Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wichtig: Bka Virus entdeckt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.07.2012, 00:58   #1
Jerre97
 
Wichtig: Bka Virus entdeckt - Standard

Wichtig: Bka Virus entdeckt



Nabend !

Sorry für mein 2. Thread der andere kann jedoch deleted werden !

Also wie in der Überschrift schon steht befindet sich ein Virus auf meinem Pc:
welches ich schon entfernt habe,jedoch würde ich gerne sicher gehen ob auch wirklich alles weg ist Mein Malewarebytes findet nichts mehr,jedoch ein anderen Virenprogramm findet etwas.Siehe unten. Davor hatte ich dieses BKA Virus auf dem pc welches ich schon entfernt habe jedoch möchte ich gerne wissen ob es noch vorhanden ist. Ich habe alle Schritte durchgeführt die ich in anderen Threads schon gefunden habe um euch dabei zu helfen ein Virus zu entdecken.Sprich die 3 üblichen Programme



Der Malewarebytes Scan ergab folgendes:

Code:
ATTFilter
 Malwarebytes Anti-Malware  (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.08.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Jeremy :: JEREMY-PC [Administrator]

Schutz: Aktiviert

08.07.2012 22:35:14
mbam-log-2012-07-08 (22-35-14).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 430079
Laufzeit: 2 Stunde(n), 19 Minute(n), 52 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         

Der Otl Scan ergab dies:

Code:
ATTFilter
OTL logfile created on: 08.07.2012 22:38:29 - Run 2
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\Jeremy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,69 Gb Available Physical Memory | 61,55% Memory free
11,98 Gb Paging File | 9,18 Gb Available in Paging File | 76,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,17 Gb Total Space | 815,30 Gb Free Space | 88,51% Space Free | Partition Type: NTFS
Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,69% Space Free | Partition Type: NTFS
 
Computer Name: JEREMY-PC | User Name: Jeremy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jeremy\Downloads\24960-OTL.exe (OldTimer Tools)
PRC - C:\World of Warcraft\Launcher.exe (Blizzard Entertainment)
PRC - C:\Users\Jeremy\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
PRC - C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe (Adobe Systems, Inc.)
PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
PRC - C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)
PRC - c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe (Hewlett-Packard)
PRC - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Jeremy\AppData\Roaming\Spotify\Data\libcef.dll ()
MOD - C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
MOD - c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe ()
MOD - C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\WMINPUT.DLL ()
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (McAfee SiteAdvisor Service) -- c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe (McAfee, Inc.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BBSvc.exe (Microsoft Corporation.)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (!SASCORE) -- C:\Programme\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira GmbH)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Norton Internet Security) -- C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe (Symantec Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IAANTMON) Intel(R) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) Symantec Real Time Storage Protection (PEL) -- C:\Windows\SysNative\drivers\NISx64\1007000.01E\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (netr28x) -- C:\Windows\SysNative\drivers\netr28x.sys (Ralink Technology, Corp.)
DRV - (SASDIFSV) -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (SASKUTIL) -- C:\Programme\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Pavilion&pf=cndt
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {BAF60B34-BC2D-4D38-BF52-8D31949C6020}
IE:64bit: - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE:64bit: - HKLM\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\URLSearchHook:  - No CLSID value found
IE - HKLM\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found
IE - HKLM\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\InprocServer32 File not found
IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
IE - HKLM\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{CA72C844-CB2A-4FE8-9E9A-0211093C6994}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = ${URL_SEARCHPAGE}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=113480&tl=gbn193047&tt=010712_1&babsrc=HP_ss&mntrId=3a61a3f7000000000000701a0496da87
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No CLSID value found
IE - HKCU\..\URLSearchHook: {c840e246-6b95-475e-9bd7-caa1c7eca9f2} - No CLSID value found
IE - HKCU\..\URLSearchHook: {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found
IE - HKCU\..\URLSearchHook: {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - SOFTWARE\Classes\CLSID\{e9911ec6-1bcc-40b0-9993-e0eea7f6953f}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=113480&tl=gbn193047&tt=010712_1&babsrc=SP_ss&mntrId=3a61a3f7000000000000701a0496da87
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKCU\..\SearchScopes\{902D76CD-4644-4E24-B5B4-3F14BEC37261}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{B0AFA91C-AA25-4440-8CA5-FC9D5459B033}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
IE - HKCU\..\SearchScopes\{BAF60B34-BC2D-4D38-BF52-8D31949C6020}: "URL" = hxxp://startsear.ch/?aff=1&q={searchTerms}
IE - HKCU\..\SearchScopes\{CA72C844-CB2A-4FE8-9E9A-0211093C6994}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..CT2269050.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.selectedEngine: "DVDVideoSoftTB Customized Web Search"
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/ctid=CT2269050&SearchSource=13"
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspxctid=CT2269050&SearchSource=2&q="
FF - prefs.js..network.proxy.http: "77.220.20.196"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 0
 
FF - user.js..browser.startup.homepage: "hxxp://www.google.com/"
FF - user.js..keyword.URL: "hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q="
FF - user.js..browser.search.selectedEngine: "Google"
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.0: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.07.06 16:40:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.08 20:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.08 20:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.08 20:02:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.08 20:02:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.08 20:02:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.08 20:02:03 | 000,000,000 | ---D | M]
 
