Skype

[2010.09.19 22:05:33 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Skype

[2010.09.19 22:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype

[2010.09.19 20:45:10 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\DivX

[2010.09.19 20:45:02 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\PX Storage Engine

[2010.09.19 20:44:41 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\DivX Shared

[2010.09.19 20:44:02 | 000,000,000 | ---D | C] -- C:\Programme\DivX

[2010.09.19 20:43:47 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX

[2010.09.19 19:10:40 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Microsoft Games

[2010.09.19 11:32:42 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\OpenOffice.org

[2010.09.19 11:30:39 | 000,000,000 | ---D | C] -- C:\Programme\JRE

[2010.09.19 11:30:36 | 000,000,000 | ---D | C] -- C:\Programme\OpenOffice.org 3

[2010.09.19 11:30:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun

[2010.09.19 11:30:13 | 000,000,000 | ---D | C] -- C:\Programme\Common Files\Java

[2010.09.19 11:30:06 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2010.09.19 11:30:06 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010.09.19 11:30:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010.09.19 11:30:06 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010.09.19 11:29:58 | 000,000,000 | ---D | C] -- C:\Programme\Java

[2010.09.14 18:11:39 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Diagnostics

[2010.09.13 23:32:52 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Macromedia

[2010.09.13 23:32:52 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Roaming\Adobe

[2010.09.13 23:32:39 | 000,000,000 | ---D | C] -- C:\Users\Toshiba\AppData\Local\Google

[2010.09.13 23:32:32 | 000,000,000 | ---D | C] -- C:\Programme\Google

[2010.09.13 23:32:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed

 
 ========== Files - Modified Within 30 Days ==========

 

[2010.10.11 09:43:50 | 002,883,584 | -HS- | M] () -- C:\Users\Toshiba\NTUSER.DAT

[2010.10.11 09:41:53 | 000,016,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2010.10.11 09:41:53 | 000,016,208 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2010.10.11 09:37:04 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\daao.sys

[2010.10.11 09:30:49 | 001,472,002 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI

[2010.10.11 09:30:49 | 000,643,866 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2010.10.11 09:30:49 | 000,607,190 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2010.10.11 09:30:49 | 000,126,394 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2010.10.11 09:30:49 | 000,103,568 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2010.10.11 09:24:29 | 000,054,016 | ---- | M] () -- C:\Windows\System32\drivers\ujlan.sys

[2010.10.11 09:05:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.10.11 08:34:05 | 000,576,512 | ---- | M] (OldTimer Tools) -- C:\Users\Toshiba\Desktop\OTL.exe

[2010.10.11 08:28:05 | 000,000,983 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.10.10 23:30:42 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2010.10.10 20:15:02 | 038,163,432 | ---- | M] (Logitech, Inc.) -- C:\Users\Toshiba\Desktop\qc1110_x64.exe

[2010.10.10 19:41:39 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2010.10.10 19:41:24 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT

[2010.10.10 19:41:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2010.10.10 19:41:21 | 1603,084,288 | -HS- | M] () -- C:\hiberfil.sys

[2010.10.10 18:27:50 | 002,584,161 | -H-- | M] () -- C:\Users\Toshiba\AppData\Local\IconCache.db

[2010.10.10 14:55:12 | 000,000,215 | ---- | M] () -- C:\Windows\system.ini

[2010.10.10 14:55:03 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts

[2010.10.10 08:04:04 | 000,031,211 | ---- | M] () -- C:\Users\Toshiba\.recently-used.xbel

[2010.10.09 22:26:05 | 000,001,017 | ---- | M] () -- C:\Users\Toshiba\Desktop\Boilsoft Video Splitter.lnk

[2010.10.06 17:37:22 | 000,141,104 | ---- | M] () -- C:\Users\Toshiba\Documents\heimnetzwerk.xps

[2010.09.28 17:27:20 | 000,289,720 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2010.09.28 02:15:31 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010.09.20 12:39:29 | 000,185,920 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\rmoc3260.dll

[2010.09.20 12:39:27 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5016.dll

[2010.09.20 12:39:27 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\System32\pndx5032.dll

