Hier schon mal die Logfile von dem Fix.
Ich arbeite schon mal die anderen Punkte ab. Code:
All processes killed
========== OTL ==========
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable|dword:0 /E : value set successfully!
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: "hxxp://www.irinnews.org/|hxxp://www.francksen.com/aktuelles.htm|hxxp://www.nachdenkseiten.de/| hxxp://www.handelsblatt.com/" removed from browser.startup.homepage
Prefs.js: search@searchsettings.com:1.2.2 removed from extensions.enabledItems
Prefs.js: 4 removed from network.proxy.type
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll moved successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
File C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{C55BBCD6-41AD-48AD-9953-3609C48EACC7} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C55BBCD6-41AD-48AD-9953-3609C48EACC7}\ not found.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34309001-f3db-11e0-9089-00226815042a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34309001-f3db-11e0-9089-00226815042a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34309001-f3db-11e0-9089-00226815042a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34309001-f3db-11e0-9089-00226815042a}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34309017-f3db-11e0-9089-00226815042a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34309017-f3db-11e0-9089-00226815042a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{34309017-f3db-11e0-9089-00226815042a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34309017-f3db-11e0-9089-00226815042a}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44989bec-f3de-11e0-90bd-00226815042a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44989bec-f3de-11e0-90bd-00226815042a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44989bec-f3de-11e0-90bd-00226815042a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44989bec-f3de-11e0-90bd-00226815042a}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44989c33-f3de-11e0-90bd-00226815042a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44989c33-f3de-11e0-90bd-00226815042a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{44989c33-f3de-11e0-90bd-00226815042a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44989c33-f3de-11e0-90bd-00226815042a}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d99bfa1-dd35-11e0-bcc0-00226815042a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d99bfa1-dd35-11e0-bcc0-00226815042a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7d99bfa1-dd35-11e0-bcc0-00226815042a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7d99bfa1-dd35-11e0-bcc0-00226815042a}\ not found.
File E:\AutoRun.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abb06f52-f92e-11de-8fe0-00226815042a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{abb06f52-f92e-11de-8fe0-00226815042a}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{abb06f52-f92e-11de-8fe0-00226815042a}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{abb06f52-f92e-11de-8fe0-00226815042a}\ not found.
File "G:\WD SmartWare.exe" autoplay=true not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\Windows\Tasks\SystemToolsDailyTest.job moved successfully.
========== FILES ========== < ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\Tommii\Desktop\cmd.bat deleted successfully.
C:\Users\Tommii\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: blubb
->Temp folder emptied: 967921 bytes
->Temporary Internet Files folder emptied: 1054608 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44162779 bytes
->Flash cache emptied: 57111 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 56466 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
User: Gast
->Temp folder emptied: 70406 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->Flash cache emptied: 56466 bytes
User: Public
User: Tommii
->Temp folder emptied: 226062769 bytes
->Temporary Internet Files folder emptied: 49310196 bytes
->Java cache emptied: 30763735 bytes
->FireFox cache emptied: 228347161 bytes
->Opera cache emptied: 13684730 bytes
->Flash cache emptied: 84215 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 309226447 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 67899 bytes
RecycleBin emptied: 3971594196 bytes
Total Files Cleaned = 4,650.00 mb
OTL by OldTimer - Version 3.2.39.1 log created on 03222012_103829
Files\Folders moved on Reboot...
C:\Users\Tommii\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
Registry entries deleted on Reboot... Update: SuperAntiSpyware sucht seit 30 min, bisher nur cookies gefunden (die tun ja nix, oder?)
