Home » Spyware & Browser Hijacker Support Forum » msls31.dll nicht gefunden » Themenansicht

msls31.dll nicht gefunden
#0
06.04.2012, 20:29
MetalMarcus
...neu hier

Beiträge: 1
#1 Guten Abend,
ich habe seit ich meinen PC neu aufgesetzt habe (das ist 2 Tage her) ein Problem mit der msls31.dll.
Jedes mal wenn ich nach einem Neustart den Start öffne kommt die Meldung das die Datei msls31.dll nicht gefunden wird obwohl sie im System32 Verzeichnis ist. (Ich habe diese und die rundll32.exe schon ausgetauscht durch die die im SysWow64 Ordner ist).
Auch bei der Suche im Explorer kommt die Fehlermeldung. Dieses Modul ist dazu da utf-codes darzustellen und deswegen werden wenn man in der suche etwas eintippt nichts angezeigt (Buchstaben).
Es gibt keine Virenmeldung und sonst funktioniert alles.
Meine Frage ist ob Ihr wisst wie man des beheben kann.
Der Log von OTL ist:

OTL logfile created on: 06.04.2012 20:18:51 - Run 2
OTL by OldTimer - Version 3.2.39.2 Folder = C:\Users\Stefan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

5,99 Gb Total Physical Memory | 4,13 Gb Available Physical Memory | 68,91% Memory free
11,98 Gb Paging File | 9,88 Gb Available in Paging File | 82,48% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 910,41 Gb Total Space | 875,58 Gb Free Space | 96,17% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,31 Gb Free Space | 56,56% Space Free | Partition Type: NTFS

Computer Name: STEFAN-PC | User Name: Stefan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2012.04.06 18:59:47 | 000,593,920 | ---- | M] (OldTimer Tools) -- C:\Users\Stefan\Downloads\OTL.exe
PRC - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.01.31 08:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.31 08:55:48 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.01.31 08:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2010.10.22 02:00:00 | 002,105,344 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
PRC - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
PRC - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2012.02.20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll


[color=#E56717]========== Win32 Services (SafeList) ==========[/color]

SRV:64bit: - [2012.03.09 07:10:20 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.03.19 13:38:47 | 002,666,880 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.31 08:56:05 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.31 08:55:48 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.04.27 17:21:18 | 000,288,272 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Programme\Microsoft Security Client\Antimalware\NisSrv.exe -- (NisSrv)
SRV - [2011.04.27 17:21:18 | 000,012,784 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft Security Client\Antimalware\MsMpEng.exe -- (MsMpSvc)
SRV - [2010.11.20 14:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:64bit: - [2012.03.09 08:28:08 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.03.09 05:58:02 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.01.31 08:56:33 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.01.31 08:56:33 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011.12.16 17:53:28 | 000,016,376 | ---- | M] (TeamViewer GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TVMonitor.sys -- (MonitorFunction)
DRV:64bit: - [2011.12.05 21:47:30 | 000,095,248 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2011.09.16 16:08:07 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.27 15:25:24 | 000,084,864 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.22 02:00:00 | 000,714,368 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV:64bit: - [2010.10.22 02:00:00 | 000,014,120 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avmeject.sys -- (avmeject)
DRV:64bit: - [2009.09.30 10:34:30 | 000,121,872 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 27 32 96 8B 71 13 CD 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


[color=#E56717]========== FireFox ==========[/color]

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)



