Adobe Flash Player will immer installiert werden....Virus eingefangen?!

syn1988 · 22.10.2012, 16:15

Hallo... Ich bin neu hier und das erste mal in so einem Forum Aktiv....
Ich weiss einfach nicht mehr weiter.... seit einer woche öffnet sich immer ein fenster von Adobe Flash Player... angefangen hat es damit das ich nicht mehr auf facebook kam aufgrund von Invalid "Server Certificate". Im grunde funktioniert auch alles, nur wie gesagt ich komme mit "Google Crome" nicht mehr auf Facebook und dieses Fenster von Adobe öffnet sich immer wieder... und mein Virenscanner findet auch nichts... Ich habe nachforschungen im netz gemacht und da kamen nur die möglichkeiten raus meine Uhrzeit und mein Datum im BIOS zu ändern oder wie es heisst, ich ein riesen Virus auf meinem Rechner habe.... ich habe alles versucht ihn zu löschen bzw. zu entfernen... ich bin aber ein totaler anfänger was das betrifft!!! kann mir jemand helfen bitte... ich bin von meinem Rechner starck abhängig, da ich mit ihm mein geld verdiene....
Vielen dank schon im vorraus...
Grüße Syn

schrauber · 23.10.2012, 07:42

Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die OTL.exe.
Kopiere nun den Inhalt aus der Codebox in die Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
%windir%\installer\*. /5
%localappdata%\*. /5
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

syn1988 · 23.10.2012, 22:06

So habe deine Anweisungen befolgt das sin die Daten von OTL.Txt
OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 23.10.2012 13:45:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Syn Cee\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 79,58% Memory free
7,09 Gb Paging File | 6,40 Gb Available in Paging File | 90,27% Paging File free
Paging file location(s): C:\pagefile.sys 4092 6138 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.0 | %ProgramFiles% = C:\Program Files
Drive C: | 56,63 Gb Total Space | 6,01 Gb Free Space | 10,61% Space Free | Partition Type: NTFS
Drive F: | 19,70 Gb Total Space | 4,89 Gb Free Space | 24,81% Space Free | Partition Type: NTFS
 