LogFile SuperAntiSpyWare Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com
Generated 03/22/2012 at 01:58 PM
Application Version : 5.0.1146
Core Rules Database Version : 8365
Trace Rules Database Version: 6177
Scan type : Complete Scan
Total Scan Time : 02:43:06
Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User
Memory items scanned : 674
Memory threats detected : 0
Registry items scanned : 67738
Registry threats detected : 0
File items scanned : 125533
File threats detected : 112
Adware.Tracking Cookie
bc.youporn.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4H976EAZ ]
macromedia.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4H976EAZ ]
media.mtvnservices.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4H976EAZ ]
static.youporn.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4H976EAZ ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
media.mtvnservices.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tracking.mindshare.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.zanox.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.content.yieldmanager.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
media.adrevolver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.microsoftwindows.112.2o7.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
de.sitestat.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.adserver.adtechus.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tradedoubler.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.smartadserver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.bluestreak.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.dynamic.media.adrevolver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
adserver.nordprovider.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.hitbox.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.ehg-upcchellomedia.hitbox.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
adsrv1.admediate.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
adsrv.admediate.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
adsrv.admediate.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.webmasterplan.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
www.etracker.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.zanox-affiliate.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.tto2.traffictrack.de [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.dynamic.media.adrevolver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
.adrevolver.com [ C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\ANWENDUNGSDATEN\MOZILLA\FIREFOX\PROFILES\Y4XDUETU.DEFAULT\COOKIES.SQLITE ]
C:\DOKUMENTE UND EINSTELLUNGEN\TOMMII\COOKIES\TOMMII@2O7[2].TXT [ /2O7 ]
Heur.Agent/Gen-FakeSkype
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000310.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000317.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000318.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000330.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000331.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000353.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000357.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000361.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000362.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000366.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000462.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000465.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000466.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000470.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000471.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000479.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000481.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000483.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000484.DLL
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2C31C0B8-4889-4F0D-A176-987083F30CE1}\RP1\A0000486.DLL
Trojan.Agent/Gen-Autorun[Swisyn]
ZIP ARCHIVE( C:\USERS\TOMMII\VOM ALTEN PC\DATES\SPIELE-ZUBEHöR\CRACKS\Q3ACRK\Q3AKG.ZIP )/TNT-KEYHOSTS.AUTO.UPDATE.EXE
C:\USERS\TOMMII\VOM ALTEN PC\DATES\SPIELE-ZUBEHöR\CRACKS\Q3ACRK\Q3AKG.ZIP
ZIP ARCHIVE( C:\USERS\TOMMII\VOM ALTEN PC\DATES\SPIELE-ZUBEHöR\CRACKS\Q3ACRK\Q3AKG.ZIP )/TNT-Q3ARENA KEY SERVER.EXE
Trojan.Agent/Gen-Krpytik
ZIP ARCHIVE( C:\USERS\TOMMII\VOM ALTEN PC\DATES\SPIELE-ZUBEHöR\CRACKS\TONY 3 NO-CD.ZIP )/INF_THPS3_NOCD.EXE
C:\USERS\TOMMII\VOM ALTEN PC\DATES\SPIELE-ZUBEHöR\CRACKS\TONY 3 NO-CD.ZIP Log des ESET Onlinescanners: Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=7a1bb7f390b3f9418638373b2f3b7045
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-03-22 06:44:36
# local_time=2012-03-22 07:44:36 (+0100, Mitteleuropäische Zeit)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 13506246 13506246 0 0
# compatibility_mode=3073 16777214 0 7 22273260 22273260 0 0
# compatibility_mode=5893 16776573 100 94 21758 84057311 0 0
# compatibility_mode=8192 67108863 100 0 4722 4722 0 0
# scanned=326624
# found=5
# cleaned=5
# scan_time=14415
C:\Dokumente und Einstellungen\Tommii\Lokale Einstellungen\Temporary Internet Files\Content.IE5\KFPHOURH\pdfforgeToolbar[1].msi probably a variant of Win32/Adware.Toolbar.Dealio application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Users\blubb\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\QuickStores.lnk Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\blubb\AppData\Roaming\Microsoft\Windows\Start Menu\QuickStores.lnk Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\blubb\Desktop\QuickStores.lnk Win32/Adware.ADON application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Users\blubb\Downloads\Unlocker1.9.1.exe Win32/Adware.ADON application (deleted - quarantined) 00000000000000000000000000000000 C Avira Antivir und Malwarebytes Antimalware habe ich wieder aktiviert.
Jetzt läuft OTL.
