Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.07.2012, 21:26   #1
Fuzi23
 
Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Standard

Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm



Hallo,
Als ich heute ein neues Programm installierte funktionierte alle normal, bis ich bemerkte das das Eingabefenster wenn ich es öffne folgende Meldung anzeigt:

Zitat:
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. Alle Rechte vorbehalten.

Die Eingabeaufforderung ist vom Administrator deaktiviert worden.

Drücken Sie eine beliebige Taste . . .
Das Taskmanagersymbol ist ausgeblendet und wenn ich Regedit öffne folgende Meldung:
Zitat:
Das Bearbeiten der Registrierung wurde durch den Administrator deaktiviert.
OTL.txt:
Code:
ATTFilter
OTL logfile created on: 28.07.2012 21:46:36 - Run 1
OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Fuzi\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
5,79 Gb Total Physical Memory | 3,31 Gb Available Physical Memory | 57,05% Memory free
11,59 Gb Paging File | 8,90 Gb Available in Paging File | 76,79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 74,52 Gb Total Space | 1,52 Gb Free Space | 2,03% Space Free | Partition Type: NTFS
Drive D: | 208,92 Gb Total Space | 13,10 Gb Free Space | 6,27% Space Free | Partition Type: NTFS
Drive F: | 195,26 Gb Total Space | 125,06 Gb Free Space | 64,05% Space Free | Partition Type: FAT32
Drive G: | 3,69 Gb Total Space | 1,97 Gb Free Space | 53,46% Space Free | Partition Type: FAT32
Drive H: | 736,17 Gb Total Space | 7,08 Gb Free Space | 0,96% Space Free | Partition Type: NTFS
 