[2010.09.20 12:39:13 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcp71.dll

[2010.09.20 12:39:13 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\msvcr71.dll

[2010.09.20 12:39:13 | 000,278,528 | ---- | M] (Real Networks, Inc) -- C:\Windows\System32\pncrt.dll

[2010.09.19 22:07:57 | 000,000,056 | -H-- | M] () -- C:\ProgramData\ezsidmv.dat

[2010.09.19 18:38:25 | 000,062,952 | ---- | M] () -- C:\Users\Toshiba\AppData\Local\GDIPFONTCACHEV1.DAT

[2010.09.19 11:33:58 | 000,002,299 | ---- | M] () -- C:\Users\Toshiba\Documents\Neue Datenbank.odb

[2010.09.19 11:33:14 | 000,001,197 | ---- | M] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk

[2010.09.19 11:30:01 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll

[2010.09.19 11:30:01 | 000,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe

[2010.09.19 11:30:01 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe

[2010.09.19 11:30:01 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe

[2010.09.14 16:56:54 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

 
 ========== Files Created - No Company Name ==========

 

[2010.10.11 09:37:04 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\daao.sys

[2010.10.11 09:24:29 | 000,054,016 | ---- | C] () -- C:\Windows\System32\drivers\ujlan.sys

[2010.10.11 08:28:05 | 000,000,983 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2010.10.10 23:30:42 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk

[2010.10.10 14:41:23 | 000,256,512 | ---- | C] () -- C:\Windows\PEV.exe

[2010.10.10 14:41:23 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe

[2010.10.10 14:41:23 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe

[2010.10.10 14:41:23 | 000,077,312 | ---- | C] () -- C:\Windows\MBR.exe

[2010.10.10 14:41:23 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe

[2010.10.10 08:04:04 | 000,031,211 | ---- | C] () -- C:\Users\Toshiba\.recently-used.xbel

[2010.10.09 22:26:05 | 000,001,017 | ---- | C] () -- C:\Users\Toshiba\Desktop\Boilsoft Video Splitter.lnk

[2010.10.07 02:52:02 | 000,108,032 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2010.10.07 02:52:02 | 000,050,688 | ---- | C] () -- C:\Windows\System32\ff_acm.acm

[2010.10.06 18:37:09 | 000,178,176 | ---- | C] () -- C:\Windows\System32\unrar.dll

[2010.10.06 17:37:21 | 000,141,104 | ---- | C] () -- C:\Users\Toshiba\Documents\heimnetzwerk.xps

[2010.10.06 16:50:21 | 000,017,408 | ---- | C] () -- C:\Windows\System32\drivers\semcreserved.sys

[2010.09.28 02:15:31 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

[2010.09.19 22:07:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2010.09.19 11:33:30 | 000,002,299 | ---- | C] () -- C:\Users\Toshiba\Documents\Neue Datenbank.odb

[2010.09.19 11:33:14 | 000,001,197 | ---- | C] () -- C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk

[2010.09.14 16:56:54 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_User_WpdFs_01_09_00.Wdf

[2010.09.13 23:32:43 | 000,000,888 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2010.09.13 23:32:42 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2009.10.07 08:24:22 | 000,082,289 | ---- | C] () -- C:\Windows\System32\lvcoinst.ini

[2009.07.14 01:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll

[2009.07.14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll

[2005.05.06 19:06:00 | 000,016,480 | ---- | C] () -- C:\Windows\System32\rixdicon.dll

[2005.04.27 22:24:20 | 000,120,128 | ---- | C] () -- C:\Windows\System32\drivers\USBAV191.SYS

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 16 bytes -> C:\Users\Toshiba\Downloads:Shareaza.GUID
 

< End of report >

Code:

OTL Extras logfile created on: 11.10.2010 09:42:37 - Run 1

OTL by OldTimer - Version 3.2.15.0     Folder = C:\Users\Toshiba\Desktop

 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7600.16385)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 33,00% Memory free

4,00 Gb Paging File | 2,00 Gb Available in Paging File | 52,00% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 61,52 Gb Total Space | 27,38 Gb Free Space | 44,50% Space Free | Partition Type: NTFS