Hier das Log von OTL:
OTL Logfile: Code:
OTL logfile created on: 22/03/2012 19:56:57 - Run 2
OTL by OldTimer - Version 3.2.39.1 Folder = C:\Users\Tommii\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
3.90 Gb Total Physical Memory | 1.93 Gb Available Physical Memory | 49.55% Memory free
7.80 Gb Paging File | 5.82 Gb Available in Paging File | 74.72% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 226.11 Gb Total Space | 57.98 Gb Free Space | 25.64% Space Free | Partition Type: NTFS
Computer Name: TOMMII666 | User Name: Tommii | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/03/22 09:23:45 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Tommii\Desktop\OTL.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/10/11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011/10/11 13:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2011/10/11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/09/23 05:44:20 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe
PRC - [2011/04/18 13:01:04 | 000,028,672 | ---- | M] (Lenovo Group Limited) -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe
PRC - [2010/07/04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
PRC - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
PRC - [2009/09/09 03:05:00 | 000,075,040 | ---- | M] (Lenovo) -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe
PRC - [2009/09/05 17:29:06 | 000,385,024 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2009/05/21 12:48:38 | 000,128,368 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\ZOOM\TpScrex.exe
PRC - [2009/05/21 12:48:18 | 000,062,320 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe
PRC - [2009/04/14 11:51:38 | 000,015,136 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\tpfnf6r.exe
PRC - [2009/03/13 09:32:48 | 000,068,976 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe
PRC - [2009/02/02 10:04:10 | 000,067,432 | ---- | M] (Lenovo Group Limited) -- C:\Programme\Lenovo\HOTKEY\TPONSCR.exe
========== Modules (No Company Name) ==========
MOD - [2011/09/23 05:44:20 | 001,833,944 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll
MOD - [2010/07/04 22:32:36 | 000,004,608 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerHook.dll
MOD - [2010/07/04 20:51:26 | 000,017,408 | ---- | M] () -- C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe
========== Win32 Services (SafeList) ==========
SRV:64bit: - [2011/08/12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2009/10/15 15:50:08 | 002,505,976 | ---- | M] (AuthenTec, Inc.) [Auto | Running] -- C:\Windows\SysNative\AtService.exe -- (ATService)
SRV:64bit: - [2009/10/15 15:50:00 | 000,117,760 | ---- | M] () [Auto | Running] -- C:\Windows\SysNative\DTS.exe -- (dtsvc)
SRV:64bit: - [2009/10/15 15:49:54 | 000,130,048 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\ADMonitor.exe -- (ADMonitor)
SRV:64bit: - [2009/10/01 06:00:50 | 000,948,224 | ---- | M] () [Auto | Running] -- C:\Program Files\ShrewSoft\VPN Client\iked.exe -- (iked)
SRV:64bit: - [2009/09/21 16:00:44 | 000,831,760 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2009/08/24 13:43:54 | 000,045,856 | ---- | M] (Lenovo) [Auto | Running] -- C:\Windows\SysNative\ibmpmsvc.exe -- (IBMPMSVC)
SRV:64bit: - [2009/07/14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/12 23:55:02 | 000,050,688 | ---- | M] () [Auto | Running] -- C:\Program Files\ShrewSoft\VPN Client\dtpd.exe -- (dtpd)
SRV:64bit: - [2009/07/12 23:51:08 | 000,690,688 | ---- | M] () [Auto | Running] -- C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe -- (ipsecd)
SRV:64bit: - [2009/06/29 13:51:04 | 000,047,656 | ---- | M] (Lenovo.) [On_Demand | Stopped] -- C:\Windows\SysNative\TPHDEXLG64.exe -- (TPHDEXLGSVC)
SRV:64bit: - [2007/02/07 16:27:02 | 000,566,768 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlbccoms.exe -- (dlbc_device)
SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/10/11 13:59:49 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/10/11 13:59:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/04/28 13:34:42 | 000,870,200 | ---- | M] (Trusteer Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/04/18 13:01:04 | 000,028,672 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Program Files (x86)\Lenovo\System Update\SUService.exe -- (SUService)
SRV - [2010/12/08 14:31:06 | 000,628,736 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2010/03/18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/09/23 13:38:18 | 000,935,208 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)
SRV - [2009/09/09 03:05:00 | 000,075,040 | ---- | M] (Lenovo) [On_Demand | Running] -- C:\Program Files (x86)\ThinkPad\Utilities\PWMDBSVC.exe -- (Power Manager DBC Service)
SRV - [2009/06/10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/21 12:48:24 | 000,045,424 | ---- | M] (Lenovo Group Limited) [Auto | Stopped] -- C:\Programme\Lenovo\HOTKEY\micmute.exe -- (LENOVO.MICMUTE)