Computer Name: MORUK-78488737C | User Name: Syn Cee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.10.23 13:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Syn Cee\Desktop\OTL.exe
PRC - [2012.09.07 22:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.09.07 22:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.09.07 22:04:44 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.08.07 07:40:40 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.01 14:12:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.01 13:04:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.23 14:41:55 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.01.12 03:23:20 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Application Data\WOT\IE\WOTUpdater.exe
PRC - [2011.04.07 08:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
PRC - [2011.03.01 01:07:19 | 001,504,768 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\explorer.exe
PRC - [2009.03.10 10:48:14 | 000,934,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS.0\system32\WgaTray.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.27 13:51:38 | 000,301,056 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.DEU
MOD - [2012.07.12 10:21:11 | 011,817,472 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\System.Web\dbc413807cb7360b3e26ef3ca1d54f9a\System.Web.ni.dll
MOD - [2012.07.12 03:38:44 | 012,433,920 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\01abbadafaf265d9f4ac9bbb247acb98\System.Windows.Forms.ni.dll
MOD - [2012.07.12 03:38:32 | 001,592,320 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\System.Drawing\d86f2038209a4cf0d0f5b30f6375c9b2\System.Drawing.ni.dll
MOD - [2012.07.11 11:08:41 | 000,303,104 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.06.07 09:38:44 | 000,971,264 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\System.Configuration\3d5b7368bde0f65aa15d9f46b498cc89\System.Configuration.ni.dll
MOD - [2012.06.07 09:38:37 | 000,025,600 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\Accessibility\016444dfc5f7e3d11c776f2fbc7a4594\Accessibility.ni.dll
MOD - [2012.06.07 04:10:57 | 005,450,752 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\System.Xml\3bba1b8b0b5ef0be238b011cc7a0575e\System.Xml.ni.dll
MOD - [2012.06.07 04:08:26 | 007,953,408 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\System\e4b5afc4da43b1c576f9322f9f2e1bfe\System.ni.dll
MOD - [2012.06.06 12:06:10 | 011,492,352 | ---- | M] () -- C:\WINDOWS.0\assembly\NativeImages_v2.0.50727_32\mscorlib\e337c89bc9f81b69d7237aa70e935900\mscorlib.ni.dll
MOD - [2012.05.11 07:21:39 | 000,380,928 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3693.39594__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:39 | 000,204,800 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3693.39624__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2012.05.11 07:21:39 | 000,040,960 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3693.39616__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2012.05.11 07:21:38 | 001,736,704 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3693.39622__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2012.05.11 07:21:38 | 000,077,824 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3693.39701__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:38 | 000,069,632 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3693.39671__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:38 | 000,053,248 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3693.39656__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:38 | 000,020,480 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3693.39608__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:37 | 000,491,520 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3693.39728__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2012.05.11 07:21:37 | 000,073,728 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3693.39606__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:37 | 000,065,536 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3693.39729__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:37 | 000,013,312 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3693.39773__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:36 | 000,356,352 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3693.39678__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:36 | 000,094,208 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3693.39679__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2012.05.11 07:21:36 | 000,065,536 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3693.39678__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:34 | 000,827,392 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3693.39660__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:34 | 000,409,600 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3693.39691__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2012.05.11 07:21:34 | 000,094,208 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3693.39659__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:33 | 000,573,440 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3693.39626__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:33 | 000,409,600 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3693.39610__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:33 | 000,196,608 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3693.39625__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:33 | 000,094,208 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3693.39666__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:33 | 000,040,960 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3693.39666__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:33 | 000,040,960 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3693.39630__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:32 | 000,397,312 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3693.39658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:32 | 000,372,736 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3693.39652__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:32 | 000,270,336 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2012.05.11 07:21:32 | 000,065,536 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3693.39657__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:32 | 000,045,056 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3693.39658__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:32 | 000,036,864 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3693.39668__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2012.05.11 07:21:31 | 000,008,192 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3693.39586__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2012.05.11 07:21:31 | 000,007,168 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2012.05.11 07:21:31 | 000,007,168 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3693.39581__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2012.05.11 07:21:31 | 000,006,656 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3693.39726__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2012.05.11 07:21:31 | 000,006,144 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3693.39587__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2012.05.11 07:21:31 | 000,005,632 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3693.39736__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2012.05.11 07:21:31 | 000,005,632 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3693.39593__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2012.05.11 07:21:31 | 000,005,632 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3693.39587__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2012.05.11 07:21:29 | 000,151,552 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3693.39584__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2012.05.11 07:21:29 | 000,098,304 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Foundation\2.0.3693.39581__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2012.05.11 07:21:29 | 000,045,056 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2012.05.11 07:21:29 | 000,032,768 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\LOG.Foundation\2.0.3693.39579__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2012.05.11 07:21:29 | 000,028,672 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3693.39720__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2012.05.11 07:21:29 | 000,024,576 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3693.39583__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2012.05.11 07:21:29 | 000,020,480 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3693.39583__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2012.05.11 07:21:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2012.05.11 07:21:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2012.05.11 07:21:29 | 000,016,384 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3693.39615__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2012.05.11 07:21:29 | 000,015,360 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3693.39581__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2012.05.11 07:21:29 | 000,007,680 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3693.39582__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2012.05.11 07:21:29 | 000,006,656 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\DEM.Graphics\2.0.3693.39592__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2012.05.11 07:21:29 | 000,005,632 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\MOM.Foundation\2.0.3693.39585__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2012.05.11 07:21:29 | 000,005,632 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3693.39586__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2012.05.11 07:21:28 | 000,057,344 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3693.39677__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2012.05.11 07:21:28 | 000,040,960 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3693.39727__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2012.05.11 07:21:28 | 000,016,384 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3693.39606__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2012.05.11 07:21:28 | 000,009,728 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3693.39728__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2012.05.11 07:21:27 | 000,065,536 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3693.39700__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2012.05.11 07:21:27 | 000,061,440 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3693.39646__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2012.05.11 07:21:27 | 000,028,672 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3693.39607__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2012.05.11 07:21:27 | 000,024,576 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3693.39665__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2012.05.11 07:21:27 | 000,020,480 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3693.39593__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2012.05.11 07:21:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3693.39621__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2012.05.11 07:21:26 | 000,053,248 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3693.39657__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2012.05.11 07:21:26 | 000,049,152 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3693.39606__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2012.05.11 07:21:26 | 000,040,960 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3693.39670__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2012.05.11 07:21:26 | 000,032,768 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3693.39607__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2012.05.11 07:21:26 | 000,028,672 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3693.39620__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2012.05.11 07:21:26 | 000,020,480 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\APM.Foundation\2.0.3693.39582__90ba9c70f846762e\APM.Foundation.dll
MOD - [2012.05.11 07:21:26 | 000,006,144 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3693.39588__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2012.05.11 07:21:25 | 000,741,376 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3693.39765__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2012.05.11 07:21:25 | 000,045,056 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3693.39736__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2012.05.11 07:21:25 | 000,014,848 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll
MOD - [2012.05.11 07:21:25 | 000,013,312 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll
MOD - [2012.05.11 07:21:25 | 000,007,168 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3693.39591__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2012.05.11 07:21:25 | 000,007,168 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3693.39588__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2012.05.11 07:21:24 | 000,577,536 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3693.39712__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2012.05.11 07:21:24 | 000,405,504 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3693.39615__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2012.05.11 07:21:24 | 000,106,496 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\MOM.Implementation\2.0.3693.39720__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2012.05.11 07:21:24 | 000,065,536 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3693.39717__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2012.05.11 07:21:24 | 000,040,960 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3693.39586__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2012.05.11 07:21:24 | 000,036,864 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3693.39584__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2012.05.11 07:21:24 | 000,020,480 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3693.39585__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2012.05.11 07:21:24 | 000,011,776 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3693.39614__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2012.05.11 07:21:23 | 000,061,440 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3693.39591__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2012.05.11 07:21:23 | 000,057,344 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3693.39592__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2012.05.11 07:21:23 | 000,049,152 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3693.39587__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2012.05.11 07:21:22 | 001,220,608 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3693.39601__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2012.05.11 07:21:22 | 000,040,960 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3693.39599__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2012.05.11 07:21:22 | 000,032,768 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2012.05.11 07:21:22 | 000,019,456 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CCC.Implementation\2.0.3693.39719__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2012.05.11 07:21:22 | 000,010,240 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3693.39599__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2012.05.11 07:21:22 | 000,008,704 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3693.39623__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2012.05.11 07:21:21 | 000,061,440 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\APM.Server\2.0.3693.39590__90ba9c70f846762e\APM.Server.dll
MOD - [2012.05.11 07:21:21 | 000,045,056 | ---- | M] () -- C:\WINDOWS.0\assembly\GAC_MSIL\AEM.Server\2.0.3693.39589__90ba9c70f846762e\AEM.Server.dll
MOD - [2012.04.16 11:41:02 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2012.02.20 09:59:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.02.20 09:58:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.01.12 03:23:20 | 000,018,432 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Application Data\WOT\IE\WOTUpdater.exe
MOD - [2008.08.20 18:54:52 | 000,245,248 | ---- | M] () -- \\?\globalroot\systemroot\system32\mswsock.dll
MOD - [2008.08.20 18:54:52 | 000,245,248 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012.10.15 12:34:17 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS.0\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.07 22:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.07 22:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.05.01 14:12:28 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.01 13:04:34 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.01.12 03:23:20 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Documents and Settings\Syn Cee\Application Data\WOT\IE\WOTUpdater.exe -- (WOTUpdater)
SRV - [2011.04.07 08:33:31 | 003,857,408 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | Auto | Stopped] -- system32\DRIVERS\zumbus.sys -- (zumbus)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.09.07 22:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012.04.26 22:50:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.24 13:02:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS.0\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 09:47:40 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2010.06.17 03:44:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS.0\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.02.10 10:52:04 | 004,614,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2010.01.29 00:10:04 | 000,082,320 | ---- | M] (EZB Systems, Inc.) [File_System | System | Running] -- F:\Program Files\UltraISO\drivers\ISODrive.sys -- (ISODrive)
DRV - [2009.08.18 06:02:00 | 005,884,416 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
DRV - [2008.10.30 09:44:20 | 000,117,888 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS.0\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2008.08.05 08:40:12 | 001,684,736 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\Ambfilt.sys -- (Ambfilt)
DRV - [2007.04.23 02:24:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\s115mgmt.sys -- (s115mgmt)
DRV - [2007.04.23 02:24:50 | 000,098,568 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\s115obex.sys -- (s115obex)
DRV - [2007.04.23 02:24:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\s115mdm.sys -- (s115mdm)
DRV - [2007.04.23 02:24:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\s115mdfl.sys -- (s115mdfl)
DRV - [2007.04.23 02:24:46 | 000,083,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\s115bus.sys -- (s115bus)
DRV - [2006.11.01 19:30:08 | 000,039,368 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\winusb.sys -- (WinUSB)
DRV - [2006.07.24 04:35:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\WINDOWS.0\System32\drivers\StarOpen.sys -- (StarOpen)
DRV - [2006.01.04 04:11:48 | 001,389,056 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\Monfilt.sys -- (Monfilt)
DRV - [2005.01.07 13:45:40 | 000,051,582 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\Tosporte.sys -- (tosporte)
DRV - [2005.01.06 02:12:42 | 000,018,612 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\tosrfnds.sys -- (tosrfnds)
DRV - [2004.12.24 07:06:38 | 000,097,792 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\TosRfbd.sys -- (Tosrfbd)
DRV - [2004.12.21 00:08:12 | 000,034,816 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\tosrfusb.sys -- (Tosrfusb)
DRV - [2004.12.15 06:00:14 | 000,050,048 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\TosRfSnd.sys -- (TosRfSnd)
DRV - [2004.11.15 11:21:54 | 000,050,048 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\TosRfhid.sys -- (Tosrfhid)
DRV - [2004.10.03 23:03:02 | 000,062,799 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Stopped] -- C:\WINDOWS.0\system32\drivers\tosrfcom.sys -- (Tosrfcom)
DRV - [2004.07.08 05:37:34 | 000,036,531 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\tosrfbnp.sys -- (Tosrfbnp)
DRV - [2002.10.16 02:25:48 | 000,002,851 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS.0\system32\drivers\Toshidpt.sys -- (toshidpt)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS.0\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.certified-toolbar.com/?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = AE BB 05 5B 82 2F CD 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = hxxp://search.certified-toolbar.com?si=41460&tid=592&bs=true&q=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=592
IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.certified-toolbar.com?si=41460&bs=true&tid=592&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)
 