Computer Name: FUZI-PC | User Name: Fuzi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.28 21:35:27 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Fuzi\Desktop\OTL.exe
PRC - [2012.07.25 22:53:48 | 000,428,544 | ---- | M] () -- C:\Users\Fuzi\AppData\Roaming\cacaoweb\cacaoweb.exe
PRC - [2012.07.16 16:31:32 | 007,445,416 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer.exe
PRC - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.07.16 16:22:42 | 000,106,408 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\tv_w32.exe
PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.06.27 12:29:26 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Fuzi\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.02.23 17:54:31 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.03 17:31:34 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files (x86)\Ask.com\Updater\Updater.exe
PRC - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
PRC - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
PRC - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011.09.02 19:54:33 | 000,068,608 | ---- | M] () -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
PRC - [2011.07.20 12:28:38 | 001,376,304 | ---- | M] (Motorola Solutions, Inc.) -- C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
PRC - [2010.11.22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe
PRC - [2010.11.05 03:58:15 | 001,169,224 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
PRC - [2010.07.08 15:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) -- C:\Program Files (x86)\TightVNC\tvnserver.exe
PRC - [2010.05.17 08:51:48 | 000,499,144 | ---- | M] (NextUp.com) -- C:\Program Files (x86)\TextAloud\TAForOELoader.exe
PRC - [2010.02.26 11:28:24 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009.11.24 23:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009.11.10 05:20:36 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.10.27 06:29:32 | 006,998,656 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2009.10.26 20:10:42 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2009.10.21 22:12:50 | 000,106,496 | ---- | M] (NEC Electronics Corporation) -- C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2009.10.01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.10.01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009.09.16 03:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009.09.01 11:00:09 | 000,075,048 | ---- | M] (cyberlink) -- C:\Program Files (x86)\CyberLink\Shared files\brs.exe
PRC - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
PRC - [2009.08.20 06:31:48 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2009.06.19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.05.19 01:59:10 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009.05.19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009.02.23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files (x86)\MagicDisc\MagicDisc.exe
PRC - [2008.12.23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.07.25 22:53:48 | 000,428,544 | ---- | M] () -- C:\Users\Fuzi\AppData\Roaming\cacaoweb\cacaoweb.exe
MOD - [2011.12.12 06:33:52 | 000,498,760 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.03.17 11:38:00 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
MOD - [2011.03.17 01:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010.05.17 08:51:44 | 000,049,600 | ---- | M] () -- C:\Program Files (x86)\TextAloud\TAForOEHook.dll
MOD - [2009.11.24 23:45:36 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
MOD - [2009.11.03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2009.09.23 21:07:14 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
MOD - [2009.09.16 03:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.07.19 13:48:17 | 001,431,888 | ---- | M] (Flexera Software, Inc.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.07.20 12:27:04 | 000,591,920 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\LEsrv.exe -- (Bluetooth Low Energy Service)
SRV:64bit: - [2011.07.20 12:26:50 | 001,250,352 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\audiosrv.exe -- (Bluetooth Media Service)
SRV:64bit: - [2011.07.20 12:26:46 | 004,187,696 | ---- | M] (Motorola Solutions, Inc.) [On_Demand | Running] -- C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe -- (Bluetooth Device Manager)
SRV:64bit: - [2011.06.17 20:28:30 | 000,786,992 | ---- | M] (Motorola Solutions, Inc.) [Auto | Running] -- C:\Program Files\Motorola\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV:64bit: - [2010.08.19 17:43:24 | 000,386,344 | ---- | M] () [Auto | Running] -- C:\Program Files\CyberLink\Shared files\RichVideo64.exe -- (RichVideo64)
SRV:64bit: - [2009.09.17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.07.20 00:52:03 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.16 16:31:32 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.13 12:56:58 | 000,147,368 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe -- (LMIMaint)
SRV - [2012.07.13 12:55:56 | 000,375,208 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2012.07.10 20:27:59 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012.06.27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.06.19 17:13:46 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.03 08:31:10 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.02.23 17:54:31 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.02.21 00:26:32 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Stopped] -- H:\Games\TribesAscend\HiPatchService.exe -- (HiPatchService)
SRV - [2012.02.20 18:38:58 | 000,647,680 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.10.21 16:23:42 | 000,196,176 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011.10.13 18:21:52 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011.09.16 15:10:50 | 000,407,424 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe -- (LogMeIn)
SRV - [2011.09.02 19:54:33 | 000,068,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe -- (Autodesk Licensing Service)
SRV - [2011.04.24 22:55:00 | 004,066,168 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.11.22 22:52:46 | 000,718,072 | ---- | M] (Tunngle.net GmbH) [Auto | Running] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2010.07.08 15:28:56 | 000,815,704 | ---- | M] (GlavSoft LLC.) [Auto | Running] -- C:\Program Files (x86)\TightVNC\tvnserver.exe -- (tvnserver)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.11.10 05:20:36 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.10.01 05:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2009.10.01 05:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2009.09.15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009.08.27 17:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009.07.13 02:08:04 | 000,024,168 | ---- | M] (The Within Network, LLC) [Auto | Running] -- C:\Windows\UnsignedThemesSvc.exe -- (UnsignedThemes)
SRV - [2009.06.16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.08.07 11:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.13 12:56:17 | 000,087,488 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\LMIRfsClientNP.dll -- (LMIRfsClientNP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.06.29 23:55:37 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2012.06.05 16:03:52 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.10.15 10:53:00 | 000,028,992 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011.10.02 21:27:56 | 000,027,176 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggsemc.sys -- (ggsemc)
DRV:64bit: - [2011.10.02 21:27:56 | 000,013,352 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ggflt.sys -- (ggflt)
DRV:64bit: - [2011.09.29 09:04:22 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:64bit: - [2011.09.16 15:10:50 | 000,072,216 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
DRV:64bit: - [2011.09.16 15:10:24 | 000,011,552 | ---- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lmimirr.sys -- (lmimirr)
DRV:64bit: - [2011.09.02 10:18:54 | 001,045,608 | R--- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtwlanu.sys -- (RTL8192cu)
DRV:64bit: - [2011.08.01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.07.28 18:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)
DRV:64bit: - [2011.07.25 20:10:44 | 000,684,416 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmusb.sys -- (BTMUSB)
DRV:64bit: - [2011.07.19 20:45:24 | 000,034,048 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmhid.sys -- (BTMHID)
DRV:64bit: - [2011.06.13 22:05:10 | 001,069,752 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\wcmvcam64.sys -- (WCMVCAM)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.28 21:51:20 | 000,294,232 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Treiber\VMM.sys -- (vmm)
DRV:64bit: - [2011.02.22 19:33:16 | 000,052,736 | ---- | M] (Motorola Solutions, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btmcom.sys -- (BTMCOM)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.08.25 20:36:04 | 010,611,552 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010.01.29 12:09:10 | 000,125,344 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2009.12.17 04:42:07 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.12 22:22:18 | 000,032,056 | ---- | M] (Hewlett Packard Development LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HPx9G2k.sys -- (HPx9G+)
DRV:64bit: - [2009.10.30 00:56:33 | 000,244,736 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2009.10.27 09:19:48 | 000,176,640 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2009.10.27 09:19:46 | 000,075,264 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2009.10.26 06:39:43 | 000,151,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.10.15 11:23:19 | 000,117,760 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009.10.05 18:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.09.17 22:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.09.04 07:39:07 | 000,062,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.08.21 08:48:17 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.08.20 20:41:37 | 001,800,192 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.21 03:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.07.13 02:09:20 | 000,030,568 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\uxpatch.sys -- (uxpatch)
DRV:64bit: - [2009.06.18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.13 19:07:20 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009.03.27 14:25:10 | 000,027,160 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mcdbus.sys -- (mcdbus)
DRV:64bit: - [2008.12.26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2008.12.08 18:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008.05.24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.01.29 07:20:34 | 000,079,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMNetSrv.sys -- (VPCNetS2)
DRV - [2011.09.16 15:10:50 | 000,015,928 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys -- (LMIInfo)
DRV - [2009.09.02 02:59:44 | 000,146,928 | ---- | M] (CyberLink Corp.) [2010/02/26 00:37:46] [Kernel | Auto | Running] -- C:\Program Files (x86)\Cyberlink\PowerDVD9\000.fcl -- ({B154377D-700F-42cc-9474-23858FBDF4BD})
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 03:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
DRV - [2009.02.24 18:35:44 | 000,255,552 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\mcdbus.sys -- (mcdbus)
DRV - [2005.01.01 11:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://asus.at.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 92 E4 F6 CF A9 D6 CB 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddr&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ASUT_deAT446
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888
 
========== FireFox ==========
 
FF - prefs.js..network.proxy.http: "200.172.102.66"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@gamersfirst.com/LiveLauncher: C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Fuzi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.13 15:00:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.31 18:20:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.20 00:52:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.05 15:04:01 | 000,000,000 | ---D | M]
 
