| ironivan | 19.11.2012 12:45 |
OTL Scan. Code:
OTL logfile created on: 19.11.2012 12:36:15 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ivan\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,99 Gb Total Physical Memory | 2,66 Gb Available Physical Memory | 66,64% Memory free
7,98 Gb Paging File | 6,11 Gb Available in Paging File | 76,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 365,76 Gb Total Space | 66,60 Gb Free Space | 18,21% Space Free | Partition Type: NTFS
Drive D: | 99,90 Gb Total Space | 99,53 Gb Free Space | 99,63% Space Free | Partition Type: NTFS
Drive E: | 7,02 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Computer Name: IVAN-PC | User Name: Ivan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Ivan\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe (DT Soft Ltd)
PRC - C:\ProgramData\DataCardService\DCSHelper.exe (Huawei Technologies Co., Ltd.)
PRC - C:\ProgramData\DataCardService\DCService.exe ()
PRC - C:\Programme\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)
PRC - C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe ()
========== Modules (No Company Name) ==========
MOD - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\ASUS\TurboV EVO\pngio.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (ATKFUSService) -- C:\Windows\SysNative\ATKFUSService.exe (ASUSTeK COMPUTER INC.)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (WireHelpSvc) -- C:\Programme\Common Files\WireHelpSvc.exe ()
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (DCService.exe) -- C:\ProgramData\DataCardService\DCService.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (TeamViewer5) -- C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (LVPrcS64) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (NMSAccess) -- C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe ()
========== Driver Services (SafeList) ==========
DRV:64bit: - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ESLWireAC) -- C:\Windows\SysNative\drivers\ESLWireACD.sys (<Turtle Entertainment>)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (ESLvnic1) -- C:\Windows\SysNative\drivers\ESLvnic.sys (Turtle Entertainment GmbH)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (tcpipBM) -- C:\Windows\SysNative\drivers\tcpipBM.sys (Bytemobile, Inc.)
DRV:64bit: - (BMLoad) -- C:\Windows\SysNative\drivers\BMLoad.sys (Bytemobile, Inc.)
DRV:64bit: - (EIO64) -- C:\Windows\SysNative\drivers\EIO64.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys ()
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (JRAID) -- C:\Windows\SysNative\drivers\jraid.sys (JMicron Technology Corp.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (PID_PEPI) -- C:\Windows\SysNative\drivers\LV302V64.SYS (Logitech Inc.)
DRV:64bit: - (lvpepf64) -- C:\Windows\SysNative\drivers\lv302a64.sys (Logitech Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (atkdisplf) -- C:\Windows\SysNative\drivers\ATKDispLowFilter.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (asusgsb) -- C:\Windows\SysNative\drivers\asusgsb.sys (ASUSTeK Computer Inc.)
DRV:64bit: - (skfiltv) -- C:\Windows\SysNative\drivers\skfiltv.sys (Creative Technology Ltd.)
DRV:64bit: - (LVUSBS64) -- C:\Windows\SysNative\drivers\LVUSBS64.sys (Logitech Inc.)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (s0016mdm) -- C:\Windows\SysNative\drivers\s0016mdm.sys (MCCI Corporation)
DRV:64bit: - (s0016unic) -- C:\Windows\SysNative\drivers\s0016unic.sys (MCCI Corporation)
DRV:64bit: - (s0016mgmt) -- C:\Windows\SysNative\drivers\s0016mgmt.sys (MCCI Corporation)
DRV:64bit: - (s0016obex) -- C:\Windows\SysNative\drivers\s0016obex.sys (MCCI Corporation)
DRV:64bit: - (s0016nd5) -- C:\Windows\SysNative\drivers\s0016nd5.sys (MCCI Corporation)
DRV:64bit: - (s0016mdfl) -- C:\Windows\SysNative\drivers\s0016mdfl.sys (MCCI Corporation)
DRV:64bit: - (s0016bus) -- C:\Windows\SysNative\drivers\s0016bus.sys (MCCI Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 12 93 A3 15 0F 7D CA 01 [binary data]
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{D91F16FC-5A9F-4068-830D-AAAB9A5FC74A}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.119
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.80
FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:2.0.0.8
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: vshare@toolbar:1.0.0
FF - prefs.js..extensions.enabledItems: firefox@tvunetworks.com:2
FF - prefs.js..extensions.enabledItems: 5
FF - prefs.js..extensions.enabledItems: 3
FF - prefs.js..extensions.enabledItems: 1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {2458abc0-f443-11dd-87af-0800200c9a66}:3.6.3.1.03.04.10
FF - prefs.js..network.proxy.type: 2
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Windows\system32\TVUAx\npTVUAx.dll (TVU networks)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Ivan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ivan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.01.08 22:04:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.02.28 19:08:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.02.28 19:47:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.10.27 21:22:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.11.19 12:26:27 | 000,000,000 | ---D | M]
[2012.06.18 14:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\Extensions
[2012.06.18 14:27:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\Extensions\celtx@celtx.com
[2012.11.19 12:26:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions
[2012.10.24 19:01:48 | 000,000,000 | ---D | M] (Bloody Red) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{2458abc0-f443-11dd-87af-0800200c9a66}
[2010.10.23 21:05:03 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.28 22:45:57 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2010.09.25 15:31:34 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Ivan\AppData\Roaming\mozilla\Firefox\Profiles\7gu0l9j6.default\extensions\firefox@tvunetworks.com
[2012.07.24 22:22:50 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.11.17 13:35:23 | 000,001,018 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\facebook.xml
[2011.03.06 00:00:58 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-11.xml