 
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: 
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS.0\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: widdit (Enabled) = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ejdabpabkmacjiiooccecnpakonoibah\1.4_0\npwiddit.dll
CHR - plugin: Conduit Chrome Plugin (Enabled) = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cgiaikfpllchefojlnehlmpekeogihnm\2.3.15.10_0\plugins/ConduitChromeApiPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: AmazonMP3DownloaderPlugin (Enabled) = C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS.0\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - Extension: YouTube = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: WOT = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nphjeokkkbngjpiofnfpnafjeofjomfb\2.11.7_0\
CHR - Extension: Gmail = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2008.04.14 21:30:00 | 000,000,734 | ---- | M]) - C:\WINDOWS.0\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (WOT) - {9E571C81-21E7-496B-9E6B-127E60263022} - C:\Documents and Settings\Syn Cee\Application Data\WOT\IE\WOT.dll (WOT Services Oy)
O2 - BHO: (DownTango Launcher) - {b52d0735-ec19-448a-abde-e01b5bd275d2} - C:\Documents and Settings\Syn Cee\Application Data\DownTangoLauncherToolbar\DownTangoLauncherToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (DownTango Launcher) - {b52d0735-ec19-448a-abde-e01b5bd275d2} - C:\Documents and Settings\Syn Cee\Application Data\DownTangoLauncherToolbar\DownTangoLauncherToolbar.dll (Simplytech Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Easy Driver Pro] C:\Program Files\Probit Software\Easy Driver Pro\DPLauncher.exe File not found
O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\Syn Cee\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Program Files\Bonjour\mdnsNSP.dll File not found
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FFA93FE-0956-44BC-93E1-387051FF2F4B}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS.0\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS.0\system32\userinit.exe) - C:\WINDOWS.0\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS.0\System32\ati2evxx.dll (ATI Technologies Inc.)
O24 - Desktop Components:0 () - hxxp://i.minus.com/ibrTfxYces0krk.gif
O24 - Desktop Components:1 (My Current Home Page) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.05.05 04:05:04 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - Unable to obtain root file information for disk C:\
O33 - MountPoints2\{655c2df4-fe46-11e1-9326-002522f42dd1}\Shell - "" = AutoRun
O33 - MountPoints2\{655c2df4-fe46-11e1-9326-002522f42dd1}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{655c2df4-fe46-11e1-9326-002522f42dd1}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789)
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS.0\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player 11
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework
ActiveX: {73fa19d0-2d75-11d2-995d-00c04f98bbc9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS.0\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS.0\system32\Rundll32.exe C:\WINDOWS.0\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - 
ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework
ActiveX: {C3C986D6-06B1-43BF-90DD-BE30756C00DE} - RevokedRootsUpdate
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Shockwave Flash
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS.0\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS.0\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS.0\system32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS.0\system32\rundll32.exe" "C:\WINDOWS.0\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
 