[2011.09.18 01:26:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fuzi\AppData\Roaming\mozilla\Extensions
[2012.07.23 15:21:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fuzi\AppData\Roaming\mozilla\Firefox\Profiles\eysg4pz6.default\extensions
[2012.06.30 15:44:53 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Fuzi\AppData\Roaming\mozilla\Firefox\Profiles\eysg4pz6.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
[2011.12.14 22:33:05 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Fuzi\AppData\Roaming\mozilla\Firefox\Profiles\eysg4pz6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.30 15:44:55 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Fuzi\AppData\Roaming\mozilla\Firefox\Profiles\eysg4pz6.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2011.11.11 23:57:14 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\Fuzi\AppData\Roaming\mozilla\Firefox\Profiles\eysg4pz6.default\extensions\cacaoweb@cacaoweb.org
[2012.07.05 15:04:11 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.31 20:40:13 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.05 15:04:11 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2011.11.10 21:07:35 | 007,704,298 | ---- | M] () (No name found) -- C:\USERS\FUZI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EYSG4PZ6.DEFAULT\EXTENSIONS\{7BDB48D1-CD94-4B99-A5A4-E418B9EE6532}.XPI
[2011.11.10 21:07:35 | 000,003,835 | ---- | M] () (No name found) -- C:\USERS\FUZI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EYSG4PZ6.DEFAULT\EXTENSIONS\EXTERNALIP@ERIK.MORLIN.XPI
[2012.06.30 15:44:53 | 001,335,949 | ---- | M] () (No name found) -- C:\USERS\FUZI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EYSG4PZ6.DEFAULT\EXTENSIONS\FIREBUG@SOFTWARE.JOEHEWITT.COM.XPI
[2011.11.11 21:59:49 | 000,024,752 | ---- | M] () (No name found) -- C:\USERS\FUZI\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EYSG4PZ6.DEFAULT\EXTENSIONS\FIRETRACKTOR@THETRACKTOR.COM.XPI
[2012.07.20 00:52:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.30 15:44:42 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.30 15:44:42 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.30 15:44:42 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.03.13 17:48:03 | 000,002,046 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrchddr.xml
[2012.06.30 15:44:42 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.30 15:44:42 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.30 15:44:42 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.at/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.at/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\npBP4FUpdater.dll
CHR - plugin: Battlefield Play4Free Updater (Enabled) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\BP4FUpdater.exe
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.122.0_0\npBFHUpdater.dll
CHR - plugin: EA Battlefield Heroes Updater (Enabled) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.122.0_0\BFHUpdater.exe
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Fuzi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: QR-Code Sch\u00F6pfer = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaephdgbinagkeepamlbkhkfbiaedabm\1.4_0\
CHR - Extension: BIODIGITAL HUMAN = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak\0.9.5_0\
CHR - Extension: Angry Birds = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: 3DTin = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\algoakekcdmbbikdjgjdahbfihboglmi\1.0_0\
CHR - Extension: 4chan Extension [New] = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhljghahohpihkdhhgaddnipndobpbbb\2.0.5_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: Hide My Ass! Web Proxy = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd\1.2.5_0\
CHR - Extension: Realm of the Mad God = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\
CHR - Extension: Realm of the Mad God = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhjfmaldpppkmjjgkmadddbanpabfflp\1.0.0.3_0\~
CHR - Extension: bloomind ct deepdark = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\djolekdiiojehgfggcjckachfgkkdmjd\1_0\
CHR - Extension: Battlefield Play4Free = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkejhbcdagodjdndmfnhaibnealjonei\1.0.66.2_0\
CHR - Extension: Beautiful QR Code generator = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkmjofjfechnmgaedinbgnkdgpodncf\1.0_0\
CHR - Extension: YoWindow Wetter = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef\1.33_0\
CHR - Extension: Stylish = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe\0.10_0\
CHR - Extension: Edit This Cookie = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg\0.31_0\
CHR - Extension: Battlefield Heroes = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdfjahpadlpfnfheehpddpcllihfkmm\5.0.122.0_0\
CHR - Extension: Premium Cookie Injector (Multi-Server) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\hglhnookgghcefjamdoakhhfamnhodpd\1.4_0\
CHR - Extension: avast! WebRep = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1456_0\
CHR - Extension: Super Mario Bros. Crossover (Hacked!) = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilcellbipoehgheiecfonfmjccknmggo\1.1_0\
CHR - Extension: Get Flash = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\innejflndneacnpgjkdhejmejgpnhfgf\1.0.5_0\
CHR - Extension: Handcraft = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgpklhhhiiafnocfiikcpffkogjkdmki\1.1.4_0\
CHR - Extension: Until AM = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kodigjkcpaoeodlnmcnekemakpnmegnk\0.203_0\
CHR - Extension: FVD Video Downloader = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\1.2.9_0\
CHR - Extension: Skype Click to Call = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.10.0.9560_0\
CHR - Extension: Illimitux = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mamnihopcnbfnbfnnneplcohmnkkpipb\1.0_0\
CHR - Extension: Google Mail-Checker = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\3.2_0\
CHR - Extension: Plants vs Zombies = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: Google Play Books = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.3_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Mini Ninjas = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi\1.0.0.6_0\
CHR - Extension: Picasa = C:\Users\Fuzi\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb\6.2.2_0\
 