[color=#E56717]========== Chrome ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Stefan\AppData\Local\Google\Chrome\Application\18.0.1025.142\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Stefan\AppData\Local\Google\Chrome\Application\18.0.1025.142\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Stefan\AppData\Local\Google\Chrome\Application\18.0.1025.142\gcswf32.dll
CHR - Extension: YouTube = C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: AdBlock = C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.25_0\
CHR - Extension: Google Mail = C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3EFCAC98-47FD-4082-867B-9447FC45909C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5a207e64-7ea5-11e1-8f60-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{5a207e64-7ea5-11e1-8f60-806e6f6e6963}\Shell\AutoRun\command - "" = F:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2012.04.06 18:04:20 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.04.06 18:03:48 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.04.06 17:41:16 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Avira
[2012.04.06 17:40:20 | 000,116,224 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysNative\fms.dll
[2012.04.06 17:39:51 | 000,093,696 | ---- | C] (Windows (R) Codename Longhorn DDK provider) -- C:\Windows\SysWow64\fms.dll
[2012.04.06 17:38:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.04.06 17:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2012.04.06 17:34:19 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2012.04.06 17:34:18 | 000,132,320 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2012.04.06 17:34:18 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2012.04.06 17:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2012.04.06 17:34:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2012.04.06 16:32:34 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\ATI
[2012.04.06 16:32:34 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\ATI
[2012.04.06 16:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.04.06 16:29:54 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.04.06 16:29:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012.04.06 16:29:49 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2012.04.06 16:29:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2012.04.06 16:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.04.06 16:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2012.04.05 23:19:22 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2012.04.05 23:19:22 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2012.04.05 22:11:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\directx
[2012.04.05 22:08:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012.04.05 22:08:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2012.04.05 21:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.04.05 21:20:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.04.05 21:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2012.04.05 21:20:09 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2012.04.05 21:19:17 | 000,000,000 | ---D | C] -- C:\AMD
[2012.04.05 21:00:09 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\Direkt X
[2012.04.05 20:47:00 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Apple Computer
[2012.04.05 20:46:57 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Apple Computer
[2012.04.05 20:46:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012.04.05 20:46:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2012.04.05 20:46:32 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012.04.05 20:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012.04.05 20:46:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012.04.05 20:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2012.04.05 20:46:31 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2012.04.05 20:43:25 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Apple
[2012.04.05 20:43:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2012.04.05 20:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2012.04.05 20:41:41 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2012.04.05 20:41:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2012.04.05 20:41:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2012.04.05 20:41:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.04.05 20:39:31 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.04.05 20:39:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2012.04.05 20:14:41 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\Wallpaper
[2012.04.05 20:11:26 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\League Of Legends
[2012.04.05 20:11:14 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\PMB Files
[2012.04.05 20:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2012.04.05 20:11:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2012.04.05 19:56:25 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Skype
[2012.04.05 19:56:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.04.05 19:56:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012.04.05 19:56:17 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2012.04.05 19:56:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2012.04.05 18:37:35 | 000,000,000 | ---D | C] -- C:\Users\Stefan\Desktop\Monitor_Acer_1.0_Win7VistaXPx86x64_GN245HQ
[2012.04.05 18:12:39 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\DisplayTune
[2012.04.05 18:09:33 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012.04.05 18:08:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.04.05 18:08:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012.04.05 18:07:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2012.04.05 15:53:57 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Macromedia
[2012.04.05 15:53:57 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Adobe
[2012.04.05 15:45:06 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2012.04.05 15:40:07 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Google
[2012.04.05 15:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012.04.05 15:23:00 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2012.04.05 15:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.04.05 15:16:02 | 000,016,376 | ---- | C] (TeamViewer GmbH) -- C:\Windows\SysNative\drivers\TVMonitor.sys