[2011.12.27 21:41:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Extensions
[2012.07.04 16:29:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\fia0sqzu.default\extensions
[2012.06.18 19:33:05 | 000,000,000 | ---D | M] (DVDVideoSoftTB) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\fia0sqzu.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[2012.06.18 19:32:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\fia0sqzu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.18 19:18:31 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\fia0sqzu.default\extensions\ich@maltegoetz.de
[2012.07.04 16:29:46 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\fia0sqzu.default\extensions\plugin@yontoo.com
[2012.07.04 16:29:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\w12eba10.default\extensions
[2012.06.18 19:32:50 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\w12eba10.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.12.27 21:23:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\w12eba10.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.07.04 16:29:46 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\w12eba10.default\extensions\plugin@yontoo.com
[2012.07.04 00:07:23 | 000,000,000 | ---D | M] (@@toolbarname@@) -- C:\Users\Jeremy\AppData\Roaming\mozilla\Firefox\Profiles\w12eba10.default\extensions\toolbar@ask.com
[2012.07.08 22:22:44 | 000,000,919 | ---- | M] () -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\fia0sqzu.default\searchplugins\conduit.xml
[2012.05.15 14:11:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.01.16 19:17:44 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
[2010.04.08 11:50:11 | 000,000,000 | ---D | M] (Skype extension for Firefox) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012.07.06 16:40:24 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2012.06.16 12:30:37 | 000,182,698 | ---- | M] () (No name found) -- C:\USERS\JEREMY\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\FIA0SQZU.DEFAULT\EXTENSIONS\STEALTHYEXTENSION@GMAIL.COM.XPI
[2012.06.18 13:49:29 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.18 13:49:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.04 16:29:51 | 000,002,390 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.06.18 13:49:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.18 13:49:28 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.18 13:49:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.04.28 11:11:56 | 000,002,027 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.06.18 13:49:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.18 13:49:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.47\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.8 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: SiteAdvisor = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\
CHR - Extension: SiteAdvisor = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.50.146.1_0\
CHR - Extension: Yontoo = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.1_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll File not found
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.382.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (PHPNukeDE Toolbar) - {c9508125-4747-4733-b048-e4b82dc9716d} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (DVDVideoSoft Toolbar) - {e9911ec6-1bcc-40b0-9993-e0eea7f6953f} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (PHPNukeDE Toolbar) - {C9508125-4747-4733-B048-E4B82DC9716D} - C:\Program Files (x86)\PHPNukeDE\prxtbPHP2.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoft Toolbar) - {E9911EC6-1BCC-40B0-9993-E0EEA7F6953F} - C:\Program Files (x86)\DVDVideoSoft\tbDVDV.dll File not found
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe ({StringFileInfo_CompanyName})
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4 - HKLM..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe (Hewlett-Packard)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O4 - HKCU..\Run: [Spotify] C:\Users\Jeremy\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jeremy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jeremy\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira GmbH)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 10.4.0)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EDAC4DA-541E-46A4-9A80-1D4ED613F74C}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B90EE931-56E7-4DF9-829B-34B7718E879F}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.08 22:29:09 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\SUPERAntiSpyware.com
[2012.07.08 22:29:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012.07.08 22:29:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012.07.08 22:29:00 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012.07.08 22:18:26 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.07.08 21:51:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.08 21:50:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.08 19:51:10 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\CyberLink
[2012.07.08 17:10:51 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\Malwarebytes
[2012.07.08 17:10:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.08 17:10:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.08 17:10:23 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.08 17:10:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.07.08 17:09:32 | 010,063,000 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Jeremy\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.04 16:30:20 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\vGrabber
[2012.07.04 16:30:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\v-Grabber
[2012.07.04 16:29:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012.07.04 16:29:39 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Local\Babylon
[2012.07.04 16:29:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.07.04 16:29:32 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\Babylon
[2012.07.04 16:29:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.06.29 18:56:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2012.06.24 14:32:21 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Local\Macromedia
[2012.06.21 13:33:42 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.21 13:33:42 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.21 13:33:41 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.21 13:33:15 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.21 13:33:15 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.21 13:33:15 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.21 13:32:45 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.21 13:32:45 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.18 20:44:22 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2012.06.18 19:41:57 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.18 19:41:57 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.18 19:41:57 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.06.18 19:41:57 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.06.18 19:41:57 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.06.18 19:41:57 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.06.18 19:41:57 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.06.18 19:41:57 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.06.18 19:41:57 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.06.18 19:41:57 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.06.18 19:41:57 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.06.18 19:41:56 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.06.18 19:41:56 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.18 19:41:56 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.06.18 19:41:56 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.06.18 19:41:56 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.18 19:41:56 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.06.18 19:41:56 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.06.18 19:41:56 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.06.18 19:41:56 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.06.18 19:41:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.06.18 19:41:56 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.18 19:41:56 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.06.18 19:41:56 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.06.18 19:41:56 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.06.18 19:41:56 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.06.18 19:41:56 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.06.18 19:41:55 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.06.18 19:41:55 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.06.18 19:41:55 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.18 19:41:55 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.06.18 19:41:55 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.06.18 19:41:53 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.06.18 19:41:53 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.06.18 19:41:53 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.06.18 19:41:52 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.18 19:41:52 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.18 19:41:52 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.06.18 19:41:52 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.18 19:41:52 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.06.18 19:41:52 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.06.18 19:41:52 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.06.18 19:41:52 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.06.18 19:41:52 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.06.18 19:41:52 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.06.18 19:41:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.06.18 19:41:51 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.06.18 19:41:51 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.06.18 19:41:51 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.06.18 19:41:51 