O1 HOSTS File: ([2012.07.01 15:19:52 | 000,001,439 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O1 - Hosts: 127.0.0.1 mp02.maniaplanet.com
O1 - Hosts: 127.0.0.1 mp01.maniaplanet.com
O1 - Hosts: 127.0.0.1 mp03.maniaplanet.com
O1 - Hosts: 127.0.0.1 game.maniaplanet.com
O1 - Hosts: 127.0.0.1		ec2-50-19-47-160.compute-1.amazonaws.com
O1 - Hosts: 127.0.0.1		ec2-46-137-143-87.eu-west-1.compute.amazonaws.com
O1 - Hosts: 127.0.0.1		ec2-174-129-56-145.compute-1.amazonaws.com
O1 - Hosts: 127.0.0.1		ec2-107-20-55-255.compute-1.amazonaws.com
O1 - Hosts: 127.0.0.1		ec2-204-236-195-161.compute-1.amazonaws.com
O1 - Hosts: 127.0.0.1		ec2-176-34-71-225.eu-west-1.compute.amazonaws.com
O1 - Hosts: 127.0.0.1		ec2-46-137-38-91.eu-west-1.compute.amazonaws.com
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (no name) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (TextAloud Toolbar) - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} - C:\PROGRA~2\TEXTAL~1\TAForIE.dll (NextUp.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files\Motorola\Bluetooth\btmshell.dll (Motorola Solutions, Inc.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe ()
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Cyberlink\MediaShowEspresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\Cyberlink\PowerDVD9\Language\Language.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TAForOE Loader] C:\Program Files (x86)\TextAloud\TAForOELoader.exe (NextUp.com)
O4 - HKLM..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot File not found
O4 - HKLM..\Run: [tvncontrol] C:\Program Files (x86)\TightVNC\tvnserver.exe (GlavSoft LLC.)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Fuzi\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [cacaoweb] C:\Users\Fuzi\AppData\Roaming\cacaoweb\cacaoweb.exe ()
O4 - HKCU..\Run: [Desura] C:\Program Files (x86)\Desura\Desura.exe -autostart File not found
O4 - HKCU..\Run: [fsm]  File not found
O4 - HKCU..\Run: [HP Photosmart 5510 series (NET)] C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.)
O4 - HKCU..\Run: [Steam] D:\Steam\steam.exe (Valve Corporation)
O4 - HKCU..\Run: [updater] C:\Users\Fuzi\AppData\Local\Temp\updater.exe (Jesus)
O4 - Startup: C:\Users\Fuzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Fuzi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\Fuzi\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9:64bit: - Extra Button: @C:\Program Files\Motorola\Bluetooth\Resources\deu.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\Resources\deu.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: @C:\Program Files\Motorola\Bluetooth\Resources\deu.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\Motorola\Bluetooth\Resources\deu.dll,-247 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm ()
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files (x86)\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Reg Error: Key error.)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EF67EFC9-F717-4515-8217-CAD34458BE4C}: DhcpNameServer = 192.168.0.138
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help - No CLSID value found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) -  File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {E31004D1-A431-41B8-826F-E902F9D95C81} - Windows DreamScene - C:\Windows\SysNative\DreamScene.dll (Microsoft Corporation)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{7d235484-629c-11e0-8958-f6445e055373}\Shell - "" = AutoRun
O33 - MountPoints2\{7d235484-629c-11e0-8958-f6445e055373}\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.28 21:35:25 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Fuzi\Desktop\OTL.exe
[2012.07.28 20:08:09 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
[2012.07.28 19:50:41 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\dclogs
[2012.07.27 19:35:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrickForce
[2012.07.26 22:04:04 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Project64 1.7
[2012.07.26 22:04:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project64 1.7
[2012.07.26 22:03:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Project64 1.7
[2012.07.24 00:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
[2012.07.24 00:52:42 | 000,000,000 | ---D | C] -- C:\Program Files\Oracle
[2012.07.23 22:09:48 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Local\Temporary Projects
[2012.07.23 14:29:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WebClicker
[2012.07.22 14:11:17 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\SFBot
[2012.07.22 14:10:55 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Desktop\SFBot_v2.1.0
[2012.07.21 23:22:57 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Documents\SFGame
[2012.07.21 22:08:07 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\Charles
[2012.07.21 22:06:20 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Charles
[2012.07.21 22:06:11 | 000,000,000 | ---D | C] -- C:\Program Files\Charles
[2012.07.21 09:11:40 | 000,071,680 | ---- | C] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2012.07.21 09:11:38 | 000,065,536 | ---- | C] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2012.07.20 01:15:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pokemon World Online
[2012.07.19 18:40:58 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2012.07.19 16:45:12 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Desktop 2
[2012.07.19 16:16:26 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\Dexpot
[2012.07.19 16:16:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dexpot
[2012.07.19 14:15:42 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2012.07.19 13:49:07 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Documents\Mudbox
[2012.07.16 20:33:47 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Desktop\Wallpapers
[2012.07.16 16:50:45 | 001,142,784 | ---- | C] (Fuzi23) -- C:\Users\Fuzi\Desktop\Youtube Viewer.exe
[2012.07.16 13:42:29 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\temp
[2012.07.15 22:24:51 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\Awesomium