Drive D: | 171,36 Gb Total Space | 159,62 Gb Free Space | 93,15% Space Free | Partition Type: NTFS

Drive E: | 702,83 Mb Total Space | 697,19 Mb Free Space | 99,20% Space Free | Partition Type: UDF

Drive G: | 3,68 Gb Total Space | 0,68 Gb Free Space | 18,54% Space Free | Partition Type: FAT32

 

Computer Name: TOSHIBA-PC | User Name: Toshiba | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user

Company Name Whitelist: Off | Skip Microsoft Files: Off | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.exe [@ = exefile] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Users\Toshiba\AppData\Local\Temp\tat.exe" = C:\Users\Toshiba\AppData\Local\Temp\tat.exe:*:Enabled:Windows Messanger -- File not found

"C:\Users\Toshiba\AppData\Roaming\Microsoft\svcchost.exe" = C:\Users\Toshiba\AppData\Roaming\Microsoft\svcchost.exe:*:Enabled:Windows Messanger -- File not found

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{171E6C1E-B5FC-11DF-B115-005056C00008}" = Google Earth Plug-in

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{253AD5C7-94ED-44BF-AA0C-890A80817A87}_is1" = Boilsoft Video Splitter 6.01

"{26A24AE4-039D-4CA4-87B4-2F83216020FF}" = Java(TM) 6 Update 20

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{37964A88-DAA1-488B-AE88-A5B6DDC6E9A6}" = Sony Ericsson Wireless Manager 5

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting

"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AAF4238F-7C29-451D-9925-C753271A5728}" = Microsoft Visual C++ Run Time  Lib Setup

"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.0 - Deutsch

"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials

"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2

"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call

"{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}" = OpenOffice.org 3.2

"{EF4E0DA6-02E0-47BF-9BB6-DC0E83CC6F4C}" = Sony Ericsson MD300 Wireless Modem

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0

"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner

"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"DivX Setup.divx.com" = DivX-Setup

"ffdshow_is1" = ffdshow v1.1.3562 [2010-09-07]

"FlashGet" = FlashGet 1.9.6.1073

"HaaliMkx" = Haali Media Splitter

"IrfanView" = IrfanView (remove only)

"KLiteCodecPack_is1" = K-Lite Codec Pack 5.4.4 (Basic)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware

"PalTalk8.2" = PaltalkScene

"PSPad editor_is1" = PSPad editor

"RealPlayer 12.0" = RealPlayer

"VLC media player" = VLC media player 1.1.4

"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner

"WinGimp-2.0_is1" = GIMP 2.6.10

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"FileZilla Client" = FileZilla Client 3.3.4.1

"Google Chrome" = Google Chrome

"QUICKMEDIACONVERTER" = QMC

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 10.10.2010 08:54:48 | Computer Name = Toshiba-PC | Source = Software Protection Platform Service | ID = 8211

Description = Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens:

 0xC004F050.   

 

Error - 10.10.2010 08:59:41 | Computer Name = Toshiba-PC | Source = Application Hang | ID = 1002

Description = Programm gimp-2.6.exe, Version 0.0.0.0 kann nicht mehr unter Windows

 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,

 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: ce8    Startzeit: 

01cb687ae47619bf    Endzeit: 16    Anwendungspfad: C:\Program Files\GIMP-2.0\bin\gimp-2.6.exe
 

Berichts-ID:

 3c88874a-d46e-11df-b192-001b24ee3896  

 

Error - 10.10.2010 12:31:07 | Computer Name = Toshiba-PC | Source = Software Protection Platform Service | ID = 8211

Description = Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens:

 0xC004F025.   