SRV - [2009/05/21 12:48:18 | 000,062,320 | ---- | M] (Lenovo Group Limited) [Auto | Running] -- C:\Programme\Lenovo\HOTKEY\TPHKSVC.exe -- (TPHKSVC)
SRV - [2009/04/29 11:21:18 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/02/27 06:54:22 | 000,870,672 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012/02/20 22:21:31 | 000,132,320 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/10/11 14:00:01 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/10/11 14:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011/07/22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS -- (SASDIFSV)
DRV:64bit: - [2011/07/12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS -- (SASKUTIL)
DRV:64bit: - [2011/04/28 13:34:54 | 000,064,272 | ---- | M] (Trusteer Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\RapportKE64.sys -- (RapportKE64)
DRV:64bit: - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010/11/20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/28 16:44:52 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2010/07/30 13:18:02 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2010/07/30 13:17:56 | 000,019,456 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2010/05/07 20:52:20 | 000,024,560 | ---- | M] (PC-Doctor, Inc.) [Kernel | On_Demand | Stopped] -- c:\program files\pc-doctor\pcdsrvc_x64.pkms -- (PCDSRVC{127174DC-C366ED8B-06020000}_0)
DRV:64bit: - [2010/03/10 07:16:36 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
DRV:64bit: - [2010/01/14 08:48:14 | 000,040,512 | ---- | M] (Lenovo (United States) Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\psadd.sys -- (psadd)
DRV:64bit: - [2009/11/24 11:46:18 | 000,180,784 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2009/09/23 07:32:22 | 000,012,800 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2009/09/15 12:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) Intel(R)
DRV:64bit: - [2009/09/09 03:05:00 | 000,013,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\TPPWR64V.SYS -- (TPPWRIF)
DRV:64bit: - [2009/09/01 01:44:16 | 000,551,936 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ATSwpWDF.sys -- (ATSwpWDF)
DRV:64bit: - [2009/08/24 13:43:54 | 000,030,760 | ---- | M] (Lenovo.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ibmpmdrv.sys -- (IBMPMDRV)
DRV:64bit: - [2009/08/13 21:53:50 | 007,370,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009/08/07 05:24:14 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009/07/22 06:57:58 | 000,647,168 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 01:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009/07/14 01:06:43 | 000,060,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\61883.sys -- (61883)
DRV:64bit: - [2009/07/14 01:06:43 | 000,048,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avc.sys -- (Avc)
DRV:64bit: - [2009/07/14 01:06:42 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msdv.sys -- (MSDV)
DRV:64bit: - [2009/07/14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/30 13:05:16 | 001,486,848 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/06/30 13:01:16 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/06/30 12:59:54 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009/06/29 13:51:02 | 000,133,672 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsX64.sys -- (Shockprf)
DRV:64bit: - [2009/06/29 13:51:00 | 000,023,592 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ApsHM64.sys -- (TPDIGIMN)
DRV:64bit: - [2009/06/23 12:50:36 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/06/11 17:04:54 | 003,531,136 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/06/10 22:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 22:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 22:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/04/29 11:21:08 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/01/16 08:58:26 | 000,020,480 | ---- | M] (Shrew Soft Inc) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2009/01/16 08:58:26 | 000,020,480 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (pflt)
DRV:64bit: - [2008/08/28 11:44:42 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2008/06/24 18:08:06 | 000,013,840 | ---- | M] (UPEK Inc.) [Kernel | Auto | Running] -- C:\Program Files\Common Files\ThinkVantage Fingerprint Software\Drivers\smihlp.sys -- (smihlp) SMI Helper Driver (smihlp)
DRV:64bit: - [2008/05/12 18:04:26 | 000,015,400 | ---- | M] (Lenovo Group Limited) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\smiifx64.sys -- (lenovo.smi)
DRV:64bit: - [2008/02/21 10:24:20 | 000,062,976 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimmpx64.sys -- (rimmptsk)
DRV:64bit: - [2007/07/27 19:45:52 | 000,057,856 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rixdpx64.sys -- (rismxdp)
DRV:64bit: - [2007/07/26 20:33:54 | 000,055,296 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimspx64.sys -- (rimsptsk)