[2012.04.05 15:16:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2012.04.05 01:03:53 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2012.04.05 01:00:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!WLAN
[2012.04.05 01:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\avmwlanstick
[2012.04.05 01:00:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVM_update
[2012.04.05 00:52:50 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\ElevatedDiagnostics
[2012.04.05 00:32:30 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AVM_Driver
[2012.04.05 00:14:39 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012.04.05 00:14:39 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Searches
[2012.04.05 00:14:39 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012.04.05 00:14:30 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Identities
[2012.04.05 00:14:28 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Contacts
[2012.04.05 00:14:26 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\VirtualStore
[2012.04.05 00:14:19 | 000,000,000 | --SD | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Videos
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Saved Games
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Pictures
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Music
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Links
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Favorites
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Downloads
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Documents
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\Desktop
[2012.04.05 00:14:19 | 000,000,000 | R--D | C] -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Vorlagen
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\AppData\Local\Verlauf
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\AppData\Local\Temporary Internet Files
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Startmenü
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\SendTo
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Recent
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Netzwerkumgebung
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Lokale Einstellungen
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Documents\Eigene Videos
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Documents\Eigene Musik
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Eigene Dateien
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Documents\Eigene Bilder
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Druckumgebung
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Cookies
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\AppData\Local\Anwendungsdaten
[2012.04.05 00:14:19 | 000,000,000 | -HSD | C] -- C:\Users\Stefan\Anwendungsdaten
[2012.04.05 00:14:19 | 000,000,000 | -H-D | C] -- C:\Users\Stefan\AppData
[2012.04.05 00:14:19 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Temp
[2012.04.05 00:14:19 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Local\Microsoft
[2012.04.05 00:14:19 | 000,000,000 | ---D | C] -- C:\Users\Stefan\AppData\Roaming\Media Center Programs
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\Recovery
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\Programme
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2012.04.05 00:14:11 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2012.04.05 00:07:43 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012.04.05 00:05:36 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2012.04.05 00:04:55 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012.03.09 07:11:16 | 000,496,128 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012.03.09 07:10:20 | 000,235,520 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012.03.09 07:08:50 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012.03.09 07:08:02 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012.03.09 05:47:22 | 000,058,880 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst.dll
[2012.03.09 01:24:22 | 000,054,272 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.03.09 01:24:14 | 000,048,128 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2012.04.06 19:44:26 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.04.06 19:44:26 | 000,009,888 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.04.06 19:43:02 | 001,619,012 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.04.06 19:43:02 | 000,698,720 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.04.06 19:43:02 | 000,654,038 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.04.06 19:43:02 | 000,148,916 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.04.06 19:43:02 | 000,121,870 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.04.06 19:36:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.04.06 19:36:29 | 529,141,759 | -HS- | M] () -- C:\hiberfil.sys
[2012.04.06 19:34:16 | 001,595,970 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.06 18:31:27 | 000,274,464 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.04.06 18:00:55 | 000,002,093 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.04.06 17:40:23 | 000,018,094 | ---- | M] () -- C:\Users\Stefan\Desktop\cc_20120406_174014.reg
[2012.04.06 17:34:58 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.04.06 16:31:41 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2012.04.05 20:46:46 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.04.05 20:45:58 | 000,001,720 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2012.04.05 19:56:20 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.05 19:51:19 | 000,000,355 | ---- | M] () -- C:\Users\Stefan\Desktop\Computer.lnk
[2012.04.05 18:08:08 | 000,002,048 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader - Schnellstart.lnk
[2012.04.05 18:08:08 | 000,002,025 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 7.0.lnk
[2012.04.05 17:56:25 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.04.05 17:56:24 | 002,308,096 | ---- | M] () -- C:\Windows\SysNative\jscript9.dll
[2012.04.05 17:56:24 | 000,267,776 | ---- | M] () -- C:\Windows\SysNative\ieaksie.dll
[2012.04.05 17:56:24 | 000,173,056 | ---- | M] () -- C:\Windows\SysNative\ieUnatt.exe
[2012.04.05 17:56:24 | 000,163,840 | ---- | M] () -- C:\Windows\SysNative\ieakui.dll
[2012.04.05 17:56:24 | 000,149,504 | ---- | M] () -- C:\Windows\SysNative\occache.dll
[2012.04.05 17:56:24 | 000,114,176 | ---- | M] () -- C:\Windows\SysNative\admparse.dll
[2012.04.05 17:56:24 | 000,065,024 | ---- | M] () -- C:\Windows\SysNative\pngfilt.dll