[2012.07.14 19:29:36 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Local\BlueStacksSetup
[2012.07.14 19:29:36 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Local\BlueStacks
[2012.07.11 13:05:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Desura
[2012.07.11 13:05:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura
[2012.07.10 15:56:50 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Documents\MC Model
[2012.07.10 12:28:10 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\riotsGamesLogs
[2012.07.09 22:15:01 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\workspace
[2012.07.09 22:10:53 | 000,000,000 | ---D | C] -- C:\Program Files\eclipse
[2012.07.09 20:05:31 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Desktop\Entpacker
[2012.07.09 19:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android SDK Tools
[2012.07.09 19:52:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Android
[2012.07.09 17:11:24 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Documents\Wolfire
[2012.07.09 16:55:01 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overgrowth
[2012.07.09 16:55:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Overgrowth
[2012.07.02 16:26:20 | 000,000,000 | ---D | C] -- C:\Users\Fuzi\Documents\Amnesia
[2012.07.02 13:23:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.07.02 13:23:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.07.01 16:13:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft XNA Game Studio 4.0
[2012.06.30 17:50:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\SourceTec
[2012.06.30 17:50:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sothink SWF Decompiler
[2012.06.30 17:40:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SourceTec
[2012.06.30 15:45:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.06.30 15:45:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012.06.30 00:19:46 | 000,405,144 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll
[2012.06.30 00:19:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.06.29 23:55:37 | 000,066,728 | ---- | C] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys
[2012.06.29 23:55:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Audio Cable
[2012.06.29 23:55:37 | 000,000,000 | ---D | C] -- C:\Program Files\Virtual Audio Cable
[2008.08.12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[5 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.28 21:51:21 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.28 21:51:21 | 000,010,240 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.28 21:48:04 | 001,805,370 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.28 21:48:04 | 000,767,644 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.28 21:48:04 | 000,721,314 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.28 21:48:04 | 000,174,538 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.28 21:48:04 | 000,147,276 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.28 21:40:15 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.28 21:38:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.28 21:37:43 | 371,351,551 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.28 21:37:08 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\Access.dat
[2012.07.28 21:36:14 | 000,000,188 | ---- | M] () -- C:\Users\Fuzi\defogger_reenable
[2012.07.28 21:35:27 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Fuzi\Desktop\OTL.exe
[2012.07.28 21:35:14 | 000,050,477 | ---- | M] () -- C:\Users\Fuzi\Desktop\Defogger.exe
[2012.07.28 21:23:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.28 21:22:44 | 005,167,120 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.28 20:35:56 | 000,000,714 | ---- | M] () -- C:\Users\Fuzi\Desktop\DisableRegistryTools.zip
[2012.07.28 20:08:09 | 000,000,426 | ---- | M] () -- C:\Users\Fuzi\Desktop\Fraps.lnk
[2012.07.24 01:31:49 | 000,037,336 | ---- | M] () -- C:\Users\Fuzi\Desktop\mastersword.GR2
[2012.07.24 00:53:04 | 000,001,078 | ---- | M] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.07.23 15:20:16 | 000,001,148 | ---- | M] () -- C:\Users\Fuzi\Desktop\Mozilla Firefox.lnk
[2012.07.23 14:30:01 | 000,001,915 | ---- | M] () -- C:\Users\Fuzi\Desktop\HeadStrong WebClicker.lnk
[2012.07.22 23:00:21 | 000,267,152 | ---- | M] () -- C:\Users\Fuzi\Desktop\link.GR2
[2012.07.22 12:48:53 | 000,002,875 | ---- | M] () -- C:\Users\Fuzi\Desktop\Charles.lnk
[2012.07.21 20:15:23 | 000,006,523 | ---- | M] () -- C:\Users\Fuzi\Desktop\sfgametest.php
[2012.07.21 09:11:40 | 000,071,680 | ---- | M] (Beepa P/L) -- C:\Windows\SysNative\frapsv64.dll
[2012.07.21 09:11:38 | 000,065,536 | ---- | M] (Beepa P/L) -- C:\Windows\SysWow64\frapsvid.dll
[2012.07.20 16:17:02 | 000,003,416 | ---- | M] () -- C:\bootsqm.dat
[2012.07.20 01:26:47 | 000,000,204 | ---- | M] () -- C:\Users\Fuzi\Documents\PWOOptions.ini
[2012.07.20 01:15:20 | 000,000,521 | ---- | M] () -- C:\Users\Public\Desktop\Pokemon World Online.lnk
[2012.07.19 18:55:34 | 000,150,771 | ---- | M] () -- C:\Users\Fuzi\Desktop\call_of_duty___facebook_titelbild_by_rockit_rh-d4yhn7x.jpg
[2012.07.19 16:35:13 | 000,000,937 | ---- | M] () -- C:\Users\Fuzi\Desktop\TeamSpeak 3 Client.lnk
[2012.07.19 13:48:13 | 000,001,399 | ---- | M] () -- C:\Users\Public\Desktop\Autodesk Mudbox 2012 64-bit.lnk
[2012.07.16 21:46:29 | 001,142,784 | ---- | M] (Fuzi23) -- C:\Users\Fuzi\Desktop\Youtube Viewer.exe
[2012.07.16 12:33:28 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012.07.13 15:00:43 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2012.07.13 14:37:33 | 000,171,222 | ---- | M] () -- C:\Users\Fuzi\Desktop\TheMos.jpg
[2012.07.13 12:56:17 | 000,087,488 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIRfsClientNP.dll
[2012.07.13 12:56:05 | 000,034,720 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIport.dll
[2012.07.13 12:56:01 | 000,080,800 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\SysNative\LMIinit.dll
[2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys
[2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys
[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe
[2012.07.03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2012.07.02 13:23:49 | 000,000,928 | ---- | M] () -- C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
[2012.07.02 13:17:11 | 000,002,305 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012.07.01 15:19:52 | 000,001,439 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.06.29 23:55:37 | 000,066,728 | ---- | M] (Eugene V. Muzychenko) -- C:\Windows\SysNative\drivers\vrtaucbl.sys
[5 C:\*.tmp files -> C:\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.28 21:36:13 | 000,000,188 | ---- | C] () -- C:\Users\Fuzi\defogger_reenable
[2012.07.28 21:35:13 | 000,050,477 | ---- | C] () -- C:\Users\Fuzi\Desktop\Defogger.exe
[2012.07.28 20:36:05 | 000,000,986 | ---- | C] () -- C:\Users\Fuzi\Desktop\DisableRegistryTools.VBS
[2012.07.28 20:35:55 | 000,000,714 | ---- | C] () -- C:\Users\Fuzi\Desktop\DisableRegistryTools.zip
[2012.07.28 20:08:09 | 000,000,426 | ---- | C] () -- C:\Users\Fuzi\Desktop\Fraps.lnk
[2012.07.24 01:31:49 | 000,037,336 | ---- | C] () -- C:\Users\Fuzi\Desktop\mastersword.GR2
[2012.07.24 00:53:04 | 000,001,078 | ---- | C] () -- C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
[2012.07.23 15:20:16 | 000,001,148 | ---- | C] () -- C:\Users\Fuzi\Desktop\Mozilla Firefox.lnk
[2012.07.23 14:30:01 | 000,001,915 | ---- | C] () -- C:\Users\Fuzi\Desktop\HeadStrong WebClicker.lnk
[2012.07.23 14:30:00 | 000,001,927 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HeadStrong WebClicker.lnk
[2012.07.22 22:03:03 | 000,267,152 | ---- | C] () -- C:\Users\Fuzi\Desktop\link.GR2
[2012.07.22 12:48:53 | 000,002,875 | ---- | C] () -- C:\Users\Fuzi\Desktop\Charles.lnk
[2012.07.21 20:07:40 | 000,006,523 | ---- | C] () -- C:\Users\Fuzi\Desktop\sfgametest.php
[2012.07.20 16:17:02 | 000,003,416 | ---- | C] () -- C:\bootsqm.dat
[2012.07.20 01:15:20 | 000,000,521 | ---- | C] () -- C:\Users\Public\Desktop\Pokemon World Online.lnk
[2012.07.20 01:12:36 | 000,000,204 | ---- | C] () -- C:\Users\Fuzi\Documents\PWOOptions.ini
[2012.07.19 18:55:40 | 000,150,771 | ---- | C] () -- C:\Users\Fuzi\Desktop\call_of_duty___facebook_titelbild_by_rockit_rh-d4yhn7x.jpg
[2012.07.19 16:35:13 | 000,000,937 | ---- | C] () -- C:\Users\Fuzi\Desktop\TeamSpeak 3 Client.lnk
[2012.07.19 13:48:13 | 000,001,399 | ---- | C] () -- C:\Users\Public\Desktop\Autodesk Mudbox 2012 64-bit.lnk
[2012.07.13 14:37:18 | 000,171,222 | ---- | C] () -- C:\Users\Fuzi\Desktop\TheMos.jpg
[2012.06.07 14:48:29 | 000,000,132 | ---- | C] () -- C:\Users\Fuzi\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2012.06.01 17:41:31 | 000,000,132 | ---- | C] () -- C:\Users\Fuzi\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.05.30 19:35:06 | 000,001,225 | ---- | C] () -- C:\Users\Fuzi\.recently-used.xbel
[2012.05.20 20:54:35 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.03.20 20:04:07 | 000,000,449 | ---- | C] () -- C:\Users\Fuzi\.swfinfo
[2012.03.11 14:30:29 | 000,000,132 | ---- | C] () -- C:\Users\Fuzi\AppData\Roaming\Adobe IllExport Filter CS5 Prefs
[2012.02.20 18:41:31 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.02.12 02:52:33 | 000,007,591 | ---- | C] () -- C:\Users\Fuzi\AppData\Local\Resmon.ResmonCfg
[2011.12.12 19:12:03 | 000,000,000 | ---- | C] () -- C:\Users\Fuzi\AppData\Local\{31CF3117-AAFF-4DC6-B92B-83D0921447CC}
[2011.10.25 19:40:03 | 000,131,072 | ---- | C] () -- C:\Windows\SysWow64\lzo.dll
[2011.10.10 18:57:29 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\nvRegDev.dll
[2011.10.10 18:57:19 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\nvTextureToolsUtil.dll
[2011.10.10 18:57:19 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\nvISWOW64.dll
[2011.10.10 16:31:52 | 000,108,475 | ---- | C] () -- C:\Windows\Thumbplug TGA Uninstaller.exe
[2011.09.10 14:49:45 | 000,325,120 | -HS- | C] () -- C:\Windows\SysWow64\Trainer.dll
[2011.09.10 14:38:35 | 000,000,010 | -HS- | C] () -- C:\Windows\SysWow64\Userdata.ini
[2011.08.07 16:09:30 | 000,144,384 | ---- | C] () -- C:\Windows\SysWow64\miccyhook.dll
[2011.08.01 21:59:45 | 000,080,384 | ---- | C] () -- C:\Windows\gamedelete.exe
[2011.07.31 21:59:42 | 000,000,017 | ---- | C] () -- C:\Windows\guiinfo.dat
[2011.07.23 17:03:57 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2011.07.17 15:52:23 | 000,051,222 | ---- | C] () -- C:\Users\Fuzi\AppData\Roaming\room_v3.dat
[2011.07.17 13:35:41 | 000,049,546 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011.06.22 21:06:29 | 000,002,098 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2011.06.22 21:06:29 | 000,000,088 | RHS- | C] () -- C:\ProgramData\BC01F80FDA.sys
[2011.05.20 20:10:00 | 000,000,032 | ---- | C] () -- C:\Users\Fuzi\.gtkrc-2.0
[2011.04.24 19:56:52 | 000,283,416 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.04.24 19:56:48 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.04.16 13:49:49 | 000,000,218 | ---- | C] () -- C:\Windows\iepreview.ini
[2011.04.10 14:05:36 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat
[2011.04.10 13:55:28 | 000,046,742 | ---- | C] () -- C:\Users\Fuzi\AppData\Roaming\room.dat
[2011.04.09 18:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.04.09 16:20:16 | 000,004,608 | ---- | C] () -- C:\Users\Fuzi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.03.12 18:42:08 | 000,000,600 | ---- | C] () -- C:\Users\Fuzi\AppData\Local\PUTTY.RND
[2011.03.12 15:47:55 | 001,589,248 | ---- | C] () -- C:\Windows\SysWow64\libmysql_d.dll
[2011.03.06 17:47:27 | 001,787,212 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.03.05 19:29:26 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.03.05 19:09:14 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2011.03.05 19:09:14 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2010.08.25 20:34:30 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2010.08.25 20:34:30 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2010.08.25 20:34:30 | 000,104,796 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2010.02.26 11:03:23 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009.04.08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008.05.22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
 