DRV:64bit: - [2006/06/18 22:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV - [2011/04/28 13:34:54 | 000,061,200 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys -- (RapportPG64)
DRV - [2011/04/28 13:34:54 | 000,052,496 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys -- (RapportEI64)
DRV - [2010/07/04 20:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files (x86)\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/09/08 10:49:44 | 000,014,604 | ---- | M] (Padus, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\pfc.sys -- (pfc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = C8 DA 3C 76 21 FB CC 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "Ecosia"
FF - prefs.js..browser.search.useDBForOrder: true
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Components: C:\Programme\Mozilla Firefox\components [2011/09/28 16:43:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0\extensions\\Plugins: C:\Programme\Mozilla Firefox\plugins [2012/03/22 11:08:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/22 14:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012/03/22 10:51:30 | 000,000,000 | ---D | M]
[2010/09/01 19:33:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tommii\AppData\Roaming\mozilla\Extensions
[2010/09/01 19:33:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tommii\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012/03/18 00:56:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tommii\AppData\Roaming\mozilla\Firefox\Profiles\hzijvcs8.default\extensions
[2012/01/21 00:17:50 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Tommii\AppData\Roaming\mozilla\Firefox\Profiles\hzijvcs8.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012/02/21 08:19:36 | 000,000,000 | ---D | M] (Zotero) -- C:\Users\Tommii\AppData\Roaming\mozilla\Firefox\Profiles\hzijvcs8.default\extensions\zotero@chnm.gmu.edu
[2012/03/18 00:56:32 | 000,000,000 | ---D | M] (Zotero Word for Windows Integration) -- C:\Users\Tommii\AppData\Roaming\mozilla\Firefox\Profiles\hzijvcs8.default\extensions\zoteroWinWordIntegration@zotero.org
[2012/03/20 20:35:32 | 000,002,289 | ---- | M] () -- C:\Users\Tommii\AppData\Roaming\Mozilla\Firefox\Profiles\hzijvcs8.default\searchplugins\ecosia.xml
[2012/03/20 21:16:59 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\PROGRAMME\MOZILLA FIREFOX\EXTENSIONS\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
() (No name found) -- C:\USERS\TOMMII\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\HZIJVCS8.DEFAULT\EXTENSIONS\{B749FC7C-E949-447F-926C-3F4EED6ACCFE}.XPI
O1 HOSTS File: ([2009/06/10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitBHO64.dll (TechSmith Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (SnagIt Toolbar Loader) - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitBHO.dll (TechSmith Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O3:64bit: - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\DLLx64\SnagitIEAddin64.dll (TechSmith Corporation)
O3 - HKLM\..\Toolbar: (Snagit) - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\Snagit 10\SnagitIEAddin.dll (TechSmith Corporation)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LENOVO.TPFNF6R] C:\Programme\Lenovo\HOTKEY\tpfnf6r.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [TPHOTKEY] C:\Programme\Lenovo\HOTKEY\TPOSDSVC.exe (Lenovo Group Limited)
O4:64bit: - HKLM..\Run: [TpShocks] C:\Windows\SysNative\TpShocks.exe (Lenovo.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [PWMTRV] C:\Program Files (x86)\ThinkPad\Utilities\PWMTR64V.DLL (Lenovo Group Limited)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [UnlockerAssistant] C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe ()
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Tommii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tommii\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowCpl = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0BC40725-8CE4-4114-8AB2-276656980B2A}: NameServer = 134.76.10.46,134.76.33.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3432677A-A678-4F53-9EB3-4E4075328A6D}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B898D1B6-4D56-42B6-ABBE-B569D5062C75}: NameServer = 134.76.10.46,134.76.33.21
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\ATFUS: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\psfus: DllName - (C:\Windows\system32\psqlpwd.dll) - C:\Windows\SysNative\psqlpwd.dll (UPEK Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008/07/22 08:01:15 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
========== Files/Folders - Created Within 30 Days ==========
[2012/03/22 15:25:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/03/22 15:25:28 | 002,322,184 | ---- | C] (ESET) -- C:\Users\Tommii\Desktop\esetsmartinstaller_enu.exe