[2012.04.05 17:56:24 | 000,012,288 | ---- | M] () -- C:\Windows\SysNative\mshta.exe
[2012.04.05 17:56:23 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.04.05 15:45:07 | 000,002,318 | ---- | M] () -- C:\Users\Stefan\Desktop\Google Chrome.lnk
[2012.04.05 15:16:05 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.04.05 00:20:07 | 000,000,644 | ---- | M] () -- C:\Users\Stefan\Desktop\Stefan - Verknüpfung.lnk
[2012.04.05 00:16:51 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.04.05 00:09:29 | 000,052,953 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012.04.05 00:09:29 | 000,052,953 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012.04.05 00:07:09 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.03.09 07:17:50 | 000,235,184 | ---- | M] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012.03.09 07:17:50 | 000,235,184 | ---- | M] () -- C:\Windows\SysNative\atiapfxx.blb
[2012.03.09 07:11:16 | 000,496,128 | ---- | M] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2012.03.09 07:10:20 | 000,235,520 | ---- | M] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2012.03.09 07:08:50 | 000,120,320 | ---- | M] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2012.03.09 07:08:02 | 000,021,504 | ---- | M] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2012.03.09 06:31:26 | 002,425,664 | ---- | M] () -- C:\Windows\SysNative\atiumd6a.cap
[2012.03.09 06:31:26 | 000,204,952 | ---- | M] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 06:31:26 | 000,204,952 | ---- | M] () -- C:\Windows\SysNative\ativvsvl.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | M] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | M] () -- C:\Windows\SysNative\ativvsva.dat
[2012.03.09 06:22:26 | 002,427,392 | ---- | M] () -- C:\Windows\SysWow64\atiumdva.cap
[2012.03.09 05:47:22 | 000,058,880 | ---- | M] (AMD) -- C:\Windows\SysNative\coinst.dll
[2012.03.09 01:26:24 | 000,061,952 | ---- | M] () -- C:\Windows\SysNative\OVDecode64.dll
[2012.03.09 01:26:20 | 000,054,784 | ---- | M] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.03.09 01:24:22 | 000,054,272 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012.03.09 01:24:14 | 000,048,128 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2012.04.06 17:41:39 | 000,347,904 | ---- | C] () -- C:\Windows\SysNative\systemsf.ebd
[2012.04.06 17:40:22 | 000,018,094 | ---- | C] () -- C:\Users\Stefan\Desktop\cc_20120406_174014.reg
[2012.04.06 17:39:23 | 000,010,429 | ---- | C] () -- C:\Windows\SysNative\ScavengeSpace.xml
[2012.04.06 17:38:51 | 000,105,559 | ---- | C] () -- C:\Windows\SysWow64\RacRules.xml
[2012.04.06 17:38:51 | 000,105,559 | ---- | C] () -- C:\Windows\SysNative\RacRules.xml
[2012.04.06 17:37:57 | 000,001,041 | ---- | C] () -- C:\Windows\SysWow64\tcpbidi.xml
[2012.04.06 17:34:58 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2012.04.06 16:31:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.04.05 20:46:46 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012.04.05 20:45:58 | 000,001,720 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2012.04.05 20:43:24 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.04.05 19:56:20 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.04.05 19:51:19 | 000,000,355 | ---- | C] () -- C:\Users\Stefan\Desktop\Computer.lnk
[2012.04.05 18:08:08 | 000,002,025 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 7.0.lnk
[2012.04.05 18:08:07 | 000,002,459 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 7.0.lnk
[2012.04.05 18:08:07 | 000,002,048 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader - Schnellstart.lnk
[2012.04.05 17:56:25 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.04.05 17:56:24 | 017,790,464 | ---- | C] () -- C:\Windows\SysNative\mshtml.dll
[2012.04.05 17:56:24 | 002,382,848 | ---- | C] () -- C:\Windows\SysNative\mshtml.tlb
[2012.04.05 17:56:24 | 002,308,096 | ---- | C] () -- C:\Windows\SysNative\jscript9.dll
[2012.04.05 17:56:24 | 000,267,776 | ---- | C] () -- C:\Windows\SysNative\ieaksie.dll
[2012.04.05 17:56:24 | 000,173,056 | ---- | C] () -- C:\Windows\SysNative\ieUnatt.exe
[2012.04.05 17:56:24 | 000,163,840 | ---- | C] () -- C:\Windows\SysNative\ieakui.dll
[2012.04.05 17:56:24 | 000,149,504 | ---- | C] () -- C:\Windows\SysNative\occache.dll
[2012.04.05 17:56:24 | 000,114,176 | ---- | C] () -- C:\Windows\SysNative\admparse.dll
[2012.04.05 17:56:24 | 000,065,024 | ---- | C] () -- C:\Windows\SysNative\pngfilt.dll
[2012.04.05 17:56:24 | 000,012,288 | ---- | C] () -- C:\Windows\SysNative\mshta.exe
[2012.04.05 17:56:23 | 010,887,168 | ---- | C] () -- C:\Windows\SysNative\ieframe.dll
[2012.04.05 17:56:23 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.04.05 15:45:07 | 000,002,318 | ---- | C] () -- C:\Users\Stefan\Desktop\Google Chrome.lnk
[2012.04.05 15:23:47 | 000,002,093 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012.04.05 15:23:12 | 001,595,970 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.04.05 15:16:05 | 000,001,174 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 7.lnk
[2012.04.05 15:16:05 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 7.lnk
[2012.04.05 00:20:07 | 000,000,644 | ---- | C] () -- C:\Users\Stefan\Desktop\Stefan - Verknüpfung.lnk
[2012.04.05 00:16:51 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2012.04.05 00:14:45 | 000,001,405 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012.04.05 00:14:41 | 000,001,439 | ---- | C] () -- C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012.04.05 00:09:24 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2012.04.05 00:09:21 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2012.04.05 00:07:09 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2012.04.05 00:04:54 | 529,141,759 | -HS- | C] () -- C:\hiberfil.sys
[2012.03.09 07:17:50 | 000,235,184 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2012.03.09 07:17:50 | 000,235,184 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2012.03.09 06:31:26 | 002,425,664 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 06:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.09 06:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2012.03.09 06:22:26 | 002,427,392 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2012.03.09 01:26:24 | 000,061,952 | ---- | C] () -- C:\Windows\SysNative\OVDecode64.dll
[2012.03.09 01:26:20 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2012.01.31 07:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