========== LOP Check ==========
 
[2012.07.28 19:19:33 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\.minecraft
[2012.03.07 16:00:02 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\1minecraft2
[2011.03.12 00:39:54 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\AnvSoft
[2011.02.27 19:59:10 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Asus WebStorage
[2011.09.01 20:45:51 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Audacity
[2012.07.19 14:15:46 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Autodesk
[2011.05.20 20:02:33 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Avnex
[2012.07.15 22:24:52 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Awesomium
[2012.03.30 13:13:31 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Azureus
[2011.08.13 16:00:26 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\bellz
[2011.04.23 20:50:37 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Blender Foundation
[2012.07.28 19:26:19 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\cacaoweb
[2012.07.21 22:38:21 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Charles
[2012.05.26 13:15:03 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\DAEMON Tools Lite
[2011.11.22 22:07:02 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Daroo NotGmBh
[2012.07.28 19:51:07 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\dclogs
[2012.07.19 16:57:35 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Dexpot
[2012.02.27 16:38:00 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Dropbox
[2012.06.30 00:20:28 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\DVDVideoSoft
[2012.06.30 00:21:16 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.03 20:28:27 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\expedit
[2012.07.27 20:34:24 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\FileZilla
[2012.02.21 04:21:33 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\fltk.org
[2011.04.24 19:59:07 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\gamesport
[2011.08.09 16:00:24 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\gtk-2.0
[2011.11.26 02:43:10 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Hex-Rays
[2012.05.30 18:42:00 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\inkscape
[2012.01.29 02:43:25 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\KiTTY
[2011.04.22 19:44:47 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\LolClient
[2012.03.07 17:34:21 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\LOVE
[2011.10.31 20:15:13 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Macro Recorder
[2011.07.23 17:09:46 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\MAGIX
[2012.02.03 15:05:07 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\ManyCam
[2012.02.28 20:44:51 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\MAXON
[2012.03.17 22:15:31 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Minecraft Map Viewer
[2011.12.24 14:13:22 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Minecraft Skin Viewer
[2011.11.11 22:10:08 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Minetographer
[2012.03.02 16:37:44 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\MonoDevelop-Unity
[2011.03.06 17:24:13 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Notepad++
[2011.04.18 20:31:11 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\OpenOffice.org
[2012.02.19 22:12:39 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\PACE Anti-Piracy
[2012.06.06 20:25:18 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Pamela
[2011.04.28 19:52:52 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Publish Providers
[2012.02.23 15:04:20 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\RotMG.Production
[2012.03.24 21:14:57 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Rovio
[2012.01.24 18:00:12 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Screaming Bee
[2011.07.02 11:33:29 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Seeing Machines
[2012.07.22 14:11:17 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\SFBot
[2011.07.17 02:17:59 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Smith Micro
[2011.06.17 14:26:34 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Software Informer
[2011.07.08 19:15:48 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Sony
[2011.03.03 19:14:22 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Subversion
[2011.10.24 20:19:54 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\TeamViewer
[2011.04.30 22:06:00 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Teeworlds
[2011.09.11 14:15:27 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Tropico 3
[2012.06.25 19:32:46 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\TS3Client
[2011.10.21 20:29:20 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\ts3overlay
[2012.04.22 16:08:28 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Tube Groove
[2011.04.10 21:17:50 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Tunngle
[2011.07.10 17:58:19 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Ubisoft
[2012.02.19 22:13:01 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\Unity
[2012.07.19 17:11:07 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\uTorrent
[2011.08.01 20:53:16 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\WebcamMax
[2011.04.14 20:27:57 | 000,000,000 | ---D | M] -- C:\Users\Fuzi\AppData\Roaming\XMedia Recode
[2011.11.03 21:37:13 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1269 bytes -> C:\ProgramData\Microsoft:WJ9LFVluu0Q6Q2TM2iHhYk9Nwcc
@Alternate Data Stream - 1213 bytes -> C:\Users\Fuzi\AppData\Local\Temp:GyPrJM3pIiePsBVdnT7scC5JuyH
@Alternate Data Stream - 1212 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:eEA6SxfuQ8whdKxG5bFagVym
@Alternate Data Stream - 1160 bytes -> C:\ProgramData\Microsoft:Ssc6Shf4lF3FyZyo8eWuK1nOSMF
@Alternate Data Stream - 1114 bytes -> C:\Program Files (x86)\Common Files\microsoft shared:o5DEmY4WUnAYOdz6N3WF

< End of report >
         
Extras.txt im Anhang.


Ich hoffe ihr könnt mir helfen!

Geändert von Fuzi23 (28.07.2012 um 21:38 Uhr)

Alt 29.07.2012, 00:24   #2
markusg
/// Malware-holic
 
Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Standard

Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm



dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.


• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.



Code:
ATTFilter
:OTL
O4 - HKCU..\Run: [updater] C:\Users\Fuzi\AppData\Local\Temp\updater.exe (Jesus)
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1
 :Files
C:\Users\Fuzi\AppData\Local\Temp\updater.exe
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]
         


• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.
starte in den normalen modus.

falls du keine symbole hast, dann rechtsklick, ansicht, desktop symbole einblenden

Hinweis: Die Datei bitte wie in der Anleitung zum UpChannel angegeben auch da hochladen. Bitte NICHT die ZIP-Datei hier als Anhang
in den Thread posten!




