Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Habe ich Viren?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.03.2011, 16:28   #1
maikl
 
Habe ich Viren? - Standard

Habe ich Viren?



Hallo
könnt ihr mal schauen, ob bei mir irgendetwas infiziert ist?

beim antivir-scan hat der etwas gefunden, das ich dann in die quarantäne geschoben habe. was mache ich nun damit?

have vor kurzem mal unter sonem youtube video auf son link geklickt^^
ja und dann kam eine antivir meldung, dass die seite infiziert ist und ich schon was auf meinem rechner habe. hab dann auf löschen geklickt, aber ob das hilft..


antivir:
Code:
ATTFilter
Avira AntiVir Personal
Erstellungsdatum der Reportdatei: Tuesday, March 08, 2011  15:53

Es wird nach 2472160 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira AntiVir Personal - FREE Antivirus
Seriennummer   : 0000149996-ADJIE-0000001
Plattform      : Windows 7 x64
Windowsversion : (plain)  [6.1.7600]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : MAIKL-PC

Versionsinformationen:
BUILD.DAT      : 10.0.0.611     31824 Bytes  14.01.2011 13:28:00
AVSCAN.EXE     : 10.0.3.5      435368 Bytes  10.12.2010 20:27:40
AVSCAN.DLL     : 10.0.3.0       56168 Bytes  30.03.2010 10:42:16
LUKE.DLL       : 10.0.3.2      104296 Bytes  10.12.2010 20:27:41
LUKERES.DLL    : 10.0.0.0       13672 Bytes  14.01.2010 10:59:47
VBASE000.VDF   : 7.10.0.0    19875328 Bytes  06.11.2009 08:05:36
VBASE001.VDF   : 7.11.0.0    13342208 Bytes  14.12.2010 13:05:11
VBASE002.VDF   : 7.11.3.0     1950720 Bytes  09.02.2011 13:02:51
VBASE003.VDF   : 7.11.3.1        2048 Bytes  09.02.2011 13:02:51
VBASE004.VDF   : 7.11.3.2        2048 Bytes  09.02.2011 13:02:51
VBASE005.VDF   : 7.11.3.3        2048 Bytes  09.02.2011 13:02:51
VBASE006.VDF   : 7.11.3.4        2048 Bytes  09.02.2011 13:02:51
VBASE007.VDF   : 7.11.3.5        2048 Bytes  09.02.2011 13:02:51
VBASE008.VDF   : 7.11.3.6        2048 Bytes  09.02.2011 13:02:51
VBASE009.VDF   : 7.11.3.7        2048 Bytes  09.02.2011 13:02:51
VBASE010.VDF   : 7.11.3.8        2048 Bytes  09.02.2011 13:02:52
VBASE011.VDF   : 7.11.3.9        2048 Bytes  09.02.2011 13:02:52
VBASE012.VDF   : 7.11.3.10       2048 Bytes  09.02.2011 13:02:53
VBASE013.VDF   : 7.11.3.59     157184 Bytes  14.02.2011 13:18:44
VBASE014.VDF   : 7.11.3.97     120320 Bytes  16.02.2011 14:28:48
VBASE015.VDF   : 7.11.3.148    128000 Bytes  19.02.2011 09:43:35
VBASE016.VDF   : 7.11.3.183    140288 Bytes  22.02.2011 12:16:39
VBASE017.VDF   : 7.11.3.216    124416 Bytes  24.02.2011 12:33:45
VBASE018.VDF   : 7.11.3.251    159232 Bytes  28.02.2011 12:33:45
VBASE019.VDF   : 7.11.4.33     148992 Bytes  02.03.2011 12:33:45
VBASE020.VDF   : 7.11.4.73     150016 Bytes  06.03.2011 11:09:36
VBASE021.VDF   : 7.11.4.108    122880 Bytes  08.03.2011 11:09:36
VBASE022.VDF   : 7.11.4.109      2048 Bytes  08.03.2011 11:09:36
VBASE023.VDF   : 7.11.4.110      2048 Bytes  08.03.2011 11:09:37
VBASE024.VDF   : 7.11.4.111      2048 Bytes  08.03.2011 11:09:37
VBASE025.VDF   : 7.11.4.112      2048 Bytes  08.03.2011 11:09:37
VBASE026.VDF   : 7.11.4.113      2048 Bytes  08.03.2011 11:09:37
VBASE027.VDF   : 7.11.4.114      2048 Bytes  08.03.2011 11:09:37
VBASE028.VDF   : 7.11.4.115      2048 Bytes  08.03.2011 11:09:37
VBASE029.VDF   : 7.11.4.116      2048 Bytes  08.03.2011 11:09:37
VBASE030.VDF   : 7.11.4.117      2048 Bytes  08.03.2011 11:09:37
VBASE031.VDF   : 7.11.4.118      2048 Bytes  08.03.2011 11:09:37
Engineversion  : 8.2.4.180 
AEVDF.DLL      : 8.1.2.1       106868 Bytes  27.09.2010 18:21:05
AESCRIPT.DLL   : 8.1.3.56     1261945 Bytes  08.03.2011 11:09:40
AESCN.DLL      : 8.1.7.2       127349 Bytes  24.11.2010 13:58:21
AESBX.DLL      : 8.1.3.2       254324 Bytes  24.11.2010 13:58:23
AERDL.DLL      : 8.1.9.2       635252 Bytes  27.09.2010 18:21:03
AEPACK.DLL     : 8.2.4.11      520566 Bytes  03.03.2011 12:33:47
AEOFFICE.DLL   : 8.1.1.17      205177 Bytes  08.03.2011 11:09:40
AEHEUR.DLL     : 8.1.2.83     3338613 Bytes  08.03.2011 11:09:40
AEHELP.DLL     : 8.1.16.1      246134 Bytes  04.02.2011 13:26:09
AEGEN.DLL      : 8.1.5.2       397683 Bytes  25.01.2011 19:49:55
AEEMU.DLL      : 8.1.3.0       393589 Bytes  24.11.2010 13:58:18
AECORE.DLL     : 8.1.19.2      196983 Bytes  25.01.2011 19:49:54
AEBB.DLL       : 8.1.1.0        53618 Bytes  27.09.2010 18:20:57
AVWINLL.DLL    : 10.0.0.0       19304 Bytes  14.01.2010 10:59:10
AVPREF.DLL     : 10.0.0.0       44904 Bytes  14.01.2010 10:59:07
AVREP.DLL      : 10.0.0.8       62209 Bytes  18.02.2010 15:47:40
AVREG.DLL      : 10.0.3.2       53096 Bytes  04.11.2010 12:31:54
AVSCPLR.DLL    : 10.0.3.2       84328 Bytes  10.12.2010 20:27:40
AVARKT.DLL     : 10.0.22.6     231784 Bytes  10.12.2010 20:27:39
AVEVTLOG.DLL   : 10.0.0.8      203112 Bytes  26.01.2010 08:53:25
SQLITE3.DLL    : 3.6.19.0      355688 Bytes  28.01.2010 11:57:53
AVSMTP.DLL     : 10.0.0.17      63848 Bytes  16.03.2010 14:38:54
NETNT.DLL      : 10.0.0.0       11624 Bytes  19.02.2010 13:40:55
RCIMAGE.DLL    : 10.0.0.26    2550120 Bytes  28.01.2010 12:10:08
RCTEXT.DLL     : 10.0.58.0      98152 Bytes  04.11.2010 12:31:54

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: niedrig
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, 
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: ein
Optimierter Suchlauf..................: ein
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: mittel
Abweichende Gefahrenkategorien........: +PCK,+PFS,+SPR,

Beginn des Suchlaufs: Tuesday, March 08, 2011  15:53

Der Suchlauf nach versteckten Objekten wird begonnen.
HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{00020D75-0000-0000-C000-000000000046}\ShellFolder\attributes
    [HINWEIS]   Der Registrierungseintrag ist nicht sichtbar.
HKEY_LOCAL_MACHINE\Software\Microsoft\MediaPlayer\Player\Extensions\MUIDescriptions\11
    [HINWEIS]   Der Registrierungseintrag ist nicht sichtbar.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\381b4222-f694-41f0-9685-ff5bb260df2e
    [HINWEIS]   Der Registrierungseintrag ist nicht sichtbar.
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Applets\SysTray\BattMeter\Flyout\8c5e7fda-e8bf-4a96-9a85-a6e23a8c635c
    [HINWEIS]   Der Registrierungseintrag ist nicht sichtbar.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCDDaemon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'SmartAudio.exe' - '100' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCCompanion.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'SupServ.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'ICQ Service.exe' - '43' Modul(e) wurden durchsucht
Durchsuche Prozess 'FABS.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '48' Modul(e) wurden durchsucht