[2012/03/22 11:14:09 | 000,000,000 | ---D | C] -- C:\Users\Tommii\AppData\Roaming\SUPERAntiSpyware.com
[2012/03/22 11:13:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
[2012/03/22 11:13:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
[2012/03/22 11:13:03 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2012/03/22 11:12:18 | 015,495,768 | ---- | C] (SUPERAntiSpyware.com) -- C:\Users\Tommii\Desktop\SUPERAntiSpyware.exe
[2012/03/22 10:59:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/03/22 10:59:34 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/22 10:59:34 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/22 10:59:34 | 000,149,280 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/22 10:54:47 | 000,525,544 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/03/22 10:54:47 | 000,191,264 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/03/22 10:54:47 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/03/22 10:54:47 | 000,172,320 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/03/22 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/03/22 10:53:10 | 017,205,024 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Tommii\Desktop\jre-6u31-windows-i586-s.exe
[2012/03/22 10:52:54 | 017,255,712 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Tommii\Desktop\jre-6u31-windows-x64.exe
[2012/03/22 10:50:56 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/03/22 10:38:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/03/22 09:25:42 | 003,628,016 | ---- | C] (Piriform Ltd) -- C:\Users\Tommii\Desktop\ccsetup316.exe
[2012/03/22 09:23:40 | 000,594,432 | ---- | C] (OldTimer Tools) -- C:\Users\Tommii\Desktop\OTL.exe
[2012/03/20 21:16:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/03/20 21:16:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2012/03/15 15:42:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Unlocker
[2012/03/15 00:37:43 | 005,559,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012/03/15 00:37:42 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012/03/15 00:37:41 | 003,913,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012/03/14 09:59:51 | 001,544,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2012/03/14 09:59:25 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012/03/14 09:59:25 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012/03/14 09:59:25 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012/03/14 09:59:23 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2012/03/14 09:59:22 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2012/03/12 21:04:53 | 000,000,000 | ---D | C] -- C:\Users\Tommii\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012/03/12 15:28:05 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
[2012/03/12 15:05:38 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
[2012/03/12 14:59:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
[2012/03/12 14:59:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
[2012/03/12 14:44:26 | 000,000,000 | ---D | C] -- C:\Users\Tommii\Desktop\Adobe Flash Professional CS5.5
[2012/03/12 14:39:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012/03/02 11:51:20 | 000,000,000 | R--D | C] -- C:\Users\Tommii\Desktop\Materialien Attacademien
[2012/03/01 13:48:39 | 000,000,000 | ---D | C] -- C:\Users\Tommii\Desktop\Captain America
[2012/03/01 12:10:00 | 000,000,000 | ---D | C] -- C:\Users\Tommii\Desktop\Harry Potter and Deathly Hallows - Part2
[2012/03/01 11:54:38 | 000,000,000 | ---D | C] -- C:\Users\Tommii\Desktop\Harry Potter and Deathly Hallows - Part1
[2012/02/27 21:20:46 | 000,000,000 | ---D | C] -- C:\Users\Tommii\Desktop\C
========== Files - Modified Within 30 Days ==========
[2012/03/22 15:25:30 | 002,322,184 | ---- | M] (ESET) -- C:\Users\Tommii\Desktop\esetsmartinstaller_enu.exe
[2012/03/22 15:16:09 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/03/22 15:16:09 | 000,013,760 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/03/22 15:14:55 | 005,215,814 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/03/22 15:14:55 | 005,167,004 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/03/22 15:14:55 | 002,266,060 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/03/22 15:14:55 | 002,241,132 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/03/22 15:14:55 | 000,005,194 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/03/22 15:07:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/03/22 15:07:16 | 3139,461,120 | -HS- | M] () -- C:\hiberfil.sys
[2012/03/22 11:13:12 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/03/22 11:12:30 | 015,495,768 | ---- | M] (SUPERAntiSpyware.com) -- C:\Users\Tommii\Desktop\SUPERAntiSpyware.exe
[2012/03/22 11:06:44 | 000,066,822 | ---- | M] () -- C:\Users\Tommii\Desktop\cc_20120322_110631.reg