[2011.03.25 18:59:01 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-12.xml
[2011.04.30 09:54:59 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-13.xml
[2011.05.08 10:18:54 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-14.xml
[2011.08.17 21:37:46 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-15.xml
[2011.09.01 17:59:23 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-16.xml
[2011.09.07 18:49:50 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-17.xml
[2011.10.03 14:01:03 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-18.xml
[2011.11.12 17:32:51 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-19.xml
[2012.01.02 00:58:28 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-20.xml
[2012.01.02 19:45:50 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-21.xml
[2012.02.04 16:04:09 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-22.xml
[2012.02.11 13:16:02 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-23.xml
[2012.02.18 14:28:47 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-24.xml
[2012.03.18 20:12:35 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-25.xml
[2012.05.08 11:34:27 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-26.xml
[2012.05.15 12:05:39 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-27.xml
[2012.06.08 00:19:24 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-28.xml
[2012.06.23 01:08:38 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-29.xml
[2012.07.24 09:42:08 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-30.xml
[2012.09.06 17:57:10 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-31.xml
[2012.09.13 18:01:42 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-32.xml
[2012.10.20 15:55:24 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-33.xml
[2012.11.02 21:35:29 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-34.xml
[2010.07.22 20:10:45 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-4.xml
[2010.07.25 23:03:55 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-5.xml
[2010.09.09 18:25:24 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-6.xml
[2010.09.18 15:23:56 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-7.xml
[2010.11.01 19:31:40 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-8.xml
[2010.12.10 23:03:14 | 000,000,950 | ---- | M] () -- C:\Users\Ivan\AppData\Roaming\mozilla\firefox\profiles\7gu0l9j6.default\searchplugins\icqplugin-9.xml
[2012.10.27 21:22:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.10.27 21:22:46 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.10.27 21:22:49 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.03 14:00:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.08.31 13:14:44 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2011.10.03 14:00:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.10.03 14:00:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.10.03 14:00:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.10.03 14:00:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.google.com/
CHR - Extension: YouTube = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Ivan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2012.11.17 13:49:04 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [DataCardMonitor] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe (Huawei Technologies Co., Ltd.)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe ()
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TurboV EVO] C:\Program Files\ASUS\TurboV EVO\TurboV_EVO.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C0EF3F65-A6F4-4F80-86D0-5715679DEF3A}: NameServer = 62.109.123.7 213.191.92.86
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF9E8A65-256F-4C88-B06C-8F742E573380}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\linkscanner - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.08.20 20:05:12 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2012.11.14 21:59:02 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {09A1999C-2DEF-BCAC-1587-B387D7C3E1B9} - Themes Setup
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2ED76DA4-D45F-628D-E1E9-DD375F9D3E68} - Microsoft Windows Media Player
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {434F9E2F-AEE0-19F2-BDB4-A1587C4BDC79} - Microsoft Windows Media Player
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4D1DEE9B-2834-A3B8-7DD9-449F9264F6D7} - Browser Customizations
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {84CC6552-D980-9118-9BC4-2164870C47F5} - Internet Explorer
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {9857312C-F548-BF9D-DEA7-E4AD207C95D1} - Browser Customizations
ActiveX:64bit: {B1CFEF0B-1DAA-D70B-A658-A5D10231F60F} - Browser Customizations
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {D635E2B7-C487-6D6D-9492-FE891A343E14} - Browser Customizations
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 8.0
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 8.0
ActiveX: {2AE69D6F-1046-8E05-467C-1BAA5FCDFC9A} - Microsoft Windows Media Player
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
MsConfig:64bit - StartUpReg: Acrobat Assistant 8.0 - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
MsConfig:64bit - StartUpReg: Adobe Acrobat Speed Launcher - hkey= - key= - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AdobeCS4ServiceManager - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: avgnt - hkey= - key= - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
MsConfig:64bit - StartUpReg: DAEMON Tools Pro Agent - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: ESL Wire - hkey= - key= - C:\Program Files\EslWire\wire.exe (Turtle Entertainment GmbH)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Logitech Vid - hkey= - key= - C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - File not found
MsConfig:64bit - StartUpReg: msnmsgr - hkey= - key= - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: VirtualCloneDrive - hkey= - key= - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Elaborate Bytes AG)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
CREATERESTOREPOINT
System Restore Service not available.