Untersuchung der Systemdateien wird begonnen:
Signiert -> 'C:\Windows\system32\svchost.exe'
Signiert -> 'C:\Windows\system32\winlogon.exe'
Signiert -> 'C:\Windows\explorer.exe'
Signiert -> 'C:\Windows\system32\smss.exe'
Signiert -> 'C:\Windows\system32\wininet.DLL'
Signiert -> 'C:\Windows\system32\wsock32.DLL'
Signiert -> 'C:\Windows\system32\ws2_32.DLL'
Signiert -> 'C:\Windows\system32\services.exe'
Signiert -> 'C:\Windows\system32\lsass.exe'
Signiert -> 'C:\Windows\system32\csrss.exe'
Signiert -> 'C:\Windows\system32\drivers\kbdclass.sys'
Signiert -> 'C:\Windows\system32\spoolsv.exe'
Signiert -> 'C:\Windows\system32\alg.exe'
Signiert -> 'C:\Windows\system32\wuauclt.exe'
Signiert -> 'C:\Windows\system32\advapi32.DLL'
Signiert -> 'C:\Windows\system32\user32.DLL'
Signiert -> 'C:\Windows\system32\gdi32.DLL'
Signiert -> 'C:\Windows\system32\kernel32.DLL'
Signiert -> 'C:\Windows\system32\ntdll.DLL'
Signiert -> 'C:\Windows\system32\ntoskrnl.exe'
Signiert -> 'C:\Windows\system32\ctfmon.exe'
Die Systemdateien wurden durchsucht ('21' Dateien)

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
    [INFO]      Es wurde kein Virus gefunden!
Bootsektor 'D:\'
    [INFO]      Es wurde kein Virus gefunden!

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1630' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Users\maikl\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\1391535e-5265a935
[0] Archivtyp: ZIP
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/OpenConnect.AI
  --> bpac/purok.class
  [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/OpenConnect.AI
Beginne mit der Suche in 'D:\'

Beginne mit der Desinfektion:
C:\Users\maikl\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\30\1391535e-5265a935
    [FUND]      Enthält Erkennungsmuster des Java-Virus JAVA/OpenConnect.AI
    [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4834f6e0.qua' verschoben!


Ende des Suchlaufs: Tuesday, March 08, 2011  16:58
Benötigte Zeit: 47:01 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

  26244 Verzeichnisse wurden überprüft
 533904 Dateien wurden geprüft
      1 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
 533903 Dateien ohne Befall
   3159 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
 429324 Objekte wurden beim Rootkitscan durchsucht
      4 Versteckte Objekte wurden gefunden
         

malware:
Code:
ATTFilter
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Datenbank Version: 5983

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

07.03.2011 22:57:24
mbam-log-2011-03-07 (22-57-24).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|)
Durchsuchte Objekte: 357136
Laufzeit: 32 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)
         

OTL:
Code:
ATTFilter
OTL logfile created on: 08.03.2011 13:43:53 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\maikl\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,43 Gb Total Space | 3,27 Gb Free Space | 8,28% Space Free | Partition Type: NTFS
Drive D: | 193,36 Gb Total Space | 29,06 Gb Free Space | 15,03% Space Free | Partition Type: NTFS
 
Computer Name: MAIKL-PC | User Name: maikl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\maikl\Desktop\OTL(2).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
PRC - C:\Program Files\Conexant\SAII\SmartAudio.exe (Conexant Systems, Inc)
PRC - D:\Programme\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
PRC - C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\maikl\Desktop\OTL(2).exe (OldTimer Tools)
MOD - C:\Windows\SysWOW64\sechost.dll (Мϊćяǿšθƒţ Ċθŕφǿŗáŧιőй)
MOD - C:\Windows\SysWOW64\atl.dll (Μíćřöśõƒт Čσярǿřªţīοņ)
MOD - C:\Windows\SysWOW64\msscript.ocx (Мī¢ŗθşöƒт Ĉθгþǿґąţібň)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Acresso Software Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\netsession_win_dbc0250.dll ()
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)
SRV - (npggsvc) -- C:\Windows\SysWow64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (OMSI download service) -- C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (s1029unic) Sony Ericsson Device 1029 USB Ethernet Emulation (WDM) -- C:\Windows\SysNative\drivers\s1029unic.sys (MCCI Corporation)
DRV:64bit: - (s1029mgmt) Sony Ericsson Device 1029 USB WMC Device Management Drivers (WDM) -- C:\Windows\SysNative\drivers\s1029mgmt.sys (MCCI Corporation)
DRV:64bit: - (s1029obex) -- C:\Windows\SysNative\drivers\s1029obex.sys (MCCI Corporation)
DRV:64bit: - (s1029mdm) -- C:\Windows\SysNative\drivers\s1029mdm.sys (MCCI Corporation)
DRV:64bit: - (s1029nd5) Sony Ericsson Device 1029 USB Ethernet Emulation (NDIS) -- C:\Windows\SysNative\drivers\s1029nd5.sys (MCCI Corporation)
DRV:64bit: - (s1029mdfl) -- C:\Windows\SysNative\drivers\s1029mdfl.sys (MCCI Corporation)
DRV:64bit: - (s1029bus) Sony Ericsson Device 1029 driver (WDM) -- C:\Windows\SysNative\drivers\s1029bus.sys (MCCI Corporation)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (seehcri) -- C:\Windows\SysNative\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (adfs) -- C:\Windows\SysWow64\drivers\adfs.sys (Adobe Systems, Inc.)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
 
 
IE - HKU\.DEFAULT\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\.DEFAULT\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006131647\ICQToolBar.dll (ICQ)
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-18\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006131647\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/
IE - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9B ED 6B 79 DA 73 CA 01  [binary data]
IE - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006131647\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&tb_ver=2.0.0.2&q="
 
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.03.05 11:22:37 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.15\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.03.05 11:22:37 | 000,000,000 | ---D | M]
 
[2009.12.03 06:45:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maikl\AppData\Roaming\mozilla\Extensions
[2011.03.08 12:38:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maikl\AppData\Roaming\mozilla\Firefox\Profiles\7z6ssjgc.default\extensions
[2011.02.11 16:00:35 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\maikl\AppData\Roaming\mozilla\Firefox\Profiles\7z6ssjgc.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.02.19 11:29:06 | 000,000,000 | ---D | M] (Adblock Plus) -- C:\Users\maikl\AppData\Roaming\mozilla\Firefox\Profiles\7z6ssjgc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2011.02.26 18:37:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\maikl\AppData\Roaming\mozilla\Firefox\Profiles\7z6ssjgc.default\extensions\vshare@toolbar
[2011.03.02 15:40:54 | 000,000,950 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin-1.xml
[2010.07.22 16:07:49 | 000,000,950 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin-2.xml
[2010.07.24 12:10:22 | 000,000,950 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin-3.xml
[2010.09.09 10:03:19 | 000,000,950 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin-4.xml
[2010.09.22 16:48:52 | 000,000,950 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin-5.xml
[2010.10.25 10:51:36 | 000,000,950 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin-6.xml
[2010.10.29 11:08:50 | 000,000,950 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin-7.xml
[2010.06.24 19:17:29 | 000,000,947 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Mozilla\Firefox\Profiles\7z6ssjgc.default\searchplugins\icqplugin.xml
[2011.03.06 22:22:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.06.12 00:39:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.09.12 10:22:33 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2011.01.23 15:10:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011.03.06 22:22:10 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011.02.02 21:40:24 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2010.12.06 23:03:18 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2010.03.14 16:02:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010.03.14 16:02:00 | 000,002,344 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010.03.14 16:02:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010.03.14 16:02:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010.03.14 16:02:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Programme\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\20101006131647\ICQToolBar.dll (ICQ)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] D:\Programme\Adobe Reader\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS4ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [TrayServer] D:\Programme\Video_deluxe_16_Download-Version\Trayserver.exe (MAGIX AG)
O4 - HKLM..\Run: [VirtualCloneDrive] D:\Programme\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
O4 - HKLM..\Run: [WinampAgent] D:\Programme\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000..\Run: [ICQ] C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O4 - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000..\Run: [Steam] d:\programme\steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin]  File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin]  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
O7 - HKU\S-1-5-21-3191880777-1666176750-4280788527-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\maikl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\maikl\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.1 - {71BFC818-0CED-42D6-9C87-5142918957EE} - C:\Program Files (x86)\ICQ7.1\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} -  File not found
O9 - Extra 'Tools' menuitem : PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} -  File not found
O9 - Extra Button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programme\PartyPoker\PartyPoker\RunApp.exe ()
O9 - Extra 'Tools' menuitem : PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - D:\Programme\PartyPoker\PartyPoker\RunApp.exe ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Reg Error: Key error. File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - Reg Error: Key error. - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5add959b-251b-11df-94d4-002622c86c50}\Shell - "" = AutoRun
O33 - MountPoints2\{5add959b-251b-11df-94d4-002622c86c50}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{98316eb2-ed5c-11de-9b9e-002622c86c50}\Shell - "" = AutoRun
O33 - MountPoints2\{98316eb2-ed5c-11de-9b9e-002622c86c50}\Shell\AutoRun\command - "" = H:\iStudio.exe
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell - "" = AutoRun
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell\install\command - "" = F:\SETUP.EXE
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {58B0C99A-FC42-B20F-1496-997359501E1A} - Themes Setup
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {BD4FA099-AF30-0924-4266-877913B72320} - Microsoft Windows Media Player
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5B1CA040-1813-D8AB-484F-E898B052CA21} - Microsoft VM
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {9E69595A-9462-CDA3-3CCD-41BAAFE05BF2} - Java (Sun)
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: midimapper - C:\Windows\SysWow64\midimap.dll (Μїςгσşοƒť Čбřροгăтîбŋ)
Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
Drivers32: msacm.divxa32 - C:\Windows\SysWow64\DivXa32.acm (Packed With Joy !)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.lameacm - C:\Windows\SysWow64\lameACM.acm (hxxp://www.mp3dev.org/)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.ffds - C:\Windows\SysWow64\ff_vfw.dll ()
Drivers32: vidc.mrle - C:\Windows\SysWow64\msrle32.dll (Μΐçґõŝσƒт €øґφόяâţįбŋ)
Drivers32: vidc.vp60 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.vp61 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.vp62 - C:\Windows\SysWow64\vp6vfw.dll (On2.com)
Drivers32: vidc.xvid - C:\Windows\SysWow64\xvidvfw.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 360 Days ==========
 