NetSvcs: 6to4 -  File not found
NetSvcs: Ias -  File not found
NetSvcs: Iprip -  File not found
NetSvcs: Irmon -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: BITS -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.10.23 13:39:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Syn Cee\Desktop\OTL.exe
[2012.10.19 12:08:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Application Data\SynthMaker
[2012.10.16 15:51:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Start Menu\Programs\Google Chrome
[2012.10.16 14:48:09 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.10.16 01:36:27 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Syn Cee\IECompatCache
[2012.10.15 20:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Application Data\Malwarebytes
[2012.10.15 20:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.15 20:01:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2012.10.15 20:01:41 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS.0\System32\drivers\mbam.sys
[2012.10.15 20:01:41 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.10.15 12:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Opera
[2012.10.15 12:20:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Application Data\Opera
[2012.10.15 12:20:45 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
[2012.10.15 10:26:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\Macromedia
[2012.10.15 09:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\SimplyTech
[2012.10.15 09:19:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\DownTangoLauncherToolbar
[2012.10.14 12:10:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Local Settings\Application Data\DownTangoLauncherToolbar
[2012.10.14 07:31:31 | 000,000,000 | ---D | C] -- C:\Rapaufnahmen
[2012.10.13 15:48:53 | 000,000,000 | ---D | C] -- C:\Program Files\IK Multimedia
[2012.10.13 11:31:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Desktop\hooks
[2012.10.13 10:45:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Desktop\Voices+hook
[2012.10.11 09:54:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Local Settings\Application Data\SimplyTech
[2012.10.11 09:53:28 | 000,000,000 | ---D | C] -- C:\Program Files\DownTangoLauncherToolbar
[2012.10.11 09:53:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Application Data\DownTangoLauncherToolbar
[2012.10.11 09:53:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Local Settings\Application Data\DownTango
[2012.10.11 09:52:59 | 000,000,000 | ---D | C] -- C:\Program Files\Red Sky
[2012.10.11 08:08:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Desktop\King Absurd Beats
[2012.10.10 03:02:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Application Data\4Front
[2012.10.10 03:02:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\TruePianos Settings
[2012.10.10 03:01:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\4Front
[2012.10.10 03:01:21 | 000,000,000 | ---D | C] -- C:\Program Files\TruePianos
[2012.10.10 02:59:09 | 117,659,704 | ---- | C] (4Front Technologies                                         ) -- C:\setup-truepianos-1-demo.exe
[2012.10.09 23:43:47 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Desktop\sc_update_tmp
[2012.10.09 23:43:38 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{1CEDDDD4-56D2-463F-BC4E-C5DFFD3533C9}
[2012.10.09 23:40:58 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
[2012.10.09 23:40:24 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
[2012.10.09 23:39:57 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2012.10.09 23:39:25 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2012.09.30 03:53:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Application Data\simplitec
[2012.09.30 00:32:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\My Documents\Music Maker Soundtrack Edition
[2012.09.30 00:32:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\My Documents\MAGIX
[2012.09.30 00:21:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\simplitec
[2012.09.30 00:21:18 | 000,000,000 | ---D | C] -- C:\Program Files\MSXML 4.0
[2012.09.30 00:21:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2012.09.30 00:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\My Documents\MAGIX Downloads
[2012.09.30 00:10:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Syn Cee\Application Data\MAGIX
[2 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.10.23 13:39:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Syn Cee\Desktop\OTL.exe
[2012.10.23 13:31:01 | 000,001,006 | ---- | M] () -- C:\WINDOWS.0\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1770027372-725345543-1003UA.job
[2012.10.23 13:29:00 | 000,000,888 | ---- | M] () -- C:\WINDOWS.0\tasks\Adobe Flash Player Updater.job
[2012.10.23 12:59:00 | 000,001,198 | ---- | M] () -- C:\WINDOWS.0\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1770027372-725345543-1003UA.job
[2012.10.23 09:45:46 | 000,432,356 | ---- | M] () -- C:\WINDOWS.0\System32\perfh009.dat
[2012.10.23 09:45:46 | 000,067,312 | ---- | M] () -- C:\WINDOWS.0\System32\perfc009.dat
[2012.10.23 09:42:12 | 000,002,206 | ---- | M] () -- C:\WINDOWS.0\System32\wpa.dbl
[2012.10.23 09:41:39 | 000,002,048 | --S- | M] () -- C:\WINDOWS.0\bootstat.dat
[2012.10.22 09:59:10 | 000,105,793 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Reddadown beat.flp
[2012.10.22 05:13:01 | 022,518,935 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\gansta beat1.zip
[2012.10.21 10:27:54 | 000,046,184 | -H-- | M] () -- C:\WINDOWS.0\System32\mlfcache.dat
[2012.10.19 15:59:00 | 000,001,146 | ---- | M] () -- C:\WINDOWS.0\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1770027372-725345543-1003Core.job
[2012.10.17 03:14:08 | 005,461,228 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\gansta beat1.mp3
[2012.10.16 15:51:24 | 000,002,302 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Google Chrome.lnk
[2012.10.16 15:51:24 | 000,002,280 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.10.15 20:01:42 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.15 12:20:54 | 000,001,510 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2012.10.15 12:20:54 | 000,001,492 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2012.10.14 12:12:25 | 000,558,133 | ---- | M] () -- C:\WINDOWS.0\System32\sqlite3.dll
[2012.10.14 11:10:09 | 000,001,098 | ---- | M] () -- C:\sharedaccess.zip
[2012.10.14 09:22:07 | 003,487,451 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Horror
[2012.10.14 08:01:00 | 000,000,984 | ---- | M] () -- C:\WINDOWS.0\tasks\FacebookUpdateTaskUserS-1-5-21-1960408961-1770027372-725345543-1003Core.job
[2012.10.14 06:50:28 | 013,820,068 | ---- | M] () -- C:\DSK_Indian_DreamZ.zip
[2012.10.14 06:05:42 | 004,201,604 | ---- | M] () -- C:\new (1).mp3
[2012.10.14 05:52:34 | 019,497,004 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (12).wav
[2012.10.14 05:52:34 | 000,114,328 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (12).pk
[2012.10.14 05:52:28 | 019,497,004 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (12).wav
[2012.10.14 05:52:28 | 000,114,328 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (12).pk
[2012.10.14 05:52:22 | 007,729,196 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (13).wav
[2012.10.14 05:52:22 | 000,045,376 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (13).pk
[2012.10.14 05:52:19 | 007,729,196 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (13).wav
[2012.10.14 05:52:19 | 000,045,376 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (13).pk
[2012.10.14 05:52:08 | 007,729,196 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (14).wav
[2012.10.14 05:52:08 | 000,045,376 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (14).pk
[2012.10.14 05:52:08 | 000,016,798 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Untitled.ses
[2012.10.14 05:52:05 | 007,729,196 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (14).wav
[2012.10.14 05:52:05 | 000,045,376 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (14).pk
[2012.10.14 05:52:03 | 017,059,884 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (3).wav
[2012.10.14 05:52:03 | 000,100,048 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (3).pk
[2012.10.14 05:51:59 | 017,059,884 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (3).wav
[2012.10.14 05:51:59 | 000,100,048 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (3).pk
[2012.10.14 05:20:22 | 003,438,829 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\beatrap.mp3
[2012.10.14 04:32:56 | 000,001,733 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Avira Free Antivirus Profil Lokale Festplatten.LNK
[2012.10.14 04:32:07 | 000,001,735 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Avira Free Antivirus Profil Lokale Laufwerke.LNK
[2012.10.14 04:28:40 | 000,032,100 | ---- | M] () -- C:\Documents
[2012.10.13 17:34:30 | 000,000,016 | ---- | M] () -- C:\WINDOWS.0\System32\w3data.vss
[2012.10.13 17:34:30 | 000,000,016 | ---- | M] () -- C:\WINDOWS.0\System32\msvcsv60.dll
[2012.10.13 17:34:30 | 000,000,016 | ---- | M] () -- C:\WINDOWS.0\msocreg32.dat
[2012.10.13 16:48:23 | 005,461,228 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\gagnsta beat1-prod. by syn cee.mp3
[2012.10.13 15:46:45 | 162,603,489 | ---- | M] () -- C:\Lex Luger Drum Kits - All - 3 Packs.rar
[2012.10.13 15:08:47 | 000,108,503 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Trap.flp
[2012.10.13 14:05:04 | 010,857,662 | ---- | M] () -- C:\purpsbeats+tetristraptype.mp3
[2012.10.13 12:40:53 | 000,016,896 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.10.13 11:32:11 | 004,827,738 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\hooks.rar