[2012/03/22 10:59:18 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2012/03/22 10:59:18 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2012/03/22 10:59:18 | 000,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2012/03/22 10:59:17 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2012/03/22 10:54:30 | 000,525,544 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\deployJava1.dll
[2012/03/22 10:54:30 | 000,191,264 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaws.exe
[2012/03/22 10:54:30 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\javaw.exe
[2012/03/22 10:54:30 | 000,172,320 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysNative\java.exe
[2012/03/22 10:53:16 | 017,205,024 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Tommii\Desktop\jre-6u31-windows-i586-s.exe
[2012/03/22 10:53:00 | 017,255,712 | ---- | M] (Sun Microsystems, Inc.) -- C:\Users\Tommii\Desktop\jre-6u31-windows-x64.exe
[2012/03/22 10:51:30 | 000,001,981 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/03/22 09:27:04 | 000,000,829 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/03/22 09:25:54 | 003,628,016 | ---- | M] (Piriform Ltd) -- C:\Users\Tommii\Desktop\ccsetup316.exe
[2012/03/22 09:23:45 | 000,594,432 | ---- | M] (OldTimer Tools) -- C:\Users\Tommii\Desktop\OTL.exe
[2012/03/21 10:34:15 | 000,464,252 | ---- | M] () -- C:\Users\Tommii\Desktop\Finicelli et al - 2009a - Trade Revealed TFP.pdf
[2012/03/21 10:28:02 | 000,288,075 | ---- | M] () -- C:\Users\Tommii\Desktop\Finicelli et al - 2009 - Trade Revealed TFP.pdf
[2012/03/20 22:40:33 | 000,136,045 | ---- | M] () -- C:\Users\Tommii\Desktop\ciudad_track.png
[2012/03/19 15:52:46 | 000,002,036 | ---- | M] () -- C:\Users\Tommii\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012/03/19 15:52:46 | 000,001,965 | ---- | M] () -- C:\Users\Tommii\Desktop\Avira DE-Cleaner.lnk
[2012/03/19 15:48:05 | 000,883,840 | ---- | M] () -- C:\Users\Tommii\Desktop\Avira-DE-Cleaner.exe
[2012/03/18 13:46:43 | 000,050,477 | ---- | M] () -- C:\Users\Tommii\Desktop\Defogger.exe
[2012/03/17 18:22:27 | 000,303,030 | ---- | M] () -- C:\Users\Tommii\Desktop\Rodrik et al - 2005 - Growth Diagnostics.pdf
[2012/03/16 08:58:16 | 000,291,800 | ---- | M] () -- C:\Users\Tommii\Desktop\Finicelli et al - 2007 - Trade Revealed TFP.pdf
[2012/03/16 08:46:52 | 000,306,811 | ---- | M] () -- C:\Users\Tommii\Desktop\Eaton and Kortum - 2002 - Technology, Geography and Trade.pdf
[2012/03/15 16:27:15 | 000,001,080 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/15 09:52:31 | 000,448,912 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/03/12 23:16:32 | 000,007,613 | ---- | M] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.fla
[2012/03/12 23:09:52 | 000,006,582 | ---- | M] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator_Szene 1.swf
[2012/03/12 23:07:06 | 000,006,583 | ---- | M] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.swf
[2012/03/12 23:07:06 | 000,002,140 | ---- | M] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.html
[2012/03/12 21:51:10 | 004,212,230 | ---- | M] () -- C:\Users\Tommii\Desktop\Action Script 2.0 Anleitung.pdf
[2012/03/12 21:35:16 | 000,000,152 | ---- | M] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.swd
[2012/03/12 15:08:25 | 000,001,148 | ---- | M] () -- C:\Users\Tommii\Desktop\Adobe Flash Professional CS5.5.lnk
[2012/03/09 18:45:40 | 041,836,042 | ---- | M] () -- C:\Users\Tommii\Documents\Recording.mp3
[2012/02/29 11:06:08 | 000,003,584 | ---- | M] () -- C:\Users\Tommii\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/28 09:28:06 | 000,001,173 | ---- | M] () -- C:\Users\Tommii\Desktop\Indonesisch-MP3s - Verknüpfung.lnk
[2012/02/27 21:24:42 | 000,672,256 | ---- | M] () -- C:\Lame_enc.dll
[2012/02/27 21:20:46 | 000,000,580 | ---- | M] () -- C:\Users\Tommii\Desktop\mp3DirectCut.lnk
[2012/02/25 01:22:31 | 217,777,963 | ---- | M] () -- C:\Users\Tommii\Desktop\Die Biosprit-Lüge - Doku komplett.mp4
[2012/02/23 23:48:39 | 000,000,969 | ---- | M] () -- C:\Users\Tommii\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
========== Files Created - No Company Name ==========
[2012/03/22 11:13:12 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
[2012/03/22 11:06:40 | 000,066,822 | ---- | C] () -- C:\Users\Tommii\Desktop\cc_20120322_110631.reg
[2012/03/22 10:51:30 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2012/03/22 10:51:30 | 000,001,981 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2012/03/22 09:27:04 | 000,000,829 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/03/21 10:34:15 | 000,464,252 | ---- | C] () -- C:\Users\Tommii\Desktop\Finicelli et al - 2009a - Trade Revealed TFP.pdf
[2012/03/21 10:28:02 | 000,288,075 | ---- | C] () -- C:\Users\Tommii\Desktop\Finicelli et al - 2009 - Trade Revealed TFP.pdf
[2012/03/20 22:40:33 | 000,136,045 | ---- | C] () -- C:\Users\Tommii\Desktop\ciudad_track.png
[2012/03/19 15:52:46 | 000,002,036 | ---- | C] () -- C:\Users\Tommii\Desktop\Entfernen des Avira DE-Cleaners.lnk