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.18 19:41:51 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.06.18 19:41:51 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.06.18 19:41:51 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.06.18 19:41:51 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.06.18 19:41:51 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.06.18 19:41:51 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.06.18 19:41:51 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.06.18 19:41:49 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.06.18 19:41:49 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.18 19:41:49 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.06.18 19:41:49 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.06.18 19:41:49 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.06.18 19:41:49 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.18 19:41:49 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.06.18 19:41:49 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.06.18 19:41:49 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.06.18 19:41:49 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.18 19:41:49 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.06.18 19:41:49 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.06.18 19:41:49 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.06.18 19:41:49 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.06.18 19:41:49 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.06.18 19:35:20 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\OpenCandy
[2012.06.18 19:32:46 | 000,405,176 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll
[2012.06.13 13:40:55 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 13:40:55 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 13:40:54 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 13:40:42 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 13:40:41 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 13:40:40 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 13:40:36 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 13:40:22 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 13:40:21 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.08 22:36:04 | 000,000,723 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012.07.08 22:29:03 | 000,001,810 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.07.08 22:28:20 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 22:28:20 | 000,015,568 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.08 22:21:06 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.08 22:20:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.08 22:20:39 | 529,854,463 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.08 22:17:55 | 000,363,768 | ---- | M] () -- C:\Users\Jeremy\Documents\cc_20120708_221742.reg
[2012.07.08 22:08:06 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.08 22:07:40 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.08 21:51:04 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.08 18:52:31 | 000,000,040 | ---- | M] () -- C:\Users\Public\Documents\_rgpl
[2012.07.08 17:10:25 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.08 17:09:43 | 010,063,000 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Jeremy\Desktop\mbam-setup-1.61.0.1400.exe
[2012.07.08 13:59:09 | 004,503,728 | ---- | M] () -- C:\ProgramData\go_0molg.pad
[2012.07.08 01:23:35 | 000,001,889 | ---- | M] () -- C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.30 23:30:31 | 000,016,070 | ---- | M] () -- C:\Users\Jeremy\.TransferManager.db
[2012.06.30 22:08:34 | 000,002,346 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.06.24 12:08:09 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.24 12:08:09 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.24 11:49:15 | 000,568,789 | ---- | M] () -- C:\Users\Jeremy\Desktop\2012-06-23 21.42.53.jpg
[2012.06.18 20:43:09 | 000,001,895 | ---- | M] () -- C:\Users\Jeremy\Desktop\Kies Air Discovery Service.lnk
[2012.06.18 19:41:57 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.18 19:41:57 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.18 19:41:57 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2012.06.18 19:41:57 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll
[2012.06.18 19:41:57 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2012.06.18 19:41:57 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2012.06.18 19:41:57 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2012.06.18 19:41:57 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2012.06.18 19:41:57 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2012.06.18 19:41:57 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2012.06.18 19:41:57 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2012.06.18 19:41:56 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2012.06.18 19:41:56 | 001,427,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.18 19:41:56 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2012.06.18 19:41:56 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2012.06.18 19:41:56 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.18 19:41:56 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2012.06.18 19:41:56 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2012.06.18 19:41:56 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2012.06.18 19:41:56 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2012.06.18 19:41:56 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe
[2012.06.18 19:41:56 | 000,073,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.18 19:41:56 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.06.18 19:41:56 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2012.06.18 19:41:56 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2012.06.18 19:41:56 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2012.06.18 19:41:56 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2012.06.18 19:41:56 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2012.06.18 19:41:55 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll
[2012.06.18 19:41:55 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll
[2012.06.18 19:41:55 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.18 19:41:55 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2012.06.18 19:41:55 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll
[2012.06.18 19:41:53 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2012.06.18 19:41:53 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2012.06.18 19:41:53 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2012.06.18 19:41:52 | 002,311,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.18 19:41:52 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.18 19:41:52 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll
[2012.06.18 19:41:52 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.18 19:41:52 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll
[2012.06.18 19:41:52 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2012.06.18 19:41:52 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2012.06.18 19:41:52 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll
[2012.06.18 19:41:52 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2012.06.18 19:41:52 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2012.06.18 19:41:52 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2012.06.18 19:41:52 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2012.06.18 19:41:51 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2012.06.18 19:41:51 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2012.06.18 19:41:51 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2012.06.18 19:41:51 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.18 19:41:51 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll
[2012.06.18 19:41:51 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2012.06.18 19:41:51 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2012.06.18 19:41:51 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2012.06.18 19:41:51 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2012.06.18 19:41:51 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2012.06.18 19:41:50 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2012.06.18 19:41:49 | 001,494,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.18 19:41:49 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.06.18 19:41:49 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.06.18 19:41:49 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2012.06.18 19:41:49 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.18 19:41:49 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2012.06.18 19:41:49 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2012.06.18 19:41:49 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2012.06.18 19:41:49 | 000,096,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.18 19:41:49 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2012.06.18 19:41:49 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2012.06.18 19:41:49 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2012.06.18 19:41:49 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2012.06.18 19:41:49 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2012.06.18 19:41:49 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2012.06.18 19:32:48 | 000,001,404 | ---- | M] () -- C:\Users\Jeremy\Desktop\Free YouTube to MP3 Converter.lnk
[2012.06.18 19:32:48 | 000,001,245 | ---- | M] () -- C:\Users\Jeremy\Desktop\DVDVideoSoft Free Studio.lnk
[2012.06.14 13:52:08 | 000,331,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.13 21:51:36 | 001,518,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.13 21:51:36 | 000,653,928 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.13 21:51:36 | 000,615,810 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.13 21:51:36 | 000,129,800 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.13 21:51:36 | 000,106,190 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.09 23:46:32 | 000,440,592 | ---- | M] () -- C:\Users\Jeremy\AppData\Local\tmpMEGAN +FOX +2012+NEW+ WALLPAPER+2.JPG
 