[2012.10.13 10:45:40 | 004,254,675 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Voices+hook.rar
[2012.10.13 10:41:29 | 000,020,970 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\first track.ses
[2012.10.13 09:00:28 | 024,052,862 | ---- | M] () -- C:\Beat der Dich Fickt.wav
[2012.10.13 07:39:16 | 046,352,728 | ---- | M] () -- C:\0 Eur für´n 16er Vol.3 [2012].zip
[2012.10.12 11:15:42 | 006,592,908 | ---- | M] () -- C:\Berlin (Beat by. Cy-Music).mp3
[2012.10.11 16:54:23 | 003,997,780 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\first track.mp3
[2012.10.11 16:49:51 | 012,673,068 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 13 (4).wav
[2012.10.11 16:49:51 | 000,074,344 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 13 (4).pk
[2012.10.11 16:49:48 | 012,673,068 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 12 (4).wav
[2012.10.11 16:49:48 | 000,074,344 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 12 (4).pk
[2012.10.11 16:49:45 | 010,653,740 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 11.wav
[2012.10.11 16:49:45 | 000,062,512 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 11.pk
[2012.10.11 16:49:41 | 010,653,740 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 10.wav
[2012.10.11 16:49:41 | 000,062,512 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 10.pk
[2012.10.11 16:49:37 | 000,068,224 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 8 (8).pk
[2012.10.11 16:49:37 | 000,058,840 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 6 (2).pk
[2012.10.11 16:30:16 | 010,027,052 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 6 (2).wav
[2012.10.11 16:30:14 | 011,628,588 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 8 (8).wav
[2012.10.11 16:30:12 | 011,628,588 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 9 (8).wav
[2012.10.11 16:30:12 | 000,068,224 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 9 (8).pk
[2012.10.11 16:30:09 | 010,027,052 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 7 (2).wav
[2012.10.11 16:30:09 | 000,058,840 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 7 (2).pk
[2012.10.11 16:30:07 | 017,386,796 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (6).wav
[2012.10.11 16:30:07 | 000,203,836 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (6).pk
[2012.10.11 16:30:03 | 017,386,796 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (6).wav
[2012.10.11 16:30:03 | 000,203,836 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (6).pk
[2012.10.11 13:12:00 | 000,036,400 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (5).pk
[2012.10.11 13:04:00 | 003,305,082 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\untitled.mp3
[2012.10.11 12:54:29 | 002,643,174 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\zo.mp3
[2012.10.11 12:24:56 | 003,302,992 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Beat.mp3
[2012.10.11 09:53:15 | 000,000,014 | ---- | M] () -- C:\end
[2012.10.11 06:48:46 | 000,075,892 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\gansta beat1.flp
[2012.10.10 12:15:58 | 000,062,494 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\STEFFANBEAT.flp
[2012.10.10 04:36:04 | 000,001,393 | ---- | M] () -- C:\WINDOWS.0\imsins.BAK
[2012.10.10 03:01:03 | 117,659,704 | ---- | M] (4Front Technologies                                         ) -- C:\setup-truepianos-1-demo.exe
[2012.10.09 23:43:28 | 000,000,811 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Guitar Rig 5.lnk
[2012.10.09 23:39:55 | 000,000,861 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Controller Editor.lnk
[2012.10.09 23:39:17 | 000,000,826 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Service Center.lnk
[2012.10.09 23:33:21 | 009,892,143 | ---- | M] () -- C:\10-Start From Scratch [ft. Marsha Of Floetry].mp3
[2012.10.05 08:43:51 | 000,481,768 | ---- | M] () -- C:\lovebeat.mp3
[2012.10.05 08:16:26 | 000,998,537 | ---- | M] () -- C:\syn test 2.mp3
[2012.10.03 06:04:22 | 005,244,413 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Xylobeat- by. syn cee.mp3
[2012.10.03 06:03:08 | 046,248,358 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\xylobeat- by syn cee.wav
[2012.10.03 05:59:08 | 000,732,297 | ---- | M] () -- C:\mixdem.mp3
[2012.10.03 03:54:43 | 002,056,777 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Voice und beat.MP3
[2012.10.03 03:39:22 | 002,056,777 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Voice1.MP3
[2012.10.02 13:02:53 | 001,377,799 | ---- | M] () -- C:\ME SYN CEE.jpg
[2012.10.02 11:46:33 | 000,022,746 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\P1553[01]_08-02-11.jpg
[2012.10.02 11:45:36 | 000,015,853 | ---- | M] () -- C:\1160777089.jpg
[2012.10.02 08:50:06 | 003,841,881 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Syn Rap verse 1.mp3
[2012.10.01 02:13:36 | 002,068,968 | ---- | M] () -- C:\Syn_Cee1_-_Piano_Splatter_www.rappers.in.mp3
[2012.09.30 03:50:34 | 000,220,840 | ---- | M] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2012.09.30 02:28:19 | 002,003,696 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\New2.MP3
[2012.09.30 02:27:01 | 002,003,696 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\New.2
[2012.09.30 01:18:02 | 001,573,510 | ---- | M] () -- C:\TC_manualDE.pdf
[2012.09.30 00:55:39 | 000,564,872 | ---- | M] () -- C:\New.MP3
[2012.09.30 00:26:09 | 000,120,200 | ---- | M] () -- C:\WINDOWS.0\System32\DLLDEV32i.dll
[2012.09.29 10:42:12 | 000,241,216 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (2).pk
[2012.09.29 10:38:40 | 000,015,337 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\disstrack.ses
[2012.09.28 08:58:40 | 000,063,379 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\big smoke.flp
[2012.09.26 13:10:42 | 000,109,087 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\2012.flp
[2012.09.26 06:06:06 | 000,174,681 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\new techno.flp
[2012.09.26 04:36:41 | 017,619,233 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\big smoke beat two.flp
[2012.09.25 04:44:49 | 000,066,948 | ---- | M] () -- C:\Documents and Settings\Syn Cee\Desktop\New big smoke beat.flp
[2012.09.25 02:41:34 | 000,000,576 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\UltraISO.lnk
[2 C:\WINDOWS.0\*.tmp files -> C:\WINDOWS.0\*.tmp -> ]
[1 C:\WINDOWS.0\System32\*.tmp files -> C:\WINDOWS.0\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.10.21 08:34:46 | 000,105,793 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Reddadown beat.flp
[2012.10.16 15:51:24 | 000,002,302 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Google Chrome.lnk
[2012.10.16 15:51:24 | 000,002,280 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012.10.16 15:49:34 | 000,001,198 | ---- | C] () -- C:\WINDOWS.0\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1770027372-725345543-1003UA.job
[2012.10.16 15:49:33 | 000,001,146 | ---- | C] () -- C:\WINDOWS.0\tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1770027372-725345543-1003Core.job
[2012.10.15 20:01:42 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.10.15 13:10:52 | 005,461,228 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\gansta beat1.mp3
[2012.10.15 12:34:18 | 000,000,888 | ---- | C] () -- C:\WINDOWS.0\tasks\Adobe Flash Player Updater.job
[2012.10.15 12:20:54 | 000,001,510 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
[2012.10.15 12:20:54 | 000,001,498 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
[2012.10.15 12:20:54 | 000,001,492 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
[2012.10.14 11:24:03 | 000,005,772 | ---- | C] () -- C:\WINDOWS.0\sharedaccess.reg
[2012.10.14 11:16:55 | 000,005,772 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\sharedaccess.reg
[2012.10.14 11:10:07 | 000,001,098 | ---- | C] () -- C:\sharedaccess.zip
[2012.10.14 09:17:21 | 003,487,451 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Horror
[2012.10.14 06:49:45 | 013,820,068 | ---- | C] () -- C:\DSK_Indian_DreamZ.zip
[2012.10.14 06:05:38 | 004,201,604 | ---- | C] () -- C:\new (1).mp3
[2012.10.14 05:52:22 | 000,045,376 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (13).pk
[2012.10.14 05:52:21 | 007,729,196 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (13).wav
[2012.10.14 05:52:19 | 000,045,376 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (13).pk
[2012.10.14 05:52:18 | 007,729,196 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (13).wav
[2012.10.14 05:52:08 | 000,045,376 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (14).pk
[2012.10.14 05:52:07 | 007,729,196 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (14).wav
[2012.10.14 05:52:05 | 000,045,376 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (14).pk
[2012.10.14 05:52:04 | 007,729,196 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (14).wav
[2012.10.14 05:52:03 | 000,100,048 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (3).pk
[2012.10.14 05:52:01 | 017,059,884 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (3).wav
[2012.10.14 05:51:59 | 000,100,048 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (3).pk
[2012.10.14 05:51:56 | 017,059,884 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (3).wav
[2012.10.14 05:20:01 | 003,438,829 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\beatrap.mp3
[2012.10.14 04:32:56 | 000,001,733 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Avira Free Antivirus Profil Lokale Festplatten.LNK
[2012.10.14 04:32:07 | 000,001,735 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Avira Free Antivirus Profil Lokale Laufwerke.LNK
[2012.10.14 04:28:36 | 000,032,100 | ---- | C] () -- C:\Documents