[2011.03.08 13:39:34 | 000,580,608 | ---- | C] (OldTimer Tools) -- C:\Users\maikl\Desktop\OTL(2).exe
[2011.03.07 23:00:54 | 000,000,000 | ---D | C] -- C:\Users\maikl\Desktop\check
[2011.03.06 22:26:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011.03.06 22:22:09 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.03.06 22:22:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.03.06 22:22:09 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.03.06 22:20:00 | 000,885,024 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\maikl\Desktop\jxpiinstall.exe
[2011.02.17 22:09:20 | 000,000,000 | ---D | C] -- C:\Users\maikl\Desktop\Tools
[2011.02.11 16:00:35 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.01.31 17:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2011.01.31 17:37:56 | 002,414,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3dx9_31.dll
[2011.01.31 17:37:56 | 001,892,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_42.dll
[2011.01.31 17:37:37 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2011.01.31 17:37:29 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Winamp
[2011.01.26 21:44:08 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Apple Computer
[2011.01.26 21:43:49 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2011.01.26 21:43:32 | 000,000,000 | ---D | C] -- C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
[2011.01.26 21:42:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2011.01.26 21:42:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2011.01.26 21:42:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2011.01.26 21:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2011.01.26 21:41:44 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2011.01.26 21:41:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011.01.26 21:41:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2011.01.18 22:51:56 | 000,000,000 | ---D | C] -- C:\Users\maikl\Desktop\Neuer Ordner
[2011.01.07 18:10:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\maikl\Desktop\OTL.exe
[2011.01.05 16:01:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2010.12.31 17:13:18 | 000,000,000 | ---D | C] -- C:\Users\maikl\thomas dein bruder
[2010.12.29 17:26:03 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Ashampoo
[2010.12.29 17:21:44 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Local\ashampoo
[2010.12.29 17:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
[2010.12.29 17:21:44 | 000,000,000 | ---D | C] -- C:\ProgramData\ashampoo
[2010.12.29 17:21:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ashampoo
[2010.12.28 17:50:53 | 000,000,000 | ---D | C] -- C:\Users\maikl\P5JavaClientSettings
[2010.12.23 18:58:06 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\vlc
[2010.12.23 18:49:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2010.12.17 19:53:45 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Local\Apple Computer
[2010.12.17 01:16:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\custom matrices
[2010.12.17 01:16:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\QuickTime
[2010.12.17 01:16:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
[2010.12.17 01:16:47 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\C2MP
[2010.12.01 21:37:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyCasino
[2010.11.30 21:18:27 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Mozilla-Cache
[2010.11.30 21:18:13 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2010.11.30 21:18:12 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PartyPoker
[2010.11.30 21:18:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PartyPoker
[2010.11.29 17:38:30 | 000,094,208 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010.11.20 02:32:03 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\TS3Client
[2010.11.20 02:31:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2010.11.20 02:15:49 | 003,487,848 | ---- | C] (TrueCrypt Foundation) -- C:\Users\maikl\Desktop\TrueCrypt_Setup_7.0a.exe
[2010.10.07 12:36:16 | 000,237,856 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dnssdX.dll
[2010.10.07 12:36:16 | 000,119,584 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dns-sd.exe
[2010.10.07 12:36:16 | 000,096,544 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\dnssd.dll
[2010.10.07 12:36:16 | 000,069,408 | ---- | C] (Apple Inc.) -- C:\Windows\SysNative\jdns_sd.dll
[2010.10.07 12:23:02 | 000,197,920 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dnssdX.dll
[2010.10.07 12:23:02 | 000,107,808 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dns-sd.exe
[2010.10.07 12:23:02 | 000,091,424 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\dnssd.dll
[2010.10.07 12:23:02 | 000,075,040 | ---- | C] (Apple Inc.) -- C:\Windows\SysWow64\jdns_sd.dll
[2010.09.27 19:24:39 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Avira
[2010.09.27 19:19:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2010.09.27 19:19:32 | 000,116,568 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2010.09.27 19:19:32 | 000,083,120 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.09.27 19:19:32 | 000,051,992 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntdd.sys
[2010.09.27 19:19:32 | 000,017,016 | ---- | C] (AVIRA GmbH) -- C:\Windows\SysWow64\drivers\avgntmgr.sys
[2010.09.27 19:19:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2010.09.27 19:19:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2010.09.26 18:02:01 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Malwarebytes
[2010.09.26 18:01:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2010.09.26 18:01:00 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.09.26 18:00:58 | 000,024,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.09.26 18:00:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2010.09.23 22:17:10 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2010.09.02 17:27:14 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Local\ElevatedDiagnostics
[2010.06.16 23:13:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2010.06.16 00:28:09 | 003,570,600 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2010.06.16 00:27:27 | 000,004,682 | ---- | C] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\npptNT2.sys
[2010.06.16 00:27:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\INCA Shared
[2010.06.16 00:24:24 | 000,362,656 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarterCore.exe
[2010.06.16 00:24:24 | 000,051,360 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Kor.dll
[2010.06.16 00:24:24 | 000,051,360 | ---- | C] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Eng.dll
[2010.06.16 00:24:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WEBZEN
[2010.06.14 23:39:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Archlord Online
[2010.06.12 21:34:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2010.06.12 00:40:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2010.06.12 00:39:54 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2010.06.11 07:55:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\alaplaya
[2010.05.26 18:22:33 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2010.05.26 18:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2010.05.26 18:18:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2010.05.12 20:34:23 | 000,000,000 | ---D | C] -- C:\Program Files\Windows XP Mode
[2010.05.12 19:58:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
[2010.05.12 19:58:00 | 000,000,000 | ---D | C] -- C:\Program Files\Canon
[2010.05.12 19:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon
[2010.05.12 19:25:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP610 series
[2010.05.12 19:24:00 | 000,000,000 | -H-D | C] -- C:\Windows\SysNative\CanonIJ Uninstaller Information
[2010.05.12 19:23:41 | 000,258,560 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNMLM93.DLL
[2010.05.12 19:23:39 | 001,439,744 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC610C.DLL
[2010.05.12 19:23:39 | 000,246,272 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC610L.DLL
[2010.05.12 19:23:39 | 000,229,888 | ---- | C] (Canon Inc.) -- C:\Windows\SysNative\CNC610O.DLL
[2010.05.12 19:23:39 | 000,092,672 | ---- | C] (CANON INC.) -- C:\Windows\SysNative\CNC610I.DLL
[2010.05.12 19:23:27 | 000,000,000 | -H-D | C] -- C:\Program Files\CanonBJ
[2010.04.29 14:45:12 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
[2010.04.28 20:37:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2010.04.28 20:33:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2010.04.28 20:33:26 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Local\Google
[2010.04.19 17:54:57 | 000,000,000 | ---D | C] -- C:\Users\maikl\Documents\DVDVideoSoft
[2010.04.19 17:54:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2010.04.19 17:54:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2010.04.19 17:54:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2010.04.05 18:57:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.1
[2010.04.05 18:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2010.04.05 18:56:16 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2010.04.05 18:56:06 | 000,000,000 | ---D | C] -- C:\Users\maikl\AppData\Local\AOL
[2010.04.05 18:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.1
[2010.03.01 14:38:07 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe9EE1.dll
 