========== Files/Folders - Created Within 30 Days ==========
[2012.11.18 22:31:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.11.17 14:58:01 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2012.11.17 14:07:51 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{C3737D0F-6004-4474-A9EC-50B6BB2DE5B3}
[2012.11.17 13:56:24 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012.11.17 13:50:58 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012.11.17 13:38:51 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012.11.17 13:38:51 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012.11.17 13:38:51 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012.11.17 13:27:32 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012.11.17 13:27:16 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2012.11.16 14:21:30 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Roaming\Malwarebytes
[2012.11.16 14:21:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.16 14:21:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.16 14:21:04 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.11.16 14:21:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.11.14 22:54:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012.11.14 22:54:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012.11.14 22:54:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012.11.14 21:58:42 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2012.11.13 13:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012.11.13 13:12:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
[2012.11.08 19:02:45 | 000,000,000 | ---D | C] -- C:\Users\Ivan\Documents\FUSSBALL MANAGER 13
[2012.11.08 18:59:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FUSSBALL MANAGER 13
[2012.11.08 18:59:53 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2012.11.08 18:41:03 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Roaming\Origin
[2012.11.08 18:41:02 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\Origin
[2012.11.08 18:40:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
[2012.11.08 18:39:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2012.11.06 18:07:41 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{CE3BA3F5-3369-4AE0-91D9-24AAA94B3F44}
[2012.10.31 16:18:23 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.10.31 16:17:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2012.10.31 16:17:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2012.10.31 16:17:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2012.10.31 16:16:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.10.27 21:22:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.10.26 17:05:23 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{3AB3823C-6B2F-4BF2-A17D-7772F2886978}
[2012.10.24 18:32:39 | 000,000,000 | ---D | C] -- C:\Users\Ivan\Desktop\ae_übungen
[2012.10.23 20:16:41 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{ADBB0833-8825-4568-A569-CA2430667EA5}
[2012.10.22 18:21:10 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{74D47D37-FFD2-45CA-AE3B-D62633322D2C}
[2012.10.21 12:41:06 | 000,000,000 | ---D | C] -- C:\Users\Ivan\AppData\Local\{995AE492-90C0-4E43-871E-5FA22E66B104}
[2011.06.26 12:04:25 | 077,683,512 | ---- | C] (K2 Network, Inc.) -- C:\Users\Ivan\APB_Reloaded_Installer.exe
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.11.19 12:36:05 | 000,015,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.19 12:36:05 | 000,015,968 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.19 12:27:52 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.11.19 12:27:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.19 12:27:38 | 3214,188,544 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.19 12:13:09 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.17 14:47:56 | 000,000,512 | ---- | M] () -- C:\Users\Ivan\Desktop\MBR.dat
[2012.11.17 13:49:04 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012.11.16 15:01:26 | 143,747,176 | ---- | M] () -- C:\setup_11.0.0.1245.x01_2012_11_16_15_34.exe
[2012.11.16 14:31:07 | 000,000,143 | ---- | M] () -- C:\Windows\wininit.ini