[2012.10.13 15:49:34 | 000,000,016 | ---- | C] () -- C:\WINDOWS.0\System32\w3data.vss
[2012.10.13 15:49:34 | 000,000,016 | ---- | C] () -- C:\WINDOWS.0\System32\msvcsv60.dll
[2012.10.13 15:49:34 | 000,000,016 | ---- | C] () -- C:\WINDOWS.0\msocreg32.dat
[2012.10.13 15:39:45 | 162,603,489 | ---- | C] () -- C:\Lex Luger Drum Kits - All - 3 Packs.rar
[2012.10.13 15:08:46 | 000,108,503 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Trap.flp
[2012.10.13 14:04:45 | 010,857,662 | ---- | C] () -- C:\purpsbeats+tetristraptype.mp3
[2012.10.13 11:32:09 | 004,827,738 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\hooks.rar
[2012.10.13 10:45:38 | 004,254,675 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Voices+hook.rar
[2012.10.13 09:07:05 | 022,518,935 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\gansta beat1.zip
[2012.10.13 08:59:21 | 024,052,862 | ---- | C] () -- C:\Beat der Dich Fickt.wav
[2012.10.13 07:36:21 | 046,352,728 | ---- | C] () -- C:\0 Eur für´n 16er Vol.3 [2012].zip
[2012.10.12 11:15:07 | 006,592,908 | ---- | C] () -- C:\Berlin (Beat by. Cy-Music).mp3
[2012.10.11 16:54:12 | 003,997,780 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\first track.mp3
[2012.10.11 16:49:51 | 000,074,344 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 13 (4).pk
[2012.10.11 16:49:49 | 012,673,068 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 13 (4).wav
[2012.10.11 16:49:48 | 000,074,344 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 12 (4).pk
[2012.10.11 16:49:46 | 012,673,068 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 12 (4).wav
[2012.10.11 16:49:45 | 000,062,512 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 11.pk
[2012.10.11 16:49:44 | 010,653,740 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 11.wav
[2012.10.11 16:49:41 | 000,062,512 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 10.pk
[2012.10.11 16:49:40 | 010,653,740 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 10.wav
[2012.10.11 16:49:37 | 000,068,224 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 8 (8).pk
[2012.10.11 16:49:37 | 000,058,840 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 6 (2).pk
[2012.10.11 16:30:17 | 000,020,970 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\first track.ses
[2012.10.11 16:30:15 | 010,027,052 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 6 (2).wav
[2012.10.11 16:30:12 | 011,628,588 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 8 (8).wav
[2012.10.11 16:30:12 | 000,068,224 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 9 (8).pk
[2012.10.11 16:30:10 | 011,628,588 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 9 (8).wav
[2012.10.11 16:30:09 | 000,058,840 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 7 (2).pk
[2012.10.11 16:30:08 | 010,027,052 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 7 (2).wav
[2012.10.11 16:30:03 | 017,386,796 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (6).wav
[2012.10.11 16:29:56 | 000,114,328 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (12).pk
[2012.10.11 16:29:51 | 019,497,004 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 5 (12).wav
[2012.10.11 16:29:49 | 000,114,328 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (12).pk
[2012.10.11 16:29:42 | 019,497,004 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 4 (12).wav
[2012.10.11 13:12:00 | 000,036,400 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (5).pk
[2012.10.11 13:11:26 | 000,203,836 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (6).pk
[2012.10.11 13:11:24 | 017,386,796 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (6).wav
[2012.10.11 13:11:22 | 000,203,836 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 2 (6).pk
[2012.10.11 13:03:35 | 003,305,082 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\untitled.mp3
[2012.10.11 12:54:21 | 002,643,174 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\zo.mp3
[2012.10.11 12:24:37 | 003,302,992 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Beat.mp3
[2012.10.11 09:53:28 | 000,015,432 | ---- | C] () -- C:\WINDOWS.0\Launcher.exe
[2012.10.11 09:52:59 | 000,000,014 | ---- | C] () -- C:\end
[2012.10.10 12:15:58 | 000,062,494 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\STEFFANBEAT.flp
[2012.10.10 11:39:34 | 005,461,228 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\gagnsta beat1-prod. by syn cee.mp3
[2012.10.10 03:01:37 | 000,000,712 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\TruePianos Standalone.lnk
[2012.10.10 02:14:26 | 000,075,892 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\gansta beat1.flp
[2012.10.09 23:43:28 | 000,000,811 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Guitar Rig 5.lnk
[2012.10.09 23:39:55 | 000,000,861 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Controller Editor.lnk
[2012.10.09 23:32:58 | 009,892,143 | ---- | C] () -- C:\10-Start From Scratch [ft. Marsha Of Floetry].mp3
[2012.10.05 08:43:50 | 000,481,768 | ---- | C] () -- C:\lovebeat.mp3
[2012.10.05 08:16:22 | 000,998,537 | ---- | C] () -- C:\syn test 2.mp3
[2012.10.03 06:03:49 | 005,244,413 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Xylobeat- by. syn cee.mp3
[2012.10.03 06:03:03 | 046,248,358 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\xylobeat- by syn cee.wav
[2012.10.03 05:59:06 | 000,732,297 | ---- | C] () -- C:\mixdem.mp3
[2012.10.03 03:54:39 | 002,056,777 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Voice und beat.MP3
[2012.10.03 03:39:18 | 002,056,777 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Voice1.MP3
[2012.10.02 13:02:53 | 001,377,799 | ---- | C] () -- C:\ME SYN CEE.jpg
[2012.10.02 11:45:34 | 000,015,853 | ---- | C] () -- C:\1160777089.jpg
[2012.10.02 08:49:55 | 003,841,881 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Syn Rap verse 1.mp3
[2012.10.01 02:13:33 | 002,068,968 | ---- | C] () -- C:\Syn_Cee1_-_Piano_Splatter_www.rappers.in.mp3
[2012.09.30 02:28:16 | 002,003,696 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\New2.MP3
[2012.09.30 02:26:57 | 002,003,696 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\New.2
[2012.09.30 01:17:58 | 001,573,510 | ---- | C] () -- C:\TC_manualDE.pdf
[2012.09.30 00:55:38 | 000,564,872 | ---- | C] () -- C:\New.MP3
[2012.09.29 10:42:12 | 000,241,216 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\Track 3 (2).pk
[2012.09.29 10:37:56 | 000,015,337 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\disstrack.ses
[2012.09.28 08:58:40 | 000,063,379 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\big smoke.flp
[2012.09.26 13:10:41 | 000,109,087 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\2012.flp
[2012.09.26 04:36:38 | 017,619,233 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\big smoke beat two.flp
[2012.09.24 09:17:14 | 000,174,681 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Desktop\new techno.flp
[2012.09.07 09:07:16 | 000,000,097 | ---- | C] () -- C:\WINDOWS.0\WirelessFTP.INI
[2012.09.07 09:04:16 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\tosOBEX.INI
[2012.07.01 08:25:09 | 000,558,133 | ---- | C] () -- C:\WINDOWS.0\System32\sqlite3.dll
[2012.06.02 08:51:24 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2012.06.02 08:50:24 | 000,005,632 | ---- | C] () -- C:\WINDOWS.0\System32\drivers\StarOpen.sys
[2012.05.25 03:49:42 | 000,016,896 | ---- | C] () -- C:\Documents and Settings\Syn Cee\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.05.23 10:29:02 | 000,046,184 | -H-- | C] () -- C:\WINDOWS.0\System32\mlfcache.dat
[2012.05.11 08:20:26 | 000,002,892 | ---- | C] () -- C:\WINDOWS.0\System32\audcon.sys
[2012.05.11 08:20:02 | 000,000,045 | ---- | C] () -- C:\WINDOWS.0\System32\SYNSOPOS.exe.cfg
[2012.05.11 07:34:40 | 000,003,072 | ---- | C] () -- C:\WINDOWS.0\System32\iacenc.dll
[2012.05.11 07:19:57 | 000,000,000 | ---- | C] () -- C:\WINDOWS.0\ativpsrm.bin
[2012.05.11 07:19:41 | 000,887,724 | ---- | C] () -- C:\WINDOWS.0\System32\ativva6x.dat
[2012.05.11 07:19:40 | 000,045,056 | ---- | C] () -- C:\WINDOWS.0\System32\ATIODCLI.exe
[2012.05.11 07:19:39 | 000,294,912 | ---- | C] () -- C:\WINDOWS.0\System32\ATIODE.exe
[2012.05.11 07:19:39 | 000,200,828 | ---- | C] () -- C:\WINDOWS.0\System32\atiicdxx.dat
[2012.05.11 07:19:39 | 000,000,003 | ---- | C] () -- C:\WINDOWS.0\System32\ativva5x.dat
[2012.05.10 15:23:49 | 000,004,249 | ---- | C] () -- C:\WINDOWS.0\ODBCINST.INI
[2012.05.10 15:22:35 | 000,220,840 | ---- | C] () -- C:\WINDOWS.0\System32\FNTCACHE.DAT
[2012.05.10 13:16:31 | 000,004,569 | ---- | C] () -- C:\WINDOWS.0\System32\secupd.dat
[2012.05.10 13:16:22 | 000,432,356 | ---- | C] () -- C:\WINDOWS.0\System32\perfh009.dat
[2012.05.10 13:16:22 | 000,272,128 | ---- | C] () -- C:\WINDOWS.0\System32\perfi009.dat
[2012.05.10 13:16:22 | 000,067,312 | ---- | C] () -- C:\WINDOWS.0\System32\perfc009.dat
[2012.05.10 13:16:22 | 000,028,626 | ---- | C] () -- C:\WINDOWS.0\System32\perfd009.dat
[2012.05.10 13:16:19 | 000,004,463 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.dat
[2012.05.10 13:16:18 | 013,107,200 | ---- | C] () -- C:\WINDOWS.0\System32\oembios.bin
[2012.05.10 13:16:12 | 000,000,741 | ---- | C] () -- C:\WINDOWS.0\System32\noise.dat
[2012.05.10 13:15:45 | 000,673,088 | ---- | C] () -- C:\WINDOWS.0\System32\mlang.dat
[2012.05.10 13:15:44 | 000,046,258 | ---- | C] () -- C:\WINDOWS.0\System32\mib.bin
[2012.05.10 13:15:02 | 000,218,003 | ---- | C] () -- C:\WINDOWS.0\System32\dssec.dat
[2012.05.10 13:14:38 | 000,001,804 | ---- | C] () -- C:\WINDOWS.0\System32\Dcache.bin
[2012.05.10 11:17:27 | 000,002,048 | --S- | C] () -- C:\WINDOWS.0\bootstat.dat
[2012.05.10 11:06:47 | 000,021,640 | ---- | C] () -- C:\WINDOWS.0\System32\emptyregdb.dat
 