========== Files - Modified Within 360 Days ==========
 
[2011.03.08 13:39:38 | 000,580,608 | ---- | M] (OldTimer Tools) -- C:\Users\maikl\Desktop\OTL(2).exe
[2011.03.08 12:49:00 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011.03.08 12:14:50 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011.03.08 12:14:50 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011.03.08 12:11:51 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011.03.08 12:11:51 | 000,607,190 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011.03.08 12:11:51 | 000,103,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011.03.08 12:07:35 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011.03.08 12:07:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011.03.06 22:20:08 | 000,885,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\maikl\Desktop\jxpiinstall.exe
[2011.02.11 18:51:02 | 105,906,176 | ---- | M] () -- C:\Users\maikl\Desktop\WH_GHITS.part2.rar
[2011.02.11 17:11:09 | 105,906,176 | ---- | M] () -- C:\Users\maikl\Desktop\WH_GHITS.part3.rar
[2011.02.11 16:46:47 | 009,226,368 | ---- | M] () -- C:\Users\maikl\Desktop\What's Love Got to do With It by Tina Turner [Lyrics].mp3
[2011.02.11 16:43:25 | 010,809,472 | ---- | M] () -- C:\Users\maikl\Desktop\The Whispers - And The Beat Goes On.mp3
[2011.02.11 16:34:04 | 008,953,984 | ---- | M] () -- C:\Users\maikl\Desktop\Wham! Jitterbug Lyrics.mp3
[2011.02.11 16:17:34 | 007,954,560 | ---- | M] () -- C:\Users\maikl\Desktop\Lil Eddie - Cameo.mp3
[2011.02.11 16:15:06 | 008,298,624 | ---- | M] () -- C:\Users\maikl\Desktop\Lil Eddie - Night Life_1.mp3
[2011.02.11 16:00:23 | 000,001,402 | ---- | M] () -- C:\Users\maikl\Desktop\Free YouTube to MP3 Converter.lnk
[2011.02.06 11:55:44 | 003,556,864 | ---- | M] () -- C:\Users\maikl\Desktop\AudioConverter.exe
[2011.02.02 21:40:39 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011.02.02 21:40:38 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011.02.02 21:40:36 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011.02.02 21:40:23 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011.01.25 23:46:46 | 006,083,918 | ---- | M] () -- C:\Users\maikl\Desktop\Fergie_Big_Girls_Don_t_Cry.mp3
[2011.01.25 21:04:29 | 000,824,691 | ---- | M] () -- C:\Users\maikl\Desktop\boerse.pdf
[2011.01.24 18:58:24 | 000,106,283 | ---- | M] () -- C:\Users\maikl\Desktop\Antrag 123.pdf
[2011.01.24 18:57:59 | 000,106,283 | ---- | M] () -- C:\Users\maikl\Desktop\Antragsformular_Volljaehrige.pdf
[2011.01.24 18:50:03 | 000,094,654 | ---- | M] () -- C:\Users\maikl\Desktop\Antragsformular_Volljaehrige(2).pdf
[2011.01.08 02:45:34 | 011,114,638 | ---- | M] () -- C:\Users\maikl\Desktop\034 - Madcon - Glow.mp3
[2011.01.07 18:10:19 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\maikl\Desktop\OTL.exe
[2011.01.04 18:55:26 | 000,018,722 | ---- | M] () -- C:\Users\maikl\Desktop\antrag FH.pdf
[2010.12.31 18:34:04 | 014,631,256 | ---- | M] () -- C:\Users\maikl\Desktop\Dataworx - Control (Original Mix).mp3
[2010.12.29 13:52:26 | 000,001,653 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.12.20 18:09:00 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2010.12.20 18:08:40 | 000,024,152 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2010.11.29 17:38:30 | 000,094,208 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTimeVR.qtx
[2010.11.29 17:38:30 | 000,069,632 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\QuickTime.qts
[2010.11.24 14:58:23 | 000,083,120 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2010.11.20 02:15:55 | 003,487,848 | ---- | M] (TrueCrypt Foundation) -- C:\Users\maikl\Desktop\TrueCrypt_Setup_7.0a.exe
[2010.10.07 12:36:16 | 000,237,856 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dnssdX.dll
[2010.10.07 12:36:16 | 000,119,584 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dns-sd.exe
[2010.10.07 12:36:16 | 000,096,544 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\dnssd.dll
[2010.10.07 12:36:16 | 000,069,408 | ---- | M] (Apple Inc.) -- C:\Windows\SysNative\jdns_sd.dll
[2010.10.07 12:23:02 | 000,197,920 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dnssdX.dll
[2010.10.07 12:23:02 | 000,107,808 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dns-sd.exe
[2010.10.07 12:23:02 | 000,091,424 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\dnssd.dll
[2010.10.07 12:23:02 | 000,075,040 | ---- | M] (Apple Inc.) -- C:\Windows\SysWow64\jdns_sd.dll
[2010.09.02 19:40:54 | 000,000,375 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.ics
[2010.05.31 17:46:42 | 005,023,232 | ---- | M] () -- C:\Windows\SysNative\ffdshow.ax
[2010.05.30 14:17:38 | 003,851,461 | ---- | M] () -- C:\Windows\SysNative\libavcodec.dll
[2010.05.24 20:33:00 | 004,670,829 | ---- | M] () -- C:\Windows\SysWow64\libavcodec.dll
[2010.05.24 20:33:00 | 003,822,592 | ---- | M] () -- C:\Windows\SysWow64\ffdshow.ax
[2010.05.24 20:33:00 | 001,529,856 | ---- | M] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2010.05.24 20:33:00 | 001,447,921 | ---- | M] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2010.05.24 20:33:00 | 000,877,385 | ---- | M] () -- C:\Windows\SysWow64\ff_x264.dll
[2010.05.24 20:33:00 | 000,810,113 | ---- | M] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.05.24 20:33:00 | 000,336,384 | ---- | M] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2010.05.24 20:33:00 | 000,324,096 | ---- | M] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010.05.24 20:33:00 | 000,248,320 | ---- | M] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2010.05.24 20:33:00 | 000,216,576 | ---- | M] () -- C:\Windows\SysWow64\ff_libdts.dll
[2010.05.24 20:33:00 | 000,151,552 | ---- | M] () -- C:\Windows\SysWow64\ff_libmad.dll
[2010.05.24 20:33:00 | 000,145,408 | ---- | M] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010.05.24 20:33:00 | 000,139,944 | ---- | M] () -- C:\Windows\SysWow64\libmplayer.dll
[2010.05.24 20:33:00 | 000,121,856 | ---- | M] () -- C:\Windows\SysWow64\ff_liba52.dll
[2010.05.24 20:33:00 | 000,116,736 | ---- | M] () -- C:\Windows\SysWow64\ff_tremor.dll
[2010.05.24 20:33:00 | 000,108,032 | ---- | M] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.05.24 20:33:00 | 000,100,864 | ---- | M] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2010.05.24 20:33:00 | 000,097,792 | ---- | M] () -- C:\Windows\SysWow64\ff_unrar.dll
[2010.05.24 20:28:36 | 000,209,456 | ---- | M] () -- C:\Windows\SysNative\libmplayer.dll
[2010.05.19 21:59:52 | 000,552,960 | ---- | M] () -- C:\Windows\SysWow64\splitter.ax
[2010.05.19 21:59:20 | 000,150,528 | ---- | M] () -- C:\Windows\SysWow64\mkx.dll
[2010.05.19 21:59:10 | 000,109,568 | ---- | M] () -- C:\Windows\SysWow64\avi.dll
[2010.05.19 21:59:02 | 000,141,824 | ---- | M] () -- C:\Windows\SysWow64\mp4.dll
[2010.05.19 21:58:52 | 000,123,392 | ---- | M] () -- C:\Windows\SysWow64\ogm.dll
[2010.05.19 21:58:24 | 000,113,152 | ---- | M] () -- C:\Windows\SysWow64\dsmux.exe
[2010.05.19 21:58:18 | 000,154,112 | ---- | M] () -- C:\Windows\SysWow64\ts.dll
[2010.05.19 21:58:08 | 000,249,856 | ---- | M] () -- C:\Windows\SysWow64\dxr.dll
[2010.05.19 21:57:42 | 000,097,792 | ---- | M] () -- C:\Windows\SysWow64\avs.dll
[2010.05.19 21:57:38 | 000,137,728 | ---- | M] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2010.05.19 21:57:26 | 000,093,184 | ---- | M] () -- C:\Windows\SysWow64\avss.dll
[2010.05.19 21:57:20 | 000,358,400 | ---- | M] () -- C:\Windows\SysWow64\gdsmux.exe
[2010.05.19 21:55:40 | 000,080,384 | ---- | M] () -- C:\Windows\SysWow64\mkzlib.dll
[2010.05.19 21:55:36 | 000,024,576 | ---- | M] () -- C:\Windows\SysWow64\mkunicode.dll
[2010.05.11 23:01:52 | 001,533,440 | ---- | M] () -- C:\Windows\SysNative\ff_samplerate.dll
[2010.05.11 22:37:46 | 000,190,976 | ---- | M] () -- C:\Windows\SysNative\libmpeg2_ff.dll
[2010.05.11 22:36:18 | 000,621,568 | ---- | M] () -- C:\Windows\SysNative\TomsMoComp_ff.dll
[2010.05.11 22:32:40 | 000,113,152 | ---- | M] () -- C:\Windows\SysNative\ff_unrar.dll
[2010.05.11 22:32:22 | 000,116,224 | ---- | M] () -- C:\Windows\SysNative\ff_wmv9.dll
[2010.05.11 22:31:56 | 000,121,856 | ---- | M] () -- C:\Windows\SysNative\ff_tremor.dll
[2010.05.11 22:31:44 | 000,155,136 | ---- | M] () -- C:\Windows\SysNative\ff_libmad.dll
[2010.05.11 22:31:30 | 000,347,136 | ---- | M] () -- C:\Windows\SysNative\ff_libfaad2.dll
[2010.05.11 22:30:38 | 000,222,720 | ---- | M] () -- C:\Windows\SysNative\ff_libdts.dll
[2010.05.11 22:30:24 | 000,105,984 | ---- | M] () -- C:\Windows\SysNative\ff_liba52.dll
[2010.04.22 01:28:00 | 003,570,600 | ---- | M] (INCA Internet Co., Ltd.) -- C:\Windows\SysWow64\GameMon.des
[2010.04.10 21:08:04 | 000,075,514 | ---- | M] () -- C:\Users\maikl\Documents\ashes.jpg
[2010.04.10 21:06:46 | 000,048,735 | ---- | M] () -- C:\Users\maikl\Documents\22557_358915538451_512163451_4948086_1623508_n.jpg
[2010.04.10 21:03:18 | 000,041,689 | ---- | M] () -- C:\Users\maikl\Documents\renee.jpg
[2010.03.19 11:33:52 | 000,362,656 | ---- | M] (WEBZEN) -- C:\Windows\SysWow64\CMStarterCore.exe
[2010.03.19 11:33:52 | 000,051,360 | ---- | M] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Kor.dll
[2010.03.19 11:33:52 | 000,051,360 | ---- | M] (WEBZEN) -- C:\Windows\SysWow64\CMStarter_Eng.dll
[2010.03.14 15:00:48 | 000,052,033 | ---- | M] () -- C:\Users\maikl\Documents\carnival09.jpg
[2010.03.14 14:59:17 | 000,069,925 | ---- | M] () -- C:\Users\maikl\Documents\ashred.jpg
[2010.03.14 14:56:50 | 000,050,894 | ---- | M] () -- C:\Users\maikl\Documents\rude gyal.jpg
[2010.03.14 14:55:48 | 000,062,983 | ---- | M] () -- C:\Users\maikl\Documents\beachchick.jpg
[2010.03.14 14:53:12 | 000,067,138 | ---- | M] () -- C:\Users\maikl\Documents\shorterhair.jpg
[2010.03.14 14:50:23 | 000,534,002 | ---- | M] () -- C:\Users\maikl\Documents\blkwhtchk-1.JPG
 