========== Files Created - No Company Name ==========
 
[2012.07.08 22:29:03 | 000,001,810 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012.07.08 22:17:44 | 000,363,768 | ---- | C] () -- C:\Users\Jeremy\Documents\cc_20120708_221742.reg
[2012.07.08 21:51:03 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.08 18:52:31 | 000,000,040 | ---- | C] () -- C:\Users\Public\Documents\_rgpl
[2012.07.08 17:10:25 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.07.08 01:23:35 | 004,503,728 | ---- | C] () -- C:\ProgramData\go_0molg.pad
[2012.07.08 01:23:35 | 000,001,889 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.29 18:56:27 | 000,000,723 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2012.06.24 11:48:16 | 000,568,789 | ---- | C] () -- C:\Users\Jeremy\Desktop\2012-06-23 21.42.53.jpg
[2012.06.18 19:41:56 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2012.06.18 19:41:49 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2012.06.09 23:46:32 | 000,440,592 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpMEGAN +FOX +2012+NEW+ WALLPAPER+2.JPG
[2012.03.13 00:35:16 | 000,000,776 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\wklnhst.dat
[2012.02.15 16:52:38 | 002,625,201 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp2012-02-15 15.46.49.0
[2012.02.15 16:52:38 | 000,655,939 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp2012-02-15 15.46.49.JPG
[2012.01.12 16:58:13 | 002,400,252 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp2012-01-12 15.51.19.0
[2012.01.12 16:58:13 | 000,603,525 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp2012-01-12 15.51.19.JPG
[2011.11.02 14:22:31 | 000,000,922 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\MPQEditor.ini
[2011.10.20 16:36:46 | 000,079,386 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp331119_1600498389274_1740501766_855086_1301275802_O.JPG
[2011.10.20 16:36:46 | 000,075,167 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp331119_1600498389274_1740501766_855086_1301275802_O.0
[2011.04.01 20:38:03 | 000,021,253 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp49140_1746612513_239984_N.0
[2011.04.01 20:38:03 | 000,019,626 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp49140_1746612513_239984_N.JPG
[2010.12.29 14:45:28 | 000,145,324 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpFOTO1038.3
[2010.12.29 14:45:27 | 000,143,607 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpFOTO1038.2
[2010.12.29 14:45:26 | 000,141,134 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpFOTO1038.1
[2010.12.29 14:45:25 | 000,354,316 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpFOTO1038.JPG
[2010.12.29 14:45:25 | 000,354,316 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpFOTO1038.0
[2010.12.12 21:15:15 | 000,452,076 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpPICT0001.4
[2010.12.12 21:15:13 | 000,455,637 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmpPICT0001.3
[2010.12.01 21:46:23 | 000,091,923 | ---- | C] () -- C:\Windows\SysWow64\EPPICPrinterDB.dat
[2010.12.01 21:46:23 | 000,076,956 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern2.dat
[2010.12.01 21:46:23 | 000,039,121 | ---- | C] () -- C:\Windows\SysWow64\EPPICPattern1.dat
[2010.12.01 21:46:23 | 000,027,965 | ---- | C] () -- C:\Windows\SysWow64\EPPICPresetData_JP.dat
[2010.08.17 21:04:02 | 000,013,458 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp6-6ACC2E7A8CD138F3.0
[2010.08.17 21:04:02 | 000,006,834 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\tmp6-6ACC2E7A8CD138F3.JPG

< End of report >
         

& die andere Textdatei:

Code:
ATTFilter
OTL Extras logfile created on: 08.07.2012 22:38:29 - Run 2
OTL by OldTimer - Version 3.2.43.1     Folder = C:\Users\Jeremy\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,99 Gb Total Physical Memory | 3,69 Gb Available Physical Memory | 61,55% Memory free
11,98 Gb Paging File | 9,18 Gb Available in Paging File | 76,59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 921,17 Gb Total Space | 815,30 Gb Free Space | 88,51% Space Free | Partition Type: NTFS
Drive D: | 10,24 Gb Total Space | 1,91 Gb Free Space | 18,69% Space Free | Partition Type: NTFS
 