========== ZeroAccess Check ==========
 
[2012.05.11 07:17:50 | 000,000,227 | RHS- | M] () -- C:\WINDOWS.0\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.08.20 18:26:50 | 001,499,136 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS.0\system32\wbem\fastprox.dll -- [2009.02.09 05:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS.0\system32\wbem\wbemess.dll -- [2008.04.14 21:30:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.10.10 03:01:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\4Front
[2012.05.11 08:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Arturia
[2012.08.17 11:03:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Audio Damage
[2012.07.15 05:07:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Celemony Software GmbH
[2012.05.26 10:26:17 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2012.05.11 08:21:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\eLicenser
[2012.10.16 14:49:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
[2012.10.09 23:40:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Native Instruments
[2012.05.27 08:36:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Note
[2012.09.30 00:21:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\simplitec
[2012.08.17 11:02:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spectrasonics
[2012.05.11 08:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Syncrosoft
[2012.10.09 23:51:05 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{1CEDDDD4-56D2-463F-BC4E-C5DFFD3533C9}
[2012.06.02 08:44:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{32364CEA-7855-4A3C-B674-53D8E9B97936}
[2012.05.11 09:48:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2012.10.09 23:40:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{5A23829C-A66E-47B0-AD50-21A3FFE6C325}
[2012.10.09 23:39:25 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{C78336EC-F2EB-4640-99A4-DFE96581B90B}
[2012.10.09 23:40:58 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CB28D9D3-6B5D-4AFA-BA37-B4AFAAAF71B9}
[2012.10.09 23:39:57 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{DCC412E7-393B-4016-91FB-9307F059AFB6}
[2012.05.11 08:38:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{E26B3878-7CEC-469C-B449-5CAA336DF8CD}
[2012.10.10 03:02:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\4Front
[2012.06.02 08:35:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Amazon
[2012.09.21 05:09:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Audacity
[2012.08.28 08:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Celemony Software GmbH
[2012.05.11 08:43:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Cycling '74
[2012.10.11 09:53:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\DownTangoLauncherToolbar
[2012.10.14 04:28:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\DVDVideoSoft
[2012.05.26 09:26:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Harmor
[2012.09.30 00:32:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\MAGIX
[2012.06.26 08:07:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\MSNInstaller
[2012.10.15 12:20:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Opera
[2012.06.02 09:05:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Samsung
[2012.09.30 03:53:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\simplitec
[2012.09.12 06:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Sony
[2012.10.19 12:08:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\SynthMaker
[2012.06.10 06:17:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\temp
[2012.09.07 09:03:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Toshiba
[2012.10.21 07:44:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Usenet.nl
[2012.05.14 09:21:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\Waves Audio
[2012.05.25 12:33:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Syn Cee\Application Data\WOT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.05.09 10:39:14 | 000,000,000 | ---D | M] -- C:\9fb8df5649996b6fa7ca757abce0acae
[2012.05.05 07:16:17 | 000,000,000 | ---D | M] -- C:\AMD
[2012.05.09 11:23:32 | 000,000,000 | ---D | M] -- C:\ATI
[2012.10.17 02:48:47 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2012.05.08 07:24:45 | 000,000,000 | ---D | M] -- C:\dfc279006b5b6154e1f32aba6b54ffcd
[2012.05.10 11:20:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings
[2012.05.10 09:00:06 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen
[2012.05.17 00:40:20 | 000,000,000 | ---D | M] -- C:\FLAC To MP3
[2012.09.11 23:42:55 | 000,000,000 | ---D | M] -- C:\images
[2012.10.16 15:54:06 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.05.11 07:30:13 | 000,000,000 | R--D | M] -- C:\Programme
[2012.10.17 13:26:58 | 000,000,000 | ---D | M] -- C:\Rapaufnahmen
[2012.05.11 07:28:15 | 000,000,000 | -HSD | M] -- C:\RECYCLER
[2012.01.25 02:11:34 | 000,000,000 | ---D | M] -- C:\styles
[2012.05.10 11:19:27 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.10.17 13:27:18 | 000,000,000 | ---D | M] -- C:\Temp
[2012.09.08 08:33:30 | 000,000,000 | ---D | M] -- C:\tmp
[2012.10.19 12:01:55 | 000,000,000 | ---D | M] -- C:\W Sechs Fünf and Syn Cee
[2012.10.14 11:24:15 | 000,000,000 | ---D | M] -- C:\WINDOWS
[2012.10.22 07:07:08 | 000,000,000 | ---D | M] -- C:\WINDOWS.0
 
< %PROGRAMFILES%\*.exe >
Invalid Environment Variable: LOCALAPPDATA
 
< %systemroot%\*. /mp /s >
 
< %windir%\installer\*. /5 >
Invalid Environment Variable: localappdata
 
========== Files - Unicode (All) ==========
[2012.08.27 06:42:26 | 000,000,158 | ---- | M] ()(C:\Documents and Settings\Syn Cee\Desktop\???????.url) -- C:\Documents and Settings\Syn Cee\Desktop\فرجينيا.url
[2012.08.27 06:42:26 | 000,000,158 | ---- | C] ()(C:\Documents and Settings\Syn Cee\Desktop\???????.url) -- C:\Documents and Settings\Syn Cee\Desktop\فرجينيا.url
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\WINDOWS.0\$NtUninstallKB27300$] -> Error: Cannot create file handle -> Unknown point type
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 88 bytes -> C:\big smoke ft maxi (1).download:SummaryInformation

< End of report >

--- --- ---

Und das sind die Extras Daten....OTL EXTRAS Logfile:

Code:

ATTFilter

OTL Extras logfile created on: 23.10.2012 13:45:13 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Documents and Settings\Syn Cee\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Germany | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 79,58% Memory free
7,09 Gb Paging File | 6,40 Gb Available in Paging File | 90,27% Paging File free
Paging file location(s): C:\pagefile.sys 4092 6138 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS.0 | %ProgramFiles% = C:\Program Files
Drive C: | 56,63 Gb Total Space | 6,01 Gb Free Space | 10,61% Space Free | Partition Type: NTFS
Drive F: | 19,70 Gb Total Space | 4,89 Gb Free Space | 24,81% Space Free | Partition Type: NTFS
 