[2012/03/19 15:52:46 | 000,001,965 | ---- | C] () -- C:\Users\Tommii\Desktop\Avira DE-Cleaner.lnk
[2012/03/19 15:48:01 | 000,883,840 | ---- | C] () -- C:\Users\Tommii\Desktop\Avira-DE-Cleaner.exe
[2012/03/18 13:46:41 | 000,050,477 | ---- | C] () -- C:\Users\Tommii\Desktop\Defogger.exe
[2012/03/17 18:22:27 | 000,303,030 | ---- | C] () -- C:\Users\Tommii\Desktop\Rodrik et al - 2005 - Growth Diagnostics.pdf
[2012/03/16 08:58:14 | 000,291,800 | ---- | C] () -- C:\Users\Tommii\Desktop\Finicelli et al - 2007 - Trade Revealed TFP.pdf
[2012/03/16 08:46:52 | 000,306,811 | ---- | C] () -- C:\Users\Tommii\Desktop\Eaton and Kortum - 2002 - Technology, Geography and Trade.pdf
[2012/03/15 16:27:15 | 000,001,080 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/03/12 23:07:06 | 000,002,140 | ---- | C] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.html
[2012/03/12 21:51:10 | 004,212,230 | ---- | C] () -- C:\Users\Tommii\Desktop\Action Script 2.0 Anleitung.pdf
[2012/03/12 21:47:25 | 000,006,582 | ---- | C] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator_Szene 1.swf
[2012/03/12 21:17:50 | 000,000,152 | ---- | C] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.swd
[2012/03/12 20:53:41 | 000,006,583 | ---- | C] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.swf
[2012/03/12 15:46:27 | 000,007,613 | ---- | C] () -- C:\Users\Tommii\Desktop\Stata-Code-Generator.fla
[2012/03/12 15:41:28 | 000,001,148 | ---- | C] () -- C:\Users\Tommii\Desktop\Adobe Flash Professional CS5.5.lnk
[2012/03/12 14:57:57 | 000,000,964 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
[2012/02/29 11:06:02 | 000,003,584 | ---- | C] () -- C:\Users\Tommii\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/28 09:28:06 | 000,001,173 | ---- | C] () -- C:\Users\Tommii\Desktop\Indonesisch-MP3s - Verknüpfung.lnk
[2012/02/27 21:29:13 | 041,836,042 | ---- | C] () -- C:\Users\Tommii\Documents\Recording.mp3
[2012/02/27 21:20:46 | 000,000,580 | ---- | C] () -- C:\Users\Tommii\Desktop\mp3DirectCut.lnk
[2012/02/25 01:20:39 | 217,777,963 | ---- | C] () -- C:\Users\Tommii\Desktop\Die Biosprit-Lüge - Doku komplett.mp4
[2011/10/25 16:20:59 | 000,004,096 | -H-- | C] () -- C:\Users\Tommii\AppData\Local\keyfile3.drm
[2010/12/30 23:52:24 | 000,088,576 | R--- | C] () -- C:\Windows\rauninst.exe
[2010/08/25 19:52:00 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2010/08/25 19:52:00 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2010/06/21 14:28:07 | 000,000,032 | ---- | C] () -- C:\Windows\azeugnis.INI
[2010/06/02 21:13:04 | 000,085,504 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2010/05/21 09:35:27 | 000,001,025 | ---- | C] () -- C:\Windows\SysWow64\sysprs7.dll
[2010/05/21 09:35:27 | 000,000,205 | ---- | C] () -- C:\Windows\SysWow64\lsprst7.dll
========== LOP Check ==========
[2011/05/17 08:28:15 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Audacity
[2010/07/28 07:54:35 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\BitComet
[2009/11/05 09:46:39 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\CachedFiles
[2012/03/12 21:04:53 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/06/01 06:49:16 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2010/02/14 20:40:55 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\DeepBurner
[2012/03/22 15:15:36 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Dropbox
[2010/06/01 14:58:50 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\EndNote
[2011/10/02 01:42:16 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\FileZilla
[2010/09/07 16:58:34 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Geuh
[2010/08/21 12:10:36 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\GrabPro
[2009/11/11 13:02:07 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\gretl
[2009/11/08 16:35:41 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\gtk-2.0
[2010/08/27 23:18:42 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Kyfere
[2011/07/27 08:58:17 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Nokia
[2009/11/05 00:27:55 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\OpenOffice.org
[2011/07/04 19:53:27 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Opera
[2010/10/13 23:06:34 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Orbit
[2011/04/20 22:53:52 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\PC Suite
[2010/08/21 12:12:31 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\ProgSense
[2010/05/26 11:22:45 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Stata10
[2010/09/01 19:33:29 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Thunderbird
[2010/12/06 11:25:57 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Trusteer
[2010/05/28 14:05:11 | 000,000,000 | ---D | M] -- C:\Users\Tommii\AppData\Roaming\Update
[2012/01/31 16:00:00 | 000,000,528 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012/02/13 20:41:38 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- --- |