Drücke bitte die + E Taste.
  • Öffne dein Systemlaufwerk ( meistens C: )
  • Suche nun
    folgenden Ordner: _OTL und öffne diesen.
  • Mache einen Rechtsklick auf den Ordner Movedfiles --> Senden an --> Zip-Komprimierter Ordner

  • Dies wird eine Movedfiles.zip Datei in _OTL erstellen
  • Lade diese bitte in unseren Uploadchannel
    hoch. ( Durchsuchen --> C:\_OTL\Movedfiles.zip )
Teile mir mit ob der Upload problemlos geklappt hat. Danke im voraus


was hast du wo geladen? wenn du das setup noch hast, im upload channel hochladen.
wenn du den link noch hast, als private nachicht an mich.
__________________

__________________

Alt 29.07.2012, 00:27   #3
Fuzi23
 
Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Standard

Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm



Danke für deine Antwort jedoch kommt sie eine halbe Stunde zu spät habe selber alles per Hand entfernt und funktioniert nun alles wieder.
__________________

Alt 29.07.2012, 00:38   #4
markusg
/// Malware-holic
 
Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Standard

Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm



warum eröffnest du dann überhaupt nen thema...
du hast vllt alles entfernt was du auf die schnelle gefunden hast, das heißt noch lange nicht, dass alles io ist, bitte alle anweisungen ausführen
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 29.07.2012, 11:55   #5
Fuzi23
 
Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Standard

Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm



Ich hab das Thema um 22 Uhr eröffnet und keiner hat bis 1 Uhr zurückgeschrieben.
Ich habe folgendes gemacht:
1. In der msconfig den Starteintrag deaktiviert der Jesus heißt.
2. Den Pfad nach C:\Users\Fuzi\AppData\Local\Temp\ gefolgt und den ganzen Inhalt gelöscht.
3. Per VB-Script die Registry wieder aktiviert.
4.
Task-Manager aktiviert: HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System DisableTaskMgr
CMD aktiviert: HKCU\Software\Policies\Microsoft\Windows\System DisableCMD
Registry Eintrag wird durch das VB-Script gelöscht.
In HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run den Start Eintrag entfernt.

Ich hoffe ich hab alles richtig gemacht den mir fällt sonst nichts mehr auf.


Alt 30.07.2012, 20:17   #6
markusg
/// Malware-holic
 
Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Standard

Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm



nein, wie können wir es wagen, keinen kostenlosen 24 stunden dienst anzubieten... zeig mir mal ein pc geschäft das dies tut.
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________
--> Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm

Alt 30.07.2012, 21:25   #7
Fuzi23
 
Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Standard

Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm



Ich sag doch nur das ich am Anfang nicht darauf gekommen bin und später ist es mir eingefallen was ich machen könnte.
Naja jetzt ist mir auf jeden Fall nichts mehr aufgefallen und das was in dem Script steht hab ich einfach manuell getan.

Antwort

Themen zu Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm
adblock, akamai, antivirus, bho, bingbar, bonjour, browser, cacaoweb, document, downloader, error, excel, firefox, format, google earth, helper, hewlett packard, home, homepage, installation, langs, logfile, mozilla, nvpciflt.sys, object, programm, realtek, registry, scan, searchscopes, software, super, teamspeak, usb, usb 3.0, windows



Ähnliche Themen: Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm


  1. Installation, Deinstallation, Task-Manager starten, Viren-Scan uvm. plötzlich nicht mehr möglich! WIN10
    Plagegeister aller Art und deren Bekämpfung - 05.11.2015 (27)
  2. Task-Manager/Regedit schließen sich schnell von allein.
    Plagegeister aller Art und deren Bekämpfung - 17.05.2015 (16)
  3. Überall Werbung nach Installation von einem Programm
    Plagegeister aller Art und deren Bekämpfung - 01.01.2015 (18)
  4. Taskmanager , RegEdit sowie GPEdit.msc wurden von einem bösartigem Programm deaktiviert.
    Plagegeister aller Art und deren Bekämpfung - 18.06.2014 (1)
  5. Task Manager geht nicht mehr, Browser öffnet Internetseite, cmd-Fenster öffnet sich bei Start
    Log-Analyse und Auswertung - 19.06.2013 (8)
  6. Trojaner der Windows blockiert und einem zu 50 EUR auffordert;Task Manager deaktiviert
    Log-Analyse und Auswertung - 02.12.2011 (1)
  7. Regedit und Task-Manager funken nicht mein betriebssysteme win 7 x64 bit
    Plagegeister aller Art und deren Bekämpfung - 07.11.2010 (5)
  8. Windows 7 Task-Manager startet nicht / Regedit nicht möglich.
    Log-Analyse und Auswertung - 06.11.2010 (1)
  9. Task-Manager und regedit lassen sich nicht öffnen
    Log-Analyse und Auswertung - 22.10.2010 (5)
  10. Windows 7 Task Manager startet nicht mehr - Regedit nicht möglich!
    Log-Analyse und Auswertung - 18.09.2010 (4)
  11. trojaner oder virus? pc spinnt nach download von einem programm
    Log-Analyse und Auswertung - 16.02.2010 (17)
  12. msconfig, regedit, task manager etc. lassen sich nicht starten
    Log-Analyse und Auswertung - 17.03.2009 (3)
  13. looksky trojaner, kein task-manager, ie spinnt
    Plagegeister aller Art und deren Bekämpfung - 27.09.2007 (7)
  14. Problem mit Task Manager, Regedit...
    Mülltonne - 12.08.2007 (3)
  15. Task-Manager und RegEdit blockiert
    Log-Analyse und Auswertung - 13.06.2006 (3)
  16. wsock32.sys keine rechte mehr, kann nicht regedit aufrufen,kein task......
    Log-Analyse und Auswertung - 19.03.2006 (8)
  17. Task Manager,Geräte Manager,regedit öffnen sich nicht!
    Log-Analyse und Auswertung - 11.04.2005 (1)

Zum Thema Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm - Hallo, Als ich heute ein neues Programm installierte funktionierte alle normal, bis ich bemerkte das das Eingabefenster wenn ich es öffne folgende Meldung anzeigt: Zitat: Microsoft Windows [Version 6.1.7601] Copyright - Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm...
Archiv
Du betrachtest: Kein CMD, Regedit oder Task-Manager öffnet nach Installation von einem Programm auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.