========== Files Created - No Company Name ==========
 
[2011.02.19 12:14:24 | 011,114,638 | ---- | C] () -- C:\Users\maikl\Desktop\034 - Madcon - Glow.mp3
[2011.02.17 22:08:01 | 003,556,864 | ---- | C] () -- C:\Users\maikl\Desktop\AudioConverter.exe
[2011.02.11 18:35:27 | 105,906,176 | ---- | C] () -- C:\Users\maikl\Desktop\WH_GHITS.part2.rar
[2011.02.11 16:55:05 | 105,906,176 | ---- | C] () -- C:\Users\maikl\Desktop\WH_GHITS.part3.rar
[2011.02.11 16:46:23 | 009,226,368 | ---- | C] () -- C:\Users\maikl\Desktop\What's Love Got to do With It by Tina Turner [Lyrics].mp3
[2011.02.11 16:43:04 | 010,809,472 | ---- | C] () -- C:\Users\maikl\Desktop\The Whispers - And The Beat Goes On.mp3
[2011.02.11 16:33:45 | 008,953,984 | ---- | C] () -- C:\Users\maikl\Desktop\Wham! Jitterbug Lyrics.mp3
[2011.02.11 16:17:19 | 007,954,560 | ---- | C] () -- C:\Users\maikl\Desktop\Lil Eddie - Cameo.mp3
[2011.02.11 16:14:54 | 008,298,624 | ---- | C] () -- C:\Users\maikl\Desktop\Lil Eddie - Night Life_1.mp3
[2011.02.11 16:00:23 | 000,001,402 | ---- | C] () -- C:\Users\maikl\Desktop\Free YouTube to MP3 Converter.lnk
[2011.01.26 21:41:54 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2011.01.25 23:46:37 | 006,083,918 | ---- | C] () -- C:\Users\maikl\Desktop\Fergie_Big_Girls_Don_t_Cry.mp3
[2011.01.25 21:04:29 | 000,824,691 | ---- | C] () -- C:\Users\maikl\Desktop\boerse.pdf
[2011.01.24 18:58:24 | 000,106,283 | ---- | C] () -- C:\Users\maikl\Desktop\Antrag 123.pdf
[2011.01.24 18:50:02 | 000,094,654 | ---- | C] () -- C:\Users\maikl\Desktop\Antragsformular_Volljaehrige(2).pdf
[2011.01.21 14:17:05 | 000,106,283 | ---- | C] () -- C:\Users\maikl\Desktop\Antragsformular_Volljaehrige.pdf
[2011.01.04 18:55:26 | 000,018,722 | ---- | C] () -- C:\Users\maikl\Desktop\antrag FH.pdf
[2010.12.31 18:28:54 | 014,631,256 | ---- | C] () -- C:\Users\maikl\Desktop\Dataworx - Control (Original Mix).mp3
[2010.12.29 13:52:05 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2010.12.29 13:52:05 | 000,001,653 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2010.06.16 00:27:27 | 000,005,174 | ---- | C] () -- C:\Windows\SysWow64\nppt9x.vxd
[2010.05.31 17:46:42 | 005,023,232 | ---- | C] () -- C:\Windows\SysNative\ffdshow.ax
[2010.05.30 14:17:38 | 003,851,461 | ---- | C] () -- C:\Windows\SysNative\libavcodec.dll
[2010.05.24 20:33:00 | 004,670,829 | ---- | C] () -- C:\Windows\SysWow64\libavcodec.dll
[2010.05.24 20:33:00 | 003,822,592 | ---- | C] () -- C:\Windows\SysWow64\ffdshow.ax
[2010.05.24 20:33:00 | 001,529,856 | ---- | C] () -- C:\Windows\SysWow64\ff_samplerate.dll
[2010.05.24 20:33:00 | 001,447,921 | ---- | C] () -- C:\Windows\SysWow64\ffmpegmt.dll
[2010.05.24 20:33:00 | 000,877,385 | ---- | C] () -- C:\Windows\SysWow64\ff_x264.dll
[2010.05.24 20:33:00 | 000,810,113 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2010.05.24 20:33:00 | 000,336,384 | ---- | C] () -- C:\Windows\SysWow64\ff_libfaad2.dll
[2010.05.24 20:33:00 | 000,324,096 | ---- | C] () -- C:\Windows\SysWow64\TomsMoComp_ff.dll
[2010.05.24 20:33:00 | 000,248,320 | ---- | C] () -- C:\Windows\SysWow64\ff_kernelDeint.dll
[2010.05.24 20:33:00 | 000,216,576 | ---- | C] () -- C:\Windows\SysWow64\ff_libdts.dll
[2010.05.24 20:33:00 | 000,151,552 | ---- | C] () -- C:\Windows\SysWow64\ff_libmad.dll
[2010.05.24 20:33:00 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\libmpeg2_ff.dll
[2010.05.24 20:33:00 | 000,139,944 | ---- | C] () -- C:\Windows\SysWow64\libmplayer.dll
[2010.05.24 20:33:00 | 000,121,856 | ---- | C] () -- C:\Windows\SysWow64\ff_liba52.dll
[2010.05.24 20:33:00 | 000,116,736 | ---- | C] () -- C:\Windows\SysWow64\ff_tremor.dll
[2010.05.24 20:33:00 | 000,108,032 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010.05.24 20:33:00 | 000,100,864 | ---- | C] () -- C:\Windows\SysWow64\ff_wmv9.dll
[2010.05.24 20:33:00 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\ff_unrar.dll
[2010.05.24 20:28:36 | 000,209,456 | ---- | C] () -- C:\Windows\SysNative\libmplayer.dll
[2010.05.19 21:59:52 | 000,552,960 | ---- | C] () -- C:\Windows\SysWow64\splitter.ax
[2010.05.19 21:59:20 | 000,150,528 | ---- | C] () -- C:\Windows\SysWow64\mkx.dll
[2010.05.19 21:59:10 | 000,109,568 | ---- | C] () -- C:\Windows\SysWow64\avi.dll
[2010.05.19 21:59:02 | 000,141,824 | ---- | C] () -- C:\Windows\SysWow64\mp4.dll
[2010.05.19 21:58:52 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\ogm.dll
[2010.05.19 21:58:24 | 000,113,152 | ---- | C] () -- C:\Windows\SysWow64\dsmux.exe
[2010.05.19 21:58:18 | 000,154,112 | ---- | C] () -- C:\Windows\SysWow64\ts.dll
[2010.05.19 21:58:08 | 000,249,856 | ---- | C] () -- C:\Windows\SysWow64\dxr.dll
[2010.05.19 21:57:42 | 000,097,792 | ---- | C] () -- C:\Windows\SysWow64\avs.dll
[2010.05.19 21:57:38 | 000,137,728 | ---- | C] () -- C:\Windows\SysWow64\mkv2vfr.exe
[2010.05.19 21:57:26 | 000,093,184 | ---- | C] () -- C:\Windows\SysWow64\avss.dll
[2010.05.19 21:57:20 | 000,358,400 | ---- | C] () -- C:\Windows\SysWow64\gdsmux.exe
[2010.05.19 21:55:40 | 000,080,384 | ---- | C] () -- C:\Windows\SysWow64\mkzlib.dll
[2010.05.19 21:55:36 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\mkunicode.dll
[2010.05.11 23:01:52 | 001,533,440 | ---- | C] () -- C:\Windows\SysNative\ff_samplerate.dll
[2010.05.11 22:37:46 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\libmpeg2_ff.dll
[2010.05.11 22:36:18 | 000,621,568 | ---- | C] () -- C:\Windows\SysNative\TomsMoComp_ff.dll
[2010.05.11 22:32:40 | 000,113,152 | ---- | C] () -- C:\Windows\SysNative\ff_unrar.dll
[2010.05.11 22:32:22 | 000,116,224 | ---- | C] () -- C:\Windows\SysNative\ff_wmv9.dll
[2010.05.11 22:31:56 | 000,121,856 | ---- | C] () -- C:\Windows\SysNative\ff_tremor.dll
[2010.05.11 22:31:44 | 000,155,136 | ---- | C] () -- C:\Windows\SysNative\ff_libmad.dll
[2010.05.11 22:31:30 | 000,347,136 | ---- | C] () -- C:\Windows\SysNative\ff_libfaad2.dll
[2010.05.11 22:30:38 | 000,222,720 | ---- | C] () -- C:\Windows\SysNative\ff_libdts.dll
[2010.05.11 22:30:24 | 000,105,984 | ---- | C] () -- C:\Windows\SysNative\ff_liba52.dll