[color=#E56717]========== LOP Check ==========[/color]

[2012.04.05 21:28:55 | 000,000,000 | ---D | M] -- C:\Users\Stefan\AppData\Roaming\DisplayTune
[2009.07.14 07:08:49 | 000,007,182 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[color=#E56717]========== Purity Check ==========[/color]



[color=#E56717]========== Custom Scans ==========[/color]

[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2012.04.06 17:19:16 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.04.05 21:19:17 | 000,000,000 | ---D | M] -- C:\AMD
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.04.05 00:14:11 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.04.06 17:38:49 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.04.06 17:34:15 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.04.06 17:34:15 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.04.05 00:14:11 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.04.05 00:14:11 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.04.05 20:39:34 | 000,000,000 | ---D | M] -- C:\Riot Games
[2012.04.06 20:13:11 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.04.05 00:14:19 | 000,000,000 | R--D | M] -- C:\Users
[2012.04.06 18:35:13 | 000,000,000 | ---D | M] -- C:\Windows

[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]

[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]

[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]

[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe

[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe

[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]

[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]

< End of report >

Der HijackThis Log ist:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:51:21, on 06.04.2012
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
C:\Users\Stefan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stefan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stefan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stefan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Users\Stefan\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Stefan\Downloads\HiJackThis204.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AVMWlanClient] C:\Program Files (x86)\avmwlanstick\wlangui.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOKALER DIENST')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETZWERKDIENST')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETZWERKDIENST')
O4 - Global Startup: Adobe Reader - Schnellstart.lnk = C:\Program Files (x86)\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avira Planer (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira Echtzeit Scanner (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVM WLAN Connection Service - AVM Berlin - C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7300 bytes
Und der CBS log ist angehängt.

Ich wäre sehr erfreut wenn Ihr wisst was man da tun kann.
Ich hoffe Ihr findet eine Lösung, weil ich eher weniger Lust hab den PC schon wieder neu aufzusetzen.

MfG Marcus

Anhang: CBS.txt
Seitenanfang Seitenende
06.04.2012, 21:58
Swisstreasure
Moderator

Beiträge: 5694
#2

Zitat

Ich hoffe Ihr findet eine Lösung, weil ich eher weniger Lust hab den PC schon wieder neu aufzusetzen.
Es wäre sinnlos in neu aufesetztes System zu bereinigen. Hast Du es richtig neu aufgesetzt?
Seitenanfang Seitenende
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!

Folgende Themen könnten Dich auch interessieren:
Seite(n): 1