[2012.11.16 14:21:09 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.15 20:20:30 | 004,880,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.15 00:52:04 | 001,550,348 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.15 00:52:04 | 000,665,070 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.15 00:52:04 | 000,625,252 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.15 00:52:04 | 000,134,980 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.15 00:52:04 | 000,110,632 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.14 22:54:31 | 000,001,218 | ---- | M] () -- C:\Users\Ivan\Desktop\Spybot - Search & Destroy.lnk
[2012.11.14 21:59:02 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2012.11.08 18:59:58 | 000,001,201 | ---- | M] () -- C:\Users\Public\Desktop\FUSSBALL MANAGER 13.lnk
[2012.10.30 16:25:05 | 000,000,425 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2012.10.30 16:25:05 | 000,000,027 | ---- | M] () -- C:\Windows\BRPP2KA.INI
[2012.10.22 19:30:09 | 000,002,060 | ---- | M] () -- C:\Users\Public\Desktop\BattleForge™.lnk
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.11.17 14:47:56 | 000,000,512 | ---- | C] () -- C:\Users\Ivan\Desktop\MBR.dat
[2012.11.17 13:38:51 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.11.17 13:38:51 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.11.17 13:38:51 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.11.17 13:38:51 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.11.17 13:38:51 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.11.16 14:59:42 | 143,747,176 | ---- | C] () -- C:\setup_11.0.0.1245.x01_2012_11_16_15_34.exe
[2012.11.16 14:21:09 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.15 00:51:12 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.15 00:47:32 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.14 23:57:10 | 000,000,143 | ---- | C] () -- C:\Windows\wininit.ini
[2012.11.14 23:04:03 | 000,000,779 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroGrand Casino.lnk
[2012.11.14 22:54:31 | 000,001,218 | ---- | C] () -- C:\Users\Ivan\Desktop\Spybot - Search & Destroy.lnk
[2012.11.14 21:59:02 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2012.11.08 18:59:58 | 000,001,201 | ---- | C] () -- C:\Users\Public\Desktop\FUSSBALL MANAGER 13.lnk
[2012.10.30 16:25:05 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.10.22 19:30:09 | 000,002,060 | ---- | C] () -- C:\Users\Public\Desktop\BattleForge™.lnk
[2012.07.28 02:39:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.07.28 02:39:50 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.07.17 15:12:45 | 000,003,584 | ---- | C] () -- C:\Users\Ivan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.07.16 13:49:17 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.07.09 14:51:27 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.21 11:39:22 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2012.01.05 13:55:25 | 008,676,883 | ---- | C] () -- C:\Windows\SysWow64\mp3Media2.dll
[2011.09.12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2011.08.28 16:34:17 | 000,000,092 | ---- | C] () -- C:\Users\Ivan\AppData\Local\fusioncache.dat
[2011.08.17 21:37:36 | 000,017,408 | ---- | C] () -- C:\Users\Ivan\AppData\Local\WebpageIcons.db
[2011.07.05 18:00:11 | 000,168,864 | ---- | C] () -- C:\Program Files\Common Files\WireHelpSvc.exe
[2011.06.26 15:48:16 | 000,281,656 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.26 15:48:11 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.06.26 12:04:25 | 3805,508,496 | ---- | C] () -- C:\Users\Ivan\Client1.5.0.562750.7z
[2011.06.23 17:45:44 | 000,007,605 | ---- | C] () -- C:\Users\Ivan\AppData\Local\resmon.resmoncfg
[2011.02.15 19:06:41 | 000,000,094 | ---- | C] () -- C:\Windows\wiso.ini
[2011.01.19 09:40:55 | 000,050,688 | ---- | C] () -- C:\Windows\SysWow64\dtsoftbusinst64.exe
[2010.12.25 17:32:10 | 000,025,357 | ---- | C] () -- C:\Windows\War3Unin.dat
[2010.08.01 18:07:56 | 000,004,081 | ---- | C] () -- C:\Users\Ivan\.recently-used.xbel
[2010.04.17 13:58:56 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.bk!