[2010.04.28 20:34:14 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2010.04.28 20:34:12 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2010.04.10 21:08:00 | 000,075,514 | ---- | C] () -- C:\Users\maikl\Documents\ashes.jpg
[2010.04.10 21:06:44 | 000,048,735 | ---- | C] () -- C:\Users\maikl\Documents\22557_358915538451_512163451_4948086_1623508_n.jpg
[2010.04.10 21:03:15 | 000,041,689 | ---- | C] () -- C:\Users\maikl\Documents\renee.jpg
[2010.03.14 15:00:46 | 000,052,033 | ---- | C] () -- C:\Users\maikl\Documents\carnival09.jpg
[2010.03.14 14:59:14 | 000,069,925 | ---- | C] () -- C:\Users\maikl\Documents\ashred.jpg
[2010.03.14 14:56:48 | 000,050,894 | ---- | C] () -- C:\Users\maikl\Documents\rude gyal.jpg
[2010.03.14 14:55:45 | 000,062,983 | ---- | C] () -- C:\Users\maikl\Documents\beachchick.jpg
[2010.03.14 14:53:10 | 000,067,138 | ---- | C] () -- C:\Users\maikl\Documents\shorterhair.jpg
[2010.03.14 14:50:15 | 000,534,002 | ---- | C] () -- C:\Users\maikl\Documents\blkwhtchk-1.JPG
[2010.02.06 19:28:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.12.20 20:37:03 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2009.08.11 22:21:26 | 000,087,552 | ---- | C] () -- C:\Windows\SysWow64\ac3config.exe
[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009.07.03 09:40:28 | 000,982,220 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2009.07.03 09:40:28 | 000,439,300 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2009.07.03 09:40:28 | 000,134,592 | ---- | C] () -- C:\Windows\SysWow64\igfcg500.bin
[2009.07.03 09:40:28 | 000,092,216 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009.06.07 17:24:04 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2009.01.10 23:15:44 | 000,159,744 | ---- | C] () -- C:\Windows\SysWow64\mmfinfo.dll
[2008.11.06 16:37:32 | 003,596,288 | ---- | C] () -- C:\Windows\SysWow64\qt-dx331.dll
[2007.10.13 10:30:20 | 000,000,137 | ---- | C] () -- C:\Windows\SysWow64\Registration.ini
 
========== LOP Check ==========
 
[2010.12.29 17:26:03 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Ashampoo
[2010.03.12 23:37:13 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\avidemux
[2009.12.04 15:37:05 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\DAEMON Tools Pro
[2011.02.11 16:00:35 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.03.07 22:24:17 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\ICQ
[2009.12.20 20:39:48 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\MAGIX
[2010.03.01 14:37:54 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Sony
[2010.11.20 02:37:25 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\TS3Client
[2011.01.09 15:09:01 | 000,032,552 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2010.02.14 19:21:10 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Adobe
[2011.01.26 21:48:12 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Apple Computer
[2010.12.29 17:26:03 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Ashampoo
[2010.03.12 23:37:13 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\avidemux
[2010.09.27 19:24:39 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Avira
[2009.12.04 15:37:05 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\DAEMON Tools Pro
[2010.03.01 14:38:15 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\DivX
[2010.01.16 12:38:59 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Download Manager
[2011.02.11 16:00:35 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.03.07 22:24:17 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\ICQ
[2009.12.03 05:58:12 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Identities
[2009.12.20 20:22:39 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Intelli-studio
[2009.12.02 22:40:57 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Macromedia
[2009.12.20 20:39:48 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\MAGIX
[2010.09.26 18:02:01 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Malwarebytes
[2009.07.14 08:45:14 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Media Center Programs
[2011.01.26 16:10:57 | 000,000,000 | --SD | M] -- C:\Users\maikl\AppData\Roaming\Microsoft
[2009.12.03 06:45:26 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Mozilla
[2010.11.30 21:18:35 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Mozilla-Cache
[2011.02.26 00:55:47 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Skype
[2011.02.26 00:04:24 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\skypePM
[2010.03.01 14:37:54 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Sony
[2010.11.20 02:37:25 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\TS3Client
[2010.12.23 22:08:33 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\vlc
[2011.03.07 13:31:50 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\Winamp
[2009.12.04 11:52:44 | 000,000,000 | ---D | M] -- C:\Users\maikl\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2008.05.29 07:03:08 | 000,037,176 | ---- | M] () -- C:\Users\maikl\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2010.03.01 14:36:06 | 000,010,134 | R--- | M] () -- C:\Users\maikl\AppData\Roaming\Microsoft\Installer\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
 
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 02:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\drivers\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 02:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 02:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:66B13F37
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C

< End of report >
         

Extras:
Code:
ATTFilter
OTL Extras logfile created on: 08.03.2011 13:43:53 - Run 3
OTL by OldTimer - Version 3.2.22.3     Folder = C:\Users\maikl\Desktop
64bit- Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 68,00% Memory free
6,00 Gb Paging File | 5,00 Gb Available in Paging File | 80,00% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 39,43 Gb Total Space | 3,27 Gb Free Space | 8,28% Space Free | Partition Type: NTFS
Drive D: | 193,36 Gb Total Space | 29,06 Gb Free Space | 15,03% Space Free | Partition Type: NTFS
 