Computer Name: JEREMY-PC | User Name: Jeremy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0257B221-B22B-4553-9BF8-5F9391F029C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0A1A7E2A-CB37-446C-ACD1-4FAFE974CC56}" = lport=445 | protocol=6 | dir=in | app=system | 
"{14143A05-732B-4E9C-BEBC-805DA21CD0D9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{155C9E43-73AD-4D48-BABD-6399024EB960}" = rport=138 | protocol=17 | dir=out | app=system | 
"{161B6A39-B273-444D-8D45-6F64A99A9ECF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{296635E4-C0C0-4EEF-BD0C-9113196F1651}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{382062FD-1176-4A6B-B54A-8E53C8388510}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{3C6C9C9D-640B-4588-8892-2F3BE305F425}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{3F69FB5A-2542-493C-B73B-C2D5B417BB63}" = lport=138 | protocol=17 | dir=in | app=system | 
"{527FCD82-B70B-4179-A141-41C74854EE72}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{64425A67-ED4A-4ACD-BF34-C863888C8306}" = lport=8396 | protocol=17 | dir=in | name=league of legends launcher | 
"{6F66B165-4EFB-442D-9400-A6785205969D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{74A55CBB-AAD3-475E-9FF2-67C92C7B0F83}" = rport=139 | protocol=6 | dir=out | app=system | 
"{78024579-1F1B-4A32-A2AC-490F5403B9C0}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{7D9A1B09-7C49-4761-8B3C-ECE4C225DD7B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{86DD6E15-830C-44B2-A3C8-742103A0A735}" = lport=3724 | protocol=6 | dir=in | name=blizzard downloader: 3724 | 
"{8A54EF26-36AF-4440-9154-3840C9A97C0E}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{8AA839AA-DFBB-41FB-BCD8-F895F02E38D3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{91B8DBB7-5CF5-45B6-8EEC-03695991A09A}" = rport=137 | protocol=17 | dir=out | app=system | 
"{B67D5979-8775-45F4-BAD1-DC674430DAAB}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B8931E77-6EBF-46B6-B0C4-59444CDEA145}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{BCE6F1C9-B5FE-46D5-9C41-EBE4C2200302}" = lport=139 | protocol=6 | dir=in | app=system | 
"{CE1AC6E9-8846-4151-BA2F-9FA10D30906F}" = lport=6976 | protocol=6 | dir=in | name=league of legends launcher | 
"{E2D61881-3E76-4698-8C92-1D806030AD26}" = lport=8396 | protocol=6 | dir=in | name=league of legends launcher | 
"{EAACFA38-FF75-47FE-9604-7E971B9B0923}" = rport=445 | protocol=6 | dir=out | app=system | 
"{F2699F99-7A3C-41D0-AA2D-4023A0622C37}" = lport=6976 | protocol=17 | dir=in | name=league of legends launcher | 
"{F45C7599-D258-4144-9F00-E10AC47B0777}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F841398E-2A4E-48D6-BBE0-0F9D1C2BF1FD}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FA2875-8897-452E-B802-9DD9DCB82261}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{07ACFFFD-390B-41CF-8651-0D36BE40BDF0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{07CE6293-0245-4881-AA08-C1CCE71F5B8D}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.patch.exe | 
"{12725068-BBCA-4E80-A4E6-7BEC685B589D}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartphoto.exe | 
"{12FE4E93-E8DC-46EF-A244-B4296B842C06}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe | 
"{135E58C2-E85A-4305-BE29-5624F855C965}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{15F3016B-38DB-426E-B998-01C50F4BD229}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{18347AAA-114C-48F5-B103-C3EFC45A1556}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{1E4A08AB-62C8-4C20-BACB-B53B9561F258}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\kernel\clml\clmlsvc.exe | 
"{21243604-2C93-4FF4-9EB5-9A42EC0F9A80}" = protocol=6 | dir=out | app=system | 
"{23B57529-2A83-4835-A7D5-6A91DCC82555}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{263352DF-8EF5-4AE2-96C3-69C59C46619E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2770C654-54CC-42D1-AE2A-CFED858D8A50}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{313FB264-E9E8-4A89-8AF8-4D0FCB0ECF83}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{3370554E-2D2A-412D-A70D-5CD3642BC5D0}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{3546864B-E655-4FAA-9153-EC224EAB73B7}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{37D499B4-015B-4312-8825-3B3C8545AD17}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe | 
"{3BEDCF66-6B06-4B2E-AC2E-6F5BD83AD00B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4BFC1CF8-461B-4BA7-A33B-F2B947314B73}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{57DDEED6-5618-4EF3-8929-CF5B73B5F151}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{5A774B97-04E0-490F-8CC5-DCDA86E5DF95}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6088CA45-EC77-400E-82D3-23817A27C626}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{6BF863F6-60DB-49DF-8601-C8231C37CB38}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{72C3EE88-83FE-406D-853C-A9D26D203FCB}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{769FD4A8-F7AA-4A3E-91BC-225756577715}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7A620F41-511E-4246-AA7E-0C0D3D67603B}" = protocol=6 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{7EF83FED-4E3C-4D14-A57A-4DF6791EC322}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{81AE9286-6358-4970-A3A5-E7CE2060D322}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{81F1203F-7049-491B-BE7C-C9332125E3A4}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe | 
"{89626932-2FA4-40A8-BFB2-1C764A6846FE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe | 
"{8F6ABD7E-5A82-43D2-A195-73F68F2238FF}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 
"{908B4A24-A750-4CEC-A266-028685E26371}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.exe | 
"{91EEF3F2-A47D-4B0D-BC9F-43399E6C67F0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{95A79B4F-0F0D-4955-94BE-42428E761783}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{A260E0A6-E992-4AD5-96AA-50B417C7D4CE}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A4E4A2B9-4407-4CA4-A1CB-8F60DE348A36}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{AA459632-3C0C-4A00-800E-0F1A625D73AE}" = protocol=17 | dir=in | app=c:\world of warcraft\launcher.exe | 
"{AE0C2C20-5051-465F-9B94-B59893805477}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe | 
"{B06CDF73-A5CC-4D0D-9DF9-50C847C8BE5E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\tsmagent.exe | 
"{B4DBBC01-0224-4683-B6BD-44FD7E19E8CD}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B92F4246-CF2B-457C-A262-752217EEE408}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{C88012E4-6485-4E36-949F-8A874D34C77E}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartvideo.exe | 
"{D7550B3D-60E5-45FB-86BB-4A98E7876A03}" = protocol=6 | dir=in | app=c:\world of warcraft\launcher.patch.exe | 
"{D7B6F69D-38F9-4857-B38B-19DA87F5D9AC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{DBE4EC35-9F17-470C-8C82-BBF801E22ECF}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{DF44AAE0-AB17-4CFC-A099-FEF9F0A13ED5}" = protocol=17 | dir=in | app=c:\users\public\documents\blizzard entertainment\world of warcraft\wow-x.x.x.x-4.0.0.12911-eu-downloader.exe | 
"{E675694B-533B-4D4B-A549-50561A453368}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | 
"{F04C6DE0-49C2-4AD0-9C03-04DEAEDADAD0}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\media\hptouchsmartmusic.exe | 