[2010.04.17 13:58:04 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.bko
[2010.04.17 12:24:55 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.bak
[2010.04.17 12:24:49 | 000,012,412 | ---- | C] () -- C:\Users\Ivan\AppData\Roaming\PStrip.ini
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2012.11.15 23:21:46 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\.minecraft
[2012.08.20 22:27:14 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Autodesk
[2011.02.15 20:43:25 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Buhl Data Service
[2012.08.11 14:12:47 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\BWIN
[2012.03.01 19:46:39 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2010.01.19 22:58:36 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\com.adobe.ExMan
[2012.03.01 19:11:56 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2010.11.24 19:12:45 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\DAEMON Tools Pro
[2010.10.23 21:05:03 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.06.18 14:27:31 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Greyfirst
[2010.08.01 18:07:56 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\gtk-2.0
[2011.04.17 19:41:12 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\HLSW
[2011.06.05 19:41:45 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Leadertech
[2011.06.02 13:03:25 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\LolClient
[2012.05.24 18:33:50 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\LolClient2
[2010.02.16 19:16:06 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\MAGIX
[2012.11.18 17:16:36 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Mumble
[2010.08.07 12:52:58 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\MyPhoneExplorer
[2010.01.08 12:59:19 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\OpenOffice.org
[2012.11.12 12:49:17 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Origin
[2012.07.09 14:51:26 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\PACE Anti-Piracy
[2012.11.14 20:43:53 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\QuickScan
[2012.11.12 15:34:38 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\SoftGrid Client
[2012.07.09 14:53:45 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.12.02 19:09:03 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Systweak
[2009.12.15 01:10:50 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TeamViewer
[2012.10.06 00:15:02 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Telekom
[2012.10.06 13:21:17 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Telekom Internet Manager
[2010.08.07 12:46:29 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TP
[2012.11.05 01:26:18 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TS3Client
[2012.09.03 13:14:29 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\TuneUp Software
[2010.12.10 22:45:16 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Roaming\Windows Live Writer
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2012.11.17 13:50:58 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.06.25 23:24:34 | 000,000,000 | ---D | M] -- C:\6310ec2c-c611-479f-b4ea-2223b88aa609
[2012.02.28 17:38:41 | 000,000,000 | ---D | M] -- C:\adobe master
[2012.09.17 15:26:08 | 000,000,000 | ---D | M] -- C:\AMD
[2009.12.15 02:31:25 | 000,000,000 | ---D | M] -- C:\ATI
[2012.08.20 20:05:12 | 000,000,000 | ---D | M] -- C:\Autodesk
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.12.14 23:32:12 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.10.19 19:46:25 | 000,000,000 | ---D | M] -- C:\FIFA_Manager_12-Razor1911
[2009.12.15 01:39:19 | 000,000,000 | ---D | M] -- C:\Intel
[2010.09.13 19:47:11 | 000,000,000 | ---D | M] -- C:\moviez
[2012.01.05 13:56:09 | 000,000,000 | ---D | M] -- C:\Mp3 Output
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.11.14 21:58:42 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.19 12:26:26 | 000,000,000 | ---D | M] -- C:\Program Files (x86)
[2012.11.16 14:21:08 | 000,000,000 | ---D | M] -- C:\ProgramData
[2009.12.14 23:32:12 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.08.04 14:08:53 | 000,000,000 | ---D | M] -- C:\Programs
[2012.11.17 13:56:24 | 000,000,000 | ---D | M] -- C:\Qoobox
[2009.12.14 23:32:13 | 000,000,000 | ---D | M] -- C:\Recovery
[2011.08.17 13:20:11 | 000,000,000 | ---D | M] -- C:\Riot Games
[2012.09.14 16:08:15 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.11.17 14:58:01 | 000,000,000 | ---D | M] -- C:\TDSSKiller_Quarantine
[2009.12.14 23:32:19 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.19 12:28:38 | 000,000,000 | ---D | M] -- C:\Windows
[2012.09.27 18:52:23 | 000,000,000 | ---D | M] -- C:\World of Warcraft
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %windir%\installer\*. /5 >
[2012.11.18 22:31:02 | 000,000,000 | ---D | M] -- C:\Windows\installer\{26A24AE4-039D-4CA4-87B4-2F83217009FF}
< %localappdata%\*. /5 >
[2012.11.19 12:35:54 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Local\Temp
[2012.11.17 14:08:01 | 000,000,000 | ---D | M] -- C:\Users\Ivan\AppData\Local\{C3737D0F-6004-4474-A9EC-50B6BB2DE5B3}
< >
[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009.07.14 06:08:49 | 000,032,632 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.04.07 20:09:39 | 000,001,102 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012.04.07 20:09:40 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012.09.17 15:57:31 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
========== Alternate Data Streams ==========
@Alternate Data Stream - 1199 bytes -> C:\ProgramData\Microsoft:MH94D8cnzuss93HglYc
@Alternate Data Stream - 1173 bytes -> C:\ProgramData\Microsoft:mV4apxHA8kFvEAe4SpsZMv
< End of report >
|