Computer Name: MAIKL-PC | User Name: maikl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 360 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3191880777-1666176750-4280788527-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d y && icacls "%1" /grant administrators:F /t (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP610_series" = Canon MP610 series
"{1374CC63-B520-4f3f-98E8-E9020BF01CFF}" = Windows XP Mode
"{295CFB7C-A57E-4313-93E7-68E7CE1D0332}" = Adobe WinSoft Linguistics Plugin x64
"{2D74E972-5A85-44DC-9193-8A302BA8C181}" = Photoshop Camera Raw_x64
"{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}" = Adobe Fonts All x64
"{8875A1C0-6308-4790-8CF6-D34E89880052}" = Adobe Linguistics CS4 x64
"{887797BF-37A5-4199-B0C9-0D38D6196E9A}" = Adobe Anchor Service x64 CS4
"{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}" = Adobe Type Support x64 CS4
"{8DAA31EB-6830-4006-A99F-4DF8AB24714F}" = Adobe CSI CS4 x64
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90BA8112-80B3-4617-A3C1-BD2771B60F74}" = Adobe CMaps x64 CS4
"{963BFE7E-C350-4346-B43C-B02358306A45}" = Apple Mobile Device Support
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{A3454894-144A-4D80-B605-C128FE0D7329}" = Adobe Drive CS4 x64
"{B37A99DD-88E2-4ED0-80B4-1E054AB354BF}" = Adobe InDesign CS4 Icon Handler x64
"{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}" = Adobe Photoshop CS4 (64 Bit)
"{DFFABE78-8173-4E97-9C5C-22FB26192FC5}" = Adobe PDF Library Files x64 CS4
"{E4F5E48E-7155-4CF9-88CD-7F377EC9AC54}" = Bonjour
"CNXT_AUDIO_HDA" = Conexant HD Audio
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"WinRAR archiver" = WinRAR
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{05308C4E-7285-4066-BAE3-6B50DA6ED755}" = Adobe Update Manager CS4
"{054EFA56-2AC1-48F4-A883-0AB89874B972}" = Adobe Extension Manager CS4
"{098727E1-775A-4450-B573-3F441F1CA243}" = kuler
"{098A2A49-7CF3-4F08-A38D-FB879117152A}" = Adobe Color NA Extra Settings CS4
"{09CE1A94-6650-49E2-A688-B98F43135923}" = S4 League_EU
"{0D6013AB-A0C7-41DC-973C-E93129C9A29F}" = Adobe Color JA Extra Settings CS4
"{0D67A4E4-5BE0-4C9A-8AD8-AB552B433F23}" = Adobe Setup
"{0DC0E85F-36E4-463B-B3EA-4CD8ED2222A1}" = Adobe Color EU Recommended Settings CS4
"{0DD140D3-9563-481E-AA75-BA457CBDAEF2}" = PC Inspector File Recovery
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0F723FC1-7606-4867-866C-CE80AD292DAF}" = Adobe CSI CS4
"{1104E2E0-9378-455d-9E0E-6235A4E52DB0}_is1" = ArchLord
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15BF7AAF-846C-4A6D-80E1-5D1FC7FB461B}" = Adobe SGM CS4
"{1618734A-3957-4ADD-8199-F973763109A8}" = Adobe Anchor Service CS4
"{16E16F01-2E2D-4248-A42F-76261C147B6C}" = Adobe Drive CS4
"{16E6D2C1-7C90-4309-8EC4-D2212690AAA4}" = AdobeColorCommonSetRGB
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{197A3012-8C85-4FD3-AB66-9EC7E13DB92E}" = Adobe AIR
"{1DCA3EAA-6EB5-4563-A970-EA14D75037BA}" = Adobe InDesign CS4
"{1E04CB54-AF4E-4AC3-B4B7-C0A160BE57F1}" = Adobe InDesign CS4 Icon Handler
"{1E99F5D7-4262-4C7C-9135-F066E7485811}" = System Requirements Lab
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{255FC1CF-2620-4B64-BE02-79B9E609BB3D}" = Webzen Game Starter
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 24
"{2BAF2B96-7560-48B4-87D4-10178DDBE217}" = Adobe InDesign CS4 Application Feature Set Files (Roman)
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.007.00
"{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}" = PDF Settings CS4
"{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}" = Adobe Media Player
"{3A4E8896-C2E7-4084-A4A4-B8FD1894E739}" = Adobe XMP Panels CS4
"{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}" = Adobe Color - Photoshop Specific CS4
"{3DA8DF9A-044E-46C4-8531-DEDBB0EE37FF}" = Adobe WinSoft Linguistics Plugin
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4943EFF5-229F-435D-BEA9-BE3CAEA783A7}" = Adobe Service Manager Extension
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A52555C-032A-4083-BDD9-6A85ABFB39A8}" = Adobe SING CS4
"{52285E1E-4C0C-11DF-A981-005056806466}" = Google Earth
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{63C24A08-70F3-4C8E-B9FB-9F21A903801D}" = Adobe Color Video Profiles CS CS4
"{63E5CDBF-8214-4F03-84F8-CD3CE48639AD}" = Adobe Photoshop CS4 Support
"{67F0E67A-8E93-4C2C-B29D-47C48262738A}" = Adobe Device Central CS4
"{68243FF8-83CA-466B-B2B8-9F99DA5479C4}" = AdobeColorCommonSetCMYK
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{71BFC818-0CED-42D6-9C87-5142918957EE}" = ICQ7.1
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CC7BDD5-6F10-4724-96A1-EAC7D9F2831C}" = Adobe InDesign CS4 Common Base Files
"{820D3F45-F6EE-4AAF-81EF-CE21FF21D230}" = Adobe Type Support CS4
"{83877DB1-8B77-45BC-AB43-2BAC22E093E0}" = Adobe Bridge CS4
"{842B4B72-9E8F-4962-B3C1-1C422A5C4434}" = Suite Shared Configuration CS4
"{87532CAB-7932-4F84-8937-823337622807}" = Adobe Illustrator CS4
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8CE08C3C-8FF4-45D9-925E-4F3CE2D7FA7D}" = Adobe Setup
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{A0516415-ED61-419A-981D-93596DA74165}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARD_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_STANDARD_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{E64BA721-2310-4B55-BE5A-2925F9706192}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_STANDARD_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_STANDARD_{26454C26-D259-4543-AA60-3189E09C5F76}" = 2007 Microsoft Office Suite Service Pack 2 (SP2)
"{931AB7EA-3656-4BB7-864D-022B09E3DD67}" = Adobe Linguistics CS4
"{94D398EB-D2FD-4FD1-B8C4-592635E8A191}" = Adobe CMaps CS4
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A94000000001}" = Adobe Reader 9.4.1 - Deutsch
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{AF37F9DE-0726-439E-BC10-43D9195394D0}" = Firebird SQL Server - MAGIX Edition
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B29AD377-CC12-490A-A480-1452337C618D}" = Connect
"{B65BA85C-0A27-4BC0-A22D-A66F0E5B9494}" = Adobe Photoshop CS4
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{BB4E33EC-8181-4685-96F7-8554293DEC6A}" = Adobe Output Module
"{BC4CA8FA-41D2-4B81-8680-E9B7573D6500}" = PlayStation(R)Network Downloader
"{C41300B9-185D-475E-BFEC-39EF732F19B1}" = Apple Software Update
"{C52E3EC1-048C-45E1-8D53-10B0C6509683}" = Adobe Default Language CS4
"{C8C6DF5B-5825-47CD-B985-40A46C71CDE3}" = Media Go
"{CA1CA5F8-7500-45C5-9D4C-47D13FBC92D2}" = Adobe Setup
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader  1.12
"{CC75AB5C-2110-4A7F-AF52-708680D22FE8}" = Photoshop Camera Raw
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1
"{E4848436-0345-47E2-B648-8B522FCDA623}" = Adobe Photoshop CS4
"{EE6097DD-05F4-4178-9719-D3170BF098E8}" = Apple Application Support
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony Ericsson PC Companion 1.60.00
"{F0E64E2E-3A60-40D8-A55D-92F6831875DA}" = Adobe Search for Help
"{F8EF2B3F-C345-4F20-8FE4-791A20333CD5}" = Adobe ExtendScript Toolkit CS4
"{F93C84A6-0DC6-42AF-89FA-776F7C377353}" = Adobe PDF Library Files CS4
"{FCDD51BB-CAD0-4BB1-B7DF-CE86D1032794}" = Adobe Fonts All
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_1710d324011afc3e7658e969025f4ba" = Adobe InDesign CS4
"Adobe_2a31ae7a5c43ff52d8577782dd34e04" = Adobe Illustrator CS4
"Adobe_faf656ef605427ee2f42989c3ad31b8" = Adobe Photoshop CS4
"Akamai" = Akamai NetSession Interface
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE
"Avidemux 2.5" = Avidemux 2.5
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"CanonMyPrinter" = Canon Utilities My Printer
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.9.32
"ICQToolbar" = ICQ Toolbar
"JDownloader" = JDownloader
"MAGIX Screenshare D" = MAGIX Screenshare
"MAGIX Speed burnR D" = MAGIX Speed burnR
"MAGIX Video deluxe 16 Download-Version D" = MAGIX Video deluxe 16 Download-Version 9.0.0.55 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"Media Player - Codec Pack" = Media Player Codec Pack 3.9.6
"Mozilla Firefox (3.6.15)" = Mozilla Firefox (3.6.15)
"PartyPoker" = PartyPoker
"STANDARD" = Microsoft Office Standard 2007
"Steam App 240" = Counter-Strike: Source
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"TurboPlot_is1" = TurboPlot v3.7a
"Uninstall_is1" = Uninstall 1.0.0.1
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 1.1.5
"Winamp" = Winamp
"World of Warcraft" = World of Warcraft
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3191880777-1666176750-4280788527-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 10 Event Log Errors ==========
 
Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!
 