Computer Name: MORUK-78488737C | User Name: Syn Cee | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = Opera.HTML] -- C:\Program Files\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files\Opera\Opera.exe" "%1" (Opera Software)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 1
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\Application\chrome.exe" = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome -- (Google Inc.)
"C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe" = C:\Documents and Settings\Syn Cee\Local Settings\Application Data\Google\Google Talk Plugin\googletalkplugin.exe:*:Enabled:Google Talk Plugin
"C:\Program Files\Google\Chrome\Application\chrome.exe" = C:\Program Files\Google\Chrome\Application\chrome.exe:*:Enabled:Google Chrome
"C:\Program Files\Internet Explorer\iexplore.exe" = C:\Program Files\Internet Explorer\iexplore.exe:*:Disabled:Internet Explorer -- (Microsoft Corporation)
"C:\Documents and Settings\Syn Cee\Local Settings\Temp\7ZipSfx.000\opera.exe" = C:\Documents and Settings\Syn Cee\Local Settings\Temp\7ZipSfx.000\opera.exe:*:Disabled:Opera Internet Browser
"C:\Program Files\Opera\opera.exe" = C:\Program Files\Opera\opera.exe:*:Enabled:Opera Internet Browser -- (Opera Software)
"C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.)
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01D57CF6-B5BC-4D03-AFF5-7960CFBD05A9}" = Native Instruments Guitar Rig 5
"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor
"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center
"{0EC8D8D1-A1D3-11E0-BC8C-005056C00008}" = MSVCRT Redists
"{179C9DAD-8A7E-E177-A099-9881BA6DB7E1}" = CCC Help Korean
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1CA97896-6527-EFF2-15AF-F754A8345DB3}" = CCC Help Polish
"{1DE16DAD-6C8C-CE4B-6D0A-3B9C826EA7DF}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{207FE8B9-976B-8106-B8D8-75FD538B21AE}" = Catalyst Control Center Graphics Light
"{23B8A91D-680B-462B-87AD-3D70F7341731}" = iTunes
"{2CA12532-C407-66B7-7872-998E86EB078A}" = CCC Help Thai
"{30646370-6577-DA44-F956-5179BD4FC81F}" = CCC Help Norwegian
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{48E2A18A-C55F-4CEC-B3A2-A9B6F2BF95A0}" = Skins
"{491DF203-7B61-4F0E-BDCB-A1218C4DAFE9}" = Native Instruments Massive
"{5155EC96-7397-FCC0-154C-F4814DA6B86C}" = ATI Catalyst Install Manager
"{531E8A2E-CB06-DF8B-E7AF-E6FC443C0690}" = ccc-utility
"{5E990010-3CFC-3451-1F07-ABD632895DED}" = Catalyst Control Center Localization All
"{653771EC-5AA7-9E1D-EBF9-BF6E9BDC0649}" = CCC Help Greek
"{704985E4-596B-B30C-1B01-49A4E6386DF7}" = CCC Help Italian
"{7388AE07-F4E0-503F-6ADD-4FB9BED4C47E}" = CCC Help Czech
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{7930FB47-6452-4476-BF16-D77F748646DB}" = Native Instruments Guitar Rig Session I/O
"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7D6A64F2-7D44-1878-EFDD-463B764C20C9}" = ccc-core-preinstall
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8AE34925-34D7-4E53-FE56-B38C003FCE59}" = CCC Help Chinese Traditional
"{913694EF-D62F-B372-7778-7C0DFD287EED}" = Catalyst Control Center Graphics Previews Common
"{93F8D79A-EEC2-11F6-DE59-70EA8E50CAE2}" = CCC Help German
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98FBED7A-E9E1-5578-F5FD-391D51799524}" = CCC Help French
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A259C1B6-7C3F-6827-657B-D6EDE5BF3CAE}" = CCC Help Finnish
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A43BF6A5-D5F0-4AAA-BF41-65995063EC44}" = MSXML 6.0 Parser
"{A6D87A37-8620-FE7B-54C2-E654F4F92B95}" = Catalyst Control Center Graphics Full New
"{A96174C8-BB27-8E86-2AA8-22486DDF7B4B}" = Catalyst Control Center Core Implementation
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AE9C87B3-0BF3-6FE1-404C-FA0EA33B4EC3}" = CCC Help Japanese
"{B1A1ACA0-54BF-6279-CD75-D4772DD16197}" = CCC Help Danish
"{B2C78D7A-D4D2-A1EF-DFAA-48A4152A5771}" = ccc-core-static
"{B962AD08-335F-46f7-A182-257D37672E5C}" = Native Instruments Rig Kontrol 3
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7A9BAF2-DA72-8503-F27F-44C6C2FF9F49}" = CCC Help Swedish
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{cb6d194b-149b-4e28-9b6b-fd0bdaa2aa7c}_is1" = DownTango Launcher
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE7DC6C4-14F0-446F-B707-7ACE86460E43}" = Melodyne Runtime 4.1 (x86)
"{D5348885-EB52-4355-C21B-27BD0E4CBA31}" = CCC Help Hungarian
"{D780486E-4F96-B025-4BBB-30D56E3C9418}" = CCC Help Portuguese
"{DE30220D-B7A6-EB8F-13E0-2521880E2F49}" = Catalyst Control Center Graphics Full Existing
"{E32BC396-8E51-BA3F-7001-EE463BB4EA75}" = CCC Help English
"{E481A482-A6A2-D3ED-0980-C741A9AAA96B}" = CCC Help Chinese Standard
"{E4AA1490-A0AE-5693-2C0B-4FF21C3721D8}" = CCC Help Dutch
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EBF0AA20-D891-1908-10CB-010E289C36CD}" = CCC Help Russian
"{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}" = Apple Mobile Device Support
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F9B431CB-5ACF-A7C1-5B96-9DF33AA25290}" = CCC Help Spanish
"{FFE7F452-F093-5859-C96E-E75310248A10}" = CCC Help Turkish
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.15
"Analog Factory_is1" = Analog Factory 2.5
"ASIO4ALL" = ASIO4ALL
"Audacity_is1" = Audacity 2.0
"Avira AntiVir Desktop" = Avira Free Antivirus
"Cool Edit Pro 2.0" = Cool Edit Pro 2.0
"Edirol HQ Orchestral VSTi v1.03" = Edirol HQ Orchestral VSTi v1.03
"eLicenser Control" = eLicenser Control
"FL Studio 10" = FL Studio 10
"FLAC To MP3_is1" = FLAC To MP3 V4.0.4
"ie8" = Windows Internet Explorer 8
"IL Download Manager" = IL Download Manager
"IL Harmless" = IL Harmless
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"MP3Diags" = MP3 Diags
"MSNINST" = MSN
"Native Instruments Controller Editor" = Native Instruments Controller Editor
"Native Instruments Guitar Rig 5" = Native Instruments Guitar Rig 5
"Native Instruments Guitar Rig Session I/O" = Native Instruments Guitar Rig Session I/O
"Native Instruments Massive" = Native Instruments Massive
"Native Instruments Rig Kontrol 3" = Native Instruments Rig Kontrol 3
"Native Instruments Service Center" = Native Instruments Service Center
"Opera 12.02.1578" = Opera 12.02
"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0
"reFX Vanguard_is1" = reFX Vanguard VSTi RTAS v1.8.0
"Tone2 Gladiator full_is1" = Gladiator  full
"TruePianos 40-day Test Version_is1" = TruePianos 1.9.4 40-day Test Version
"UltraISO_is1" = UltraISO Premium V9.52
"Usenet.nl_is1" = Usenet.nl
"VLC media player" = VLC media player 2.0.2
"Waves Complete v7_is1" = Waves Complete VST RTAS TDM v7.1.16
"Wdf01009" = Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
"winusb0100" = Microsoft WinUsb 1.0
"Wudf01009" = Microsoft User-Mode Driver Framework Feature Pack 1.9
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 22.10.2012 08:26:17 | Computer Name = MORUK-78488737C | Source = Application Error | ID = 1000
Description = Faulting application chrome.exe, version 22.0.1229.94, faulting module
 chrome.dll, version 22.0.1229.94, fault address 0x00557c64.
 
Error - 23.10.2012 16:43:13 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:43:16 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:44:38 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:44:59 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:45:56 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:45:58 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:45:59 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:46:03 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
Error - 23.10.2012 16:46:03 | Computer Name = MORUK-78488737C | Source = Application Hang | ID = 1002
Description = Hanging application OTL.exe, version 3.2.69.0, hang module hungapp,
 version 0.0.0.0, hang address 0x00000000.
 
[ System Events ]
Error - 23.10.2012 14:42:54 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 14:51:41 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:01:42 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:11:41 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:21:43 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:30:07 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:30:55 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:31:41 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:41:41 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
Error - 23.10.2012 15:51:43 | Computer Name = MORUK-78488737C | Source = Service Control Manager | ID = 7023
Description = The Network Location Awareness (NLA) service terminated with the following
 error:   %%127
 
 
< End of report >

--- --- ---

schrauber · 24.10.2012, 06:27

Hi,

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. ( Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

syn1988 · 24.10.2012, 16:25

Da ist die aswMBR.txt log...

aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-10-24 08:23:11
-----------------------------
08:23:11.109 OS Version: Windows 5.1.2600 Service Pack 3
08:23:11.109 Number of processors: 3 586 0x503
08:23:11.109 ComputerName: MORUK-78488737C UserName: Syn Cee
08:23:12.937 Initialize success
08:23:16.890 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T1L0-10
08:23:16.890 Disk 0 Vendor: Maxtor_6L080L0 BAJ41G20 Size: 78167MB BusType: 3
08:23:16.906 Disk 0 MBR read successfully
08:23:16.906 Disk 0 MBR scan
08:23:16.906 Disk 0 Windows XP default MBR code
08:23:16.906 Disk 0 Partition 1 00 07 HPFS/NTFS NTFS 20175 MB offset 63
08:23:16.921 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 57984 MB offset 41319180
08:23:16.921 Disk 0 scanning sectors +160071660
08:23:16.953 Disk 0 malicious Win32:MBRoot code @ sector 160071663 !
08:23:16.953 Disk 0 PE file @ sector 160071685 !
08:23:16.984 Disk 0 scanning C:\WINDOWS.0\system32\drivers
08:23:25.593 File: C:\WINDOWS.0\system32\drivers\redbook.sys **SUSPICIOUS**
08:23:28.984 Disk 0 trace - called modules:
08:23:29.000 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8ac3e698]<<
08:23:29.015 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8af23ab8]
08:23:29.031 3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> [0x8ac808b0]
08:23:29.031 \Driver\00000574[0x8ad34118] -> IRP_MJ_CREATE -> 0x8ac3e698
08:23:29.046 Scan finished successfully
08:23:34.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Syn Cee\Desktop\MBR.dat"
08:23:34.796 The log file has been saved successfully to "C:\Documents and Settings\Syn Cee\Desktop\aswMBR.txt"

gruss Syn

schrauber · 24.10.2012, 16:29

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

syn1988 · 24.10.2012, 16:48

Also habe alle deine anweisungen befolgt.... positiv ist das mein rechenr wieder schneller läuft... er hat aber leider keine logdatei erstellt und das fenster von adobe kommt immernoch....

Ich weiss nicht ob das weiterhilft.... ich habe auch lauter neuer Ordner auf meiner Festplatte "C" die ziehmlich hell sind.....

schrauber · 25.10.2012, 07:00

Schau mal ob du c:\Combofix.txt findest. Wenn nicht, Combofix vom Desktop löschen, neu laden und nochmal laufen lassen.

25.10.2012, 07:00	#8
schrauber /// the machine /// TB-Ausbilder	Adobe Flash Player will immer installiert werden....Virus eingefangen?! Schau mal ob du c:\Combofix.txt findest. Wenn nicht, Combofix vom Desktop löschen, neu laden und nochmal laufen lassen. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Adobe Flash Player will immer installiert werden....Virus eingefangen?!

Log-Analyse und Auswertung: Adobe Flash Player will immer installiert werden....Virus eingefangen?!