 

Error - 10.10.2010 13:36:18 | Computer Name = Toshiba-PC | Source = Application Hang | ID = 1002

Description = Programm msnmsgr.exe, Version 14.0.8117.416 kann nicht mehr unter 

Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in

 der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem 

zu suchen.    Prozess-ID: db0    Startzeit: 01cb6898bc094d03    Endzeit: 59    Anwendungspfad: C:\Program

 Files\Windows Live\Messenger\msnmsgr.exe    Berichts-ID: e14e6000-d494-11df-83b6-001b24ee3896
 

 

Error - 10.10.2010 13:41:52 | Computer Name = Toshiba-PC | Source = Software Protection Platform Service | ID = 1017

Description = Fehler bei der Installation des Kaufnachweises. 0xC004F015  Teil-Pkey=FCGFR

ACID=bfb30674-7c9a-4624-9309-9914cfd5b05c

Genauer

 Fehler[?]  

 

Error - 10.10.2010 13:41:54 | Computer Name = Toshiba-PC | Source = Software Protection Platform Service | ID = 1017

Description = Fehler bei der Installation des Kaufnachweises. 0xC004F015  Teil-Pkey=FCGFR

ACID=bfb30674-7c9a-4624-9309-9914cfd5b05c

Genauer

 Fehler[?]  

 

Error - 10.10.2010 13:42:26 | Computer Name = Toshiba-PC | Source = Software Protection Platform Service | ID = 1017

Description = Fehler bei der Installation des Kaufnachweises. 0xC004F050  Teil-Pkey=3MBMV

ACID=?

Genauer

 Fehler[?]  

 

Error - 10.10.2010 13:42:26 | Computer Name = Toshiba-PC | Source = Software Protection Platform Service | ID = 8211

Description = Fehler bei der Aktualisierung der Windows-Lizenz- und Product Key-Tokens:

 0xC004F050.   

 

Error - 10.10.2010 14:33:27 | Computer Name = Toshiba-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 8.0.7600.16385,

 Zeitstempel: 0x4a5bc69e  Name des fehlerhaften Moduls: mshtml.dll, Version: 8.0.7600.16385,

 Zeitstempel: 0x4a5bda8a  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001cc03a  ID des fehlerhaften

 Prozesses: 0x434  Startzeit der fehlerhaften Anwendung: 0x01cb68a98cf12d82  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe  Pfad des

 fehlerhaften Moduls: C:\Windows\System32\mshtml.dll  Berichtskennung: decd167d-d49c-11df-861e-001b24ee3896

 

Error - 10.10.2010 20:18:08 | Computer Name = Toshiba-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: chrome.exe, Version: 0.0.0.0, Zeitstempel:

 0x4c8d33ea  Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.4927, Zeitstempel:

 0x4a2752ff  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000173e8  ID des fehlerhaften Prozesses:

 0x10ac  Startzeit der fehlerhaften Anwendung: 0x01cb68d9c63d87e1  Pfad der fehlerhaften

 Anwendung: C:\Users\Toshiba\AppData\Local\Google\Chrome\Application\chrome.exe  Pfad

 des fehlerhaften Moduls: C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4927_none_d08a205e442db5b5\MSVCR80.dll

Berichtskennung:

 05c9e5f1-d4cd-11df-861e-001b24ee3896

 

[ System Events ]

Error - 10.10.2010 02:04:20 | Computer Name = Toshiba-PC | Source = DCOM | ID = 10016

Description = 

 

Error - 10.10.2010 02:47:14 | Computer Name = Toshiba-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 10.10.2010 08:42:36 | Computer Name = Toshiba-PC | Source = Service Control Manager | ID = 7030

Description = Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet.

 Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich

 sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

 

Error - 10.10.2010 08:53:35 | Computer Name = Toshiba-PC | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am ?10.?10.?2010 um 14:47:11 unerwartet heruntergefahren.

 

Error - 10.10.2010 10:21:03 | Computer Name = Toshiba-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 10.10.2010 13:41:22 | Computer Name = Toshiba-PC | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am ?10.?10.?2010 um 19:39:14 unerwartet heruntergefahren.

 

Error - 10.10.2010 14:28:01 | Computer Name = Toshiba-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 10.10.2010 14:55:21 | Computer Name = Toshiba-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 10.10.2010 15:02:21 | Computer Name = Toshiba-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

Error - 10.10.2010 15:06:20 | Computer Name = Toshiba-PC | Source = ACPI | ID = 327693

Description = : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen

 Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware

 hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie 

den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen

 Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

 

 

< End of report >