"{F33CBC42-3D19-4F71-BAA8-E3A01CD0226F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"TCP Query User{11C0F171-702A-48AC-94E0-B024C95FC5F5}C:\users\jeremy\downloads\ptr-installer-de_de(1).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(1).exe | 
"TCP Query User{177491F5-7178-4EF4-AB64-878024CB7379}C:\users\jeremy\downloads\ptr-installer-de_de(2).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(2).exe | 
"TCP Query User{20EB484E-DCD4-4B4C-9D56-23D1A9AE9662}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe | 
"TCP Query User{2F7C5D31-C4B0-4DF7-9C08-392829B2D0B9}C:\users\jeremy\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\jeremy\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{47BC3A51-B2D6-4CA2-8F4E-5AF718C3CE5C}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | 
"TCP Query User{482A9E22-17F9-42A0-AF5F-BCC481AA724C}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe | 
"TCP Query User{60055922-5C76-4C4D-A315-93EB9D1C6FA8}C:\users\jeremy\downloads\ptr-installer-en_us.exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-en_us.exe | 
"TCP Query User{6383AD98-3FA5-4D5A-931A-CC1AB28C0E7D}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{6FA71E18-31C6-4DD4-814E-2EC851A0E20C}C:\users\jeremy\downloads\ptr-installer-de_de(3).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(3).exe | 
"TCP Query User{73162F99-8FE5-4B4A-8A12-31AA36EF0BB6}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{7921AA1D-E328-436C-916A-5AB92A8F3C9E}C:\users\jeremy\downloads\ptr-installer-de_de(4).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(4).exe | 
"TCP Query User{7C8AA864-0B64-455B-AD9C-B99019F97B32}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe | 
"TCP Query User{99F69F4E-4B4A-40CD-934E-9A9E9C0304C3}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe | 
"TCP Query User{9CEFA52B-3E6E-4DFE-AC69-1EC9FBCFE7A5}C:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe | 
"TCP Query User{A98E9FC4-5372-4F6B-81B4-D089F1DEC006}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe | 
"TCP Query User{B3FF96A1-6EE7-4DF1-8EFE-9FD90ECF3A39}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{CEF4D64B-FE17-407F-904B-9F9351A0E8A2}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe | 
"TCP Query User{D6397B30-8DAA-4584-B1A9-F839FCDFDBB6}C:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{F6193FC2-C51C-4ED5-B4FA-5D89FF764C2A}C:\users\jeremy\downloads\ptr-installer-de_de.exe" = protocol=6 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de.exe | 
"TCP Query User{FF2F728D-4BEA-40B1-A16A-5BD2BCEA2B35}C:\riot games\league of legends\lol.launcher.exe" = protocol=6 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | 
"UDP Query User{084E0583-A0DC-491F-AAA6-95C8F2B60550}C:\users\jeremy\downloads\ptr-installer-de_de(1).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(1).exe | 
"UDP Query User{2620FB3B-0FC5-4E47-A648-103E4CC68531}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{274C0EAA-7345-4B61-B225-B9228E521616}C:\users\jeremy\downloads\ptr-installer-de_de(2).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(2).exe | 
"UDP Query User{2AF2A668-32F2-425B-B942-E71B42AFA813}C:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=c:\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{3B8BBA92-E8C9-4C1D-96B5-42D575E3BCAB}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(7).exe | 
"UDP Query User{3CD4A27A-298D-438F-9E2E-432A0CDCF17E}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(4).exe | 
"UDP Query User{42BC36B6-A0EF-4086-91E5-7533BBB08C5E}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(5).exe | 
"UDP Query User{5AF73430-BBC8-4054-AAD7-F928118C573F}C:\users\jeremy\downloads\ptr-installer-de_de(3).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(3).exe | 
"UDP Query User{653490DE-0958-4456-9C27-04A09CCCBEB9}C:\users\jeremy\downloads\ptr-installer-de_de(4).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de(4).exe | 
"UDP Query User{6D9306B7-8096-4DA2-BA24-CE7A6F2EB1A4}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{7A7E9507-F4AE-4FE2-BF64-726422D39891}C:\users\jeremy\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\jeremy\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{7D05EE87-2768-4BC3-A538-BE27AE9DF67C}C:\riot games\league of legends\lol.launcher.exe" = protocol=17 | dir=in | app=c:\riot games\league of legends\lol.launcher.exe | 
"UDP Query User{91D02902-5A61-4B9F-B771-137B358E6031}C:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe | 
"UDP Query User{B029BC15-35F4-47FF-85DF-263BD085F1A2}C:\users\jeremy\downloads\ptr-installer-en_us.exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-en_us.exe | 
"UDP Query User{B9587E30-8A16-4343-B84D-A06A4917217A}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader.exe | 
"UDP Query User{CD5A19E9-35DD-431F-90CA-7344338B667B}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(6).exe | 
"UDP Query User{F0F9BEA2-380A-431D-9C03-92C86E697887}C:\users\jeremy\downloads\ptr-installer-de_de.exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\ptr-installer-de_de.exe | 
"UDP Query User{F772A494-8F57-4B04-9199-7EFAF300025B}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{F7B8F9B5-3832-41EB-AF9C-293D908F245A}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(3).exe | 
"UDP Query User{FB679CC4-DC66-4A91-81C4-FA84CD0E7485}C:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe" = protocol=17 | dir=in | app=c:\users\jeremy\downloads\wow-3.0.1.8874-ptr-eu-installer-downloader(2).exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{26280024-DFB7-4967-90DB-7F9C6660D01E}" = HP MediaSmart SmartMenu
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"NVIDIA Drivers" = NVIDIA Drivers
"PC-Doctor for Windows" = Hardwarediagnosetools
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}" = McAfee SiteAdvisor
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{57C5B3B2-E935-441F-9D3A-0B331E1FE4B9}" = HOT ALBUM MYBOX
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5B295588-59C1-4386-9F85-BB4BEDCB0D22}" = HP Customer Experience Enhancements
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9739666-2235-42F8-85D6-9B4005DC7951}" = Bing Bar
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B40D7926-AE5F-41EA-8AC6-56C0E2F00E9D}" = HP MAINSTREAM KEYBOARD
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C611CF88-969D-43E6-A877-D6D6439DD081}" = HP Remote Solution
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DD6C316A-FE75-4FBB-9D22-4C1920232B72}" = LightScribe System Software
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E9E34215-82EF-4909-BE2F-F581F0DC9062}" = DirectX for Managed Code Update (Summer 2004)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"conduitEngine" = Conduit Engine
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.24.608
"Google Chrome" = Google Chrome
"HP Remote Solution" = HP Remote Solution
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = HP MediaSmart Movie Themes
"InstallShield_{57C5B3B2-E935-441F-9D3A-0B331E1FE4B9}" = HOT ALBUM MYBOX
"InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}" = HP MediaSmart Music/Photo/Video
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mumble" = Mumble and Murmur
"NIS" = Norton Internet Security
"OpenAL" = OpenAL
"PhotoScape" = PhotoScape
"PHPNukeDE Toolbar" = PHPNukeDE Toolbar
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Spotify" = Spotify
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 07.05.2011 14:38:10 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 07.05.2011 14:38:10 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3994
 