< End of report >
         

Alt 09.03.2011, 14:21   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich Viren? - Standard

Habe ich Viren?



Zitat:
have vor kurzem mal unter sonem youtube video auf son link geklickt^^
geht das auch genauer?
__________________

__________________

Alt 09.03.2011, 15:44   #3
maikl
 
Habe ich Viren? - Standard

Habe ich Viren?



wollte mir die highlights eines fußball spiels angucken. und dann war im video nur ein foto abgebildet und der betreiber meinte wegen youtube rechten kann er das video hier nich uploaden und man soll auf den link in der description klicken um das video anzuschauen.
aber die genaue seite finde ich nicht mehr weder hab ich sie noch im kopf.


aber hast du irgendwelche viren bei mir gefunden??
__________________

Alt 09.03.2011, 15:48   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich Viren? - Standard

Habe ich Viren?



Gibt es noch weitere Logs von Malwarebytes? Wenn ja bitte alle davon posten. Du findest diese im Reiter Logdateien in Malwarebytes.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.03.2011, 18:45   #5
maikl
 
Habe ich Viren? - Standard

Habe ich Viren?



ne gibt es nicht. aber ich habe ein Malware.Trace in quarantäne. schlimm?
sieht es sonst gut aus?
was kannste mir zu meinem oberen post sagen.
kann antivir die infizierten cookies (oder wie auch immer man sonst viren nur per klick einer webseite kriegt) problemlos löschen?


Alt 10.03.2011, 11:37   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich Viren? - Standard

Habe ich Viren?



Beende alle Programme, starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{5add959b-251b-11df-94d4-002622c86c50}\Shell - "" = AutoRun
O33 - MountPoints2\{5add959b-251b-11df-94d4-002622c86c50}\Shell\AutoRun\command - "" = G:\Startme.exe
O33 - MountPoints2\{98316eb2-ed5c-11de-9b9e-002622c86c50}\Shell - "" = AutoRun
O33 - MountPoints2\{98316eb2-ed5c-11de-9b9e-002622c86c50}\Shell\AutoRun\command - "" = H:\iStudio.exe
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell - "" = AutoRun
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell\AutoRun\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell\configure\command - "" = F:\SETUP.EXE
O33 - MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\Shell\install\command - "" = F:\SETUP.EXE
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:66B13F37
@Alternate Data Stream - 122 bytes -> C:\ProgramData\TEMP:6152D44C
:Commands
[purity]
[resethosts]
[emptytemp]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.
__________________
--> Habe ich Viren?

Alt 10.03.2011, 13:38   #7
maikl
 
Habe ich Viren? - Standard

Habe ich Viren?



Erledigt.
Danke, dass du dir die Zeit nimmst.


Code:
ATTFilter
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5add959b-251b-11df-94d4-002622c86c50}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5add959b-251b-11df-94d4-002622c86c50}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5add959b-251b-11df-94d4-002622c86c50}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5add959b-251b-11df-94d4-002622c86c50}\ not found.
File G:\Startme.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98316eb2-ed5c-11de-9b9e-002622c86c50}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98316eb2-ed5c-11de-9b9e-002622c86c50}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{98316eb2-ed5c-11de-9b9e-002622c86c50}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98316eb2-ed5c-11de-9b9e-002622c86c50}\ not found.
File H:\iStudio.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{adf66beb-e0e2-11de-a908-002622c86c50}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{adf66beb-e0e2-11de-a908-002622c86c50}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{adf66beb-e0e2-11de-a908-002622c86c50}\ not found.
File F:\SETUP.EXE not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{adf66beb-e0e2-11de-a908-002622c86c50}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{adf66beb-e0e2-11de-a908-002622c86c50}\ not found.
File F:\SETUP.EXE not found.
ADS C:\ProgramData\TEMP:66B13F37 deleted successfully.
ADS C:\ProgramData\TEMP:6152D44C deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: maikl
->Temp folder emptied: 4075003194 bytes
->Temporary Internet Files folder emptied: 73910794 bytes
->Java cache emptied: 7151180 bytes
->FireFox cache emptied: 116917662 bytes
->Flash cache emptied: 195388 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 58764268 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 102360 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 4.131,00 mb
 
 
OTL by OldTimer - Version 3.2.20.1 log created on 03102011_143200

Files\Folders moved on Reboot...
C:\Users\maikl\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...
         

Alt 10.03.2011, 16:18   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Habe ich Viren? - Standard

Habe ich Viren?



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Lade dir ComboFix hier herunter auf deinen Desktop. Benenne es beim Runterladen um in cofi.exe.
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte cofi.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Habe ich Viren?
4d36e972-e325-11ce-bfc1-08002be10318, 64-bit, adblock, akamai, alternate, avgntflt.sys, bho, bonjour, c:\windows\system32\rundll32.exe, c:\windows\system32\services.exe, chdrt64.sys, converter, desktop, error, excel, firefox, google, helper, langs, link geklickt, location, logfile, media center, microsoft office word, mozilla, mp3, nt.dll, ntdll.dll, nvstor.sys, oldtimer, programdata, programm, prozesse, registry, rundll, saver, searchplugins, shortcut, software, sptd.sys, start menu, svchost.exe, systray, syswow64, teamspeak, thomas, usb, versteckte objekte, verweise, viren, virus gefunden, webcheck, windows, windows xp, wuauclt.exe



Ähnliche Themen: Habe ich Viren?


  1. Win7 - habe ich Viren?
    Log-Analyse und Auswertung - 03.09.2015 (11)
  2. Habe ich immernoch Viren?
    Plagegeister aller Art und deren Bekämpfung - 28.04.2014 (13)
  3. Habe mir ein paar Viren eingefangen
    Log-Analyse und Auswertung - 14.10.2013 (25)
  4. Habe mir einiges eingefangen (Trojaner/Viren)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (29)
  5. Hilfe habe einige Viren auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 29.09.2012 (2)
  6. habe ich jetzt Viren?
    Plagegeister aller Art und deren Bekämpfung - 12.04.2011 (6)
  7. Habe eventuell Viren
    Log-Analyse und Auswertung - 11.11.2010 (20)
  8. Ich habe Probleme mit Viren und Trojanern
    Plagegeister aller Art und deren Bekämpfung - 19.08.2010 (74)
  9. Hilfe habe mehrer viren auf dem PC :(
    Mülltonne - 14.06.2008 (0)
  10. Habe Schwierigkeiten! Viren?
    Plagegeister aller Art und deren Bekämpfung - 21.12.2007 (7)
  11. Habe mehrer Viren und Trojaner
    Log-Analyse und Auswertung - 28.03.2007 (5)
  12. War eine ganze Weile fei von Viren aber jetzt habe ich Viren Bursters !!!
    Log-Analyse und Auswertung - 17.12.2006 (1)
  13. Bitte helfen ! Habe viele Viren auf PC
    Mülltonne - 22.02.2006 (5)
  14. Habe ich Viren? ^^
    Log-Analyse und Auswertung - 26.12.2005 (1)
  15. habe ich Viren?
    Plagegeister aller Art und deren Bekämpfung - 15.06.2005 (0)
  16. Habe keine Ahnung von Viren, o.ä. und habe ein Problem mit about:blank als Startseite
    Plagegeister aller Art und deren Bekämpfung - 01.02.2005 (8)
  17. Hilfe habe Viren was kann ich tun??
    Plagegeister aller Art und deren Bekämpfung - 09.11.2004 (4)

Zum Thema Habe ich Viren? - Hallo könnt ihr mal schauen, ob bei mir irgendetwas infiziert ist? beim antivir-scan hat der etwas gefunden, das ich dann in die quarantäne geschoben habe. was mache ich nun damit? - Habe ich Viren?...
Archiv
Du betrachtest: Habe ich Viren? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.