Error - 07.05.2011 14:38:10 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3994
 
Error - 07.05.2011 14:38:11 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 07.05.2011 14:38:11 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4992
 
Error - 07.05.2011 14:38:11 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4992
 
Error - 07.05.2011 14:38:12 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 07.05.2011 14:38:12 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5991
 
Error - 07.05.2011 14:38:12 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5991
 
Error - 07.05.2011 14:38:13 | Computer Name = Jeremy-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
[ Media Center Events ]
Error - 06.01.2012 09:36:57 | Computer Name = Jeremy-PC | Source = MCUpdate | ID = 0
Description = 14:36:49 - Fehler beim Herstellen der Internetverbindung.  14:36:49 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 08.07.2012 12:23:46 | Computer Name = Jeremy-PC | Source = SRTSP | ID = 524293
Description = Error loading Symantec real time Anti-Virus driver.
 
Error - 08.07.2012 12:24:01 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Norton Internet Security" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1.
 
Error - 08.07.2012 12:24:26 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SRTSP
 
Error - 08.07.2012 16:20:29 | Computer Name = Jeremy-PC | Source = SRTSP | ID = 524292
Description = Error loading virus definitions.
 
Error - 08.07.2012 16:20:29 | Computer Name = Jeremy-PC | Source = SRTSP | ID = 524293
Description = Error loading Symantec real time Anti-Virus driver.
 
Error - 08.07.2012 16:20:54 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Norton Internet Security" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1.
 
Error - 08.07.2012 16:21:07 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
   SRTSP
 
Error - 08.07.2012 16:21:40 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 08.07.2012 16:21:40 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 08.07.2012 16:22:10 | Computer Name = Jeremy-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
 
< End of report >
         
CCleaner ergab folgendes:

Code:
ATTFilter
Adobe Flash Player 11 ActiveX 64-bit	Adobe Systems Incorporated			11.2.202.235
Adobe Flash Player 11 Plugin	Adobe Systems Incorporated			11.3.300.262
Adobe Reader X (10.1.1) - Deutsch	Adobe Systems Incorporated	01.11.2011	119MB	10.1.1
Apple Application Support	Apple Inc.	08.07.2011	50,9MB	1.5.2
Apple Mobile Device Support	Apple Inc.	08.07.2011	22,6MB	3.4.1.2
Apple Software Update	Apple Inc.	08.07.2011	2,25MB	2.1.3.127
Avira AntiVir Personal - Free Antivirus	Avira GmbH			10.2.0.707
Avira SearchFree Toolbar plus Web Protection	Ask.com	04.07.2012	4,98MB	1.15.4.0
Bing Bar	Microsoft Corporation	15.05.2012	464KB	7.1.382.0
Bonjour	Apple Inc.	08.07.2011	1,74MB	2.0.5.0
CCleaner	Piriform	22.06.2012		3.20
Compatibility Pack für 2007 Office System	Microsoft Corporation	15.05.2012	324MB	12.0.6612.1000
CyberLink DVD Suite Deluxe	CyberLink Corp.	22.09.2009		6.0.3101
Free YouTube to MP3 Converter version 3.11.24.608	DVDVideoSoft Ltd.	18.06.2012		3.11.24.608
Google Chrome	Google Inc.	30.06.2010		20.0.1132.47
Google Earth	Google	25.11.2011	92,7MB	6.1.0.5001
Hardwarediagnosetools	PC-Doctor, Inc.			6.0.5205.31
HOT ALBUM MYBOX	PLANNING Co., Ltd.	01.12.2010		3.1.7.9
HP Customer Experience Enhancements	Hewlett-Packard	22.09.2009		5.7.0.3036
HP MAINSTREAM KEYBOARD	Hewlett-Packard	22.09.2009		1.4.3.0
HP MediaSmart DVD	Hewlett-Packard	22.09.2009		3.0.3123
HP MediaSmart Movie Themes	Hewlett-Packard	22.09.2009		3.0.3102
HP MediaSmart Music/Photo/Video	Hewlett-Packard	22.09.2009		3.0.3205
HP MediaSmart SmartMenu	Hewlett-Packard	22.09.2009	1,85MB	3.0.28.2
HP Odometer	Hewlett-Packard	22.09.2009	48,0KB	2.10.0000
HP Remote Solution	TopSeed	22.09.2009		1.1.9.0
HP Setup	Hewlett-Packard	22.09.2009		1.2.3220.3079
HP Support Information	Hewlett-Packard	22.09.2009	160KB	10.1.0002
HP Update	Hewlett-Packard	22.09.2009	2,96MB	5.001.000.014
Intel® Matrix Storage Manager	Intel Corporation			
Java(TM) 7 Update 4	Oracle	15.05.2012	99,3MB	7.0.40
LabelPrint	CyberLink Corp.	22.09.2009		2.5.1901
League of Legends	Riot Games	18.11.2011		1.3
LightScribe System Software	LightScribe	22.09.2009	22,4MB	1.18.5.1
Malwarebytes Anti-Malware Version 1.61.0.1400	Malwarebytes Corporation	08.07.2012		1.61.0.1400
McAfee SiteAdvisor	McAfee, Inc.			3.5.217
Microsoft .NET Framework 4 Client Profile	Microsoft Corporation	13.06.2012		4.0.30319
Microsoft IntelliPoint 8.2	Microsoft Corporation	25.04.2012		8.20.468.0
Microsoft Office PowerPoint Viewer 2007 (German)	Microsoft Corporation	15.05.2012	114MB	12.0.6612.1000
Microsoft Silverlight	Microsoft Corporation	15.05.2012	242MB	4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU]	Microsoft Corporation	16.01.2010	1,72MB	3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86)	Microsoft Corporation	07.03.2011	625KB	1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86)	Microsoft Corporation	07.03.2011	1,44MB	1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053	Microsoft Corporation	17.01.2010	260KB	8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053	Microsoft Corporation	17.01.2010	252KB	8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable	Microsoft Corporation	16.06.2011	300KB	8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)	Microsoft Corporation	16.06.2011	572KB	8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175	Microsoft Corporation	02.06.2011	580KB	8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148	Microsoft Corporation	17.01.2010	212KB	9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148	Microsoft Corporation	17.01.2010	200KB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570	Microsoft Corporation	02.06.2011	790KB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570	Microsoft Corporation	02.06.2011	598KB	9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17	Microsoft Corporation	22.09.2009	788KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161	Microsoft Corporation	16.06.2011	788KB	9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729	Microsoft Corporation	25.08.2010	598KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17	Microsoft Corporation	22.09.2009	596KB	9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148	Microsoft Corporation	19.12.2010	592KB	9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161	Microsoft Corporation	16.06.2011	600KB	9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219	Microsoft Corporation	10.11.2011	13,8MB	10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219	Microsoft Corporation	10.11.2011	15,0MB	10.0.40219
Microsoft Works	Microsoft Corporation	12.04.2012	666MB	9.7.0621
Mozilla Firefox 13.0.1 (x86 de)	Mozilla			13.0.1
Mozilla Maintenance Service	Mozilla			13.0.1
MSXML 4.0 SP2 (KB954430)	Microsoft Corporation	17.01.2010	1,27MB	4.20.9870.0
MSXML 4.0 SP2 (KB973688)	Microsoft Corporation	17.01.2010	1,33MB	4.20.9876.0
Mumble and Murmur	Mumble			1.2.2
Norton Internet Security	Symantec Corporation			16.7.0.30
NVIDIA Drivers	NVIDIA Corporation			1.4
NVIDIA PhysX	NVIDIA Corporation	25.08.2010	120MB	9.09.0814
OpenAL				
Pando Media Booster	Pando Networks Inc.			2.3.6.0
PhotoScape				
PHPNukeDE Toolbar				
PowerDirector	CyberLink Corp.	22.09.2009		7.0.3101
Realtek High Definition Audio Driver	Realtek Semiconductor Corp.	22.09.2009		6.0.1.5882
Skype Toolbars	Skype Technologies S.A.	08.04.2010	5,23MB	1.0.4051
Skype™ 4.2	Skype Technologies S.A.	08.04.2010	31,7MB	4.2.155
Spotify	Spotify AB	27.06.2012		0.8.4.93.gd9f49c35
SUPERAntiSpyware	SUPERAntiSpyware.com			5.5.1006
TeamSpeak 3 Client	TeamSpeak Systems GmbH			3.0.7
TuneUp Utilities 2011	TuneUp Software	02.12.2010		10.0.2020.1
vShare.tv plugin 1.3	vShare.tv, Inc.			1.3
Windows Live Anmelde-Assistent	Microsoft Corporation	16.01.2010	1,93MB	5.000.818.5
Windows Live Essentials	Microsoft Corporation	07.03.2011		14.0.8117.0416
Windows Live Sync	Microsoft Corporation	07.03.2011	2,79MB	14.0.8117.416
Windows Live-Uploadtool	Microsoft Corporation	16.01.2010	224KB	14.0.8014.1029
WinRAR				
World of Warcraft	Blizzard Entertainment			4.3.4.15595
Yontoo 1.10.02	Yontoo LLC	04.07.2012		1.10.02
         
Bitte um schnelle & ausführliche Hilfe ! weil ein andees Programm SUPERAntiSpyware findet noch ein Virus Namens "Rogue.M SE-Fraud

mfg

Außerdem wurde noch Trojan.Agent/Gen-Yoddos gefunden dies wird mir jedoch auch nur bei Antispyware angezeigt und nicht bei Malewarebytes...

Alt 10.07.2012, 14:44   #2
markusg
/// Malware-holic
 
Wichtig: Bka Virus entdeckt - Standard

Wichtig: Bka Virus entdeckt



öffne malwarebytes, berichte poste alle scans mit funden, auch sonstige funde von anderen programmen
__________________

__________________

Antwort

Themen zu Wichtig: Bka Virus entdeckt
antivir, avira, avira searchfree toolbar, bho, bingbar, bonjour, conduit, converter, desktop, downloader, error, firefox, flash player, google earth, heuristiks/extra, heuristiks/shuriken, home, install.exe, league of legends, logfile, mp3, object, pando media booster, realtek, registry, scan, searchscopes, security, siteadvisor, software, spotify web helper, svchost.exe, symantec, tarma, teamspeak, virus, yontoo



Ähnliche Themen: Wichtig: Bka Virus entdeckt


  1. Windows 7: Virenscanner hat Virus entdeckt
    Log-Analyse und Auswertung - 01.02.2015 (5)
  2. Währens trovigo-Virus-Entfernung Java-Virus Java/Exploit.Agent.OHY trojan entdeckt, den ich nicht loswerde.
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (11)
  3. Mobogenie Virus entdeckt?
    Log-Analyse und Auswertung - 21.02.2014 (9)
  4. guv 2.12 virus in win vista ich kriege ihn nicht weg wichtig!
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (3)
  5. Wichtig: GVU-Trojaner/Virus
    Log-Analyse und Auswertung - 24.10.2012 (4)
  6. Trojan-Dropper.Win32.Injector.firp Befall auf C:\Users\...\DOWNLO~1\Wichtig.zip/Wichtig 10.07.2012
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (9)
  7. Boot Virus entdeckt ! Boo/Dosump.A
    Plagegeister aller Art und deren Bekämpfung - 05.04.2012 (1)
  8. Boot Virus entdeckt ! Boo/Dosump.A
    Mülltonne - 04.04.2012 (0)
  9. [Wichtig]Virus
    Plagegeister aller Art und deren Bekämpfung - 10.11.2010 (5)
  10. BDS/Justfun.A.10 backdoor virus entdeckt ! ! ! !
    Plagegeister aller Art und deren Bekämpfung - 12.08.2010 (6)
  11. WICHTIG!! Virus legt Pc lahm.. Downloader.lop
    Plagegeister aller Art und deren Bekämpfung - 28.08.2009 (1)
  12. Wichtig Virus oder nicht ?
    Mülltonne - 06.11.2008 (0)
  13. lsass.exe und vb gd 19 virus entdeckt
    Log-Analyse und Auswertung - 15.10.2007 (2)
  14. PC reagiert nicht mehr! Virus kann nicht entfernt werden! -WICHTIG-
    Plagegeister aller Art und deren Bekämpfung - 12.02.2007 (9)
  15. virus oder fake? WICHTIG!
    Plagegeister aller Art und deren Bekämpfung - 22.09.2005 (2)
  16. Virus Entdeckt in allen Progs!!
    Plagegeister aller Art und deren Bekämpfung - 28.05.2004 (12)
  17. Virus entdeckt und dann verschwunden?
    Plagegeister aller Art und deren Bekämpfung - 14.08.2003 (4)

Zum Thema Wichtig: Bka Virus entdeckt - Nabend ! Sorry für mein 2. Thread der andere kann jedoch deleted werden ! Also wie in der Überschrift schon steht befindet sich ein Virus auf meinem Pc: welches ich - Wichtig: Bka Virus entdeckt...
Archiv
Du betrachtest: Wichtig: Bka Virus entdeckt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.