| Roberto1 | 26.02.2013 16:26 |
Habe laut http://www.trojaner-board.de/85104-o...-oldtimer.html den log gemacht. Hier ist er Code:
OTL logfile created on: 26.02.2013 15:39:48 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Juve1\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,92 Gb Total Physical Memory | 2,12 Gb Available Physical Memory | 54,15% Memory free
7,84 Gb Paging File | 5,66 Gb Available in Paging File | 72,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 459,55 Gb Total Space | 357,92 Gb Free Space | 77,88% Space Free | Partition Type: NTFS
Computer Name: JUVE1-VAIO | User Name: Juve1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Juve1\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_168.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
PRC - C:\Programme\Sony\VAIO Care\listener.exe (Sony of America Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe (Panda Security)
PRC - C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Modules (No Company Name) ==========
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
MOD - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL ()
MOD - C:\PROGRA~2\MICROS~4\Office12\ADDINS\UMOUTL~1.DLL ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\PROGRA~2\MICROS~4\Office12\ADDINS\COLLEA~1.DLL ()
========== Services (SafeList) ==========
SRV:64bit: - (SampleCollector) -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Sony Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (VUAgent) -- C:\Programme\Sony\VAIO Update\VUAgent.exe (Sony Corporation)
SRV - (VCService) -- C:\Programme\Sony\VAIO Care\VCService.exe (Sony Corporation)
SRV - (VSNService) -- C:\Programme\Sony\VAIO Smart Network\VSNService.exe (Sony Corporation)
SRV - (VAIO Event Service) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe (Sony Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (VAIO Power Management) -- C:\Programme\Sony\VAIO Power Management\SPMService.exe (Sony Corporation)
SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe (Intel Corporation)
SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (Roxio Upnp Server 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe (Sonic Solutions)
SRV - (Roxio UPnP Renderer 10) -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe (Sonic Solutions)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (EPSON_PM_RPCV4_01) -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE (SEIKO EPSON CORPORATION)
SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo)
========== Driver Services (SafeList) ==========
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (KeyScrambler) -- C:\Windows\SysNative\drivers\keyscrambler.sys (QFX Software Corporation)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (rimspci) -- C:\Windows\SysNative\drivers\rimssne64.sys (REDC)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (ApfiltrService) -- C:\Windows\SysNative\drivers\Apfiltr.sys (Alps Electric Co., Ltd.)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (risdsnpe) -- C:\Windows\SysNative\drivers\risdsne64.sys (REDC)
DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:64bit: - (SFEP) -- C:\Windows\SysNative\drivers\SFEP.sys (Sony Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (regi) -- C:\Windows\SysNative\drivers\regi.sys (InterVideo)
DRV - (FsUsbExDisk) -- C:\Windows\SysWOW64\FsUsbExDisk.Sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (regi) -- C:\Windows\SysWOW64\drivers\regi.sys (InterVideo)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{49802374-3D82-4AA2-9084-2831FD53CB1D}: "URL" = hhxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKCU\..\SearchScopes\{DF9553EE-4F9F-47D9-9F35-2426AD424BFC}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKCU\..\SearchScopes\{E89D0315-8952-4E2E-A5AE-722E13B62142}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC
IE - HKCU\..\SearchScopes\{F810C698-9431-429B-AF9A-68C3C449F7F0}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.tuttosport.com/"
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:4.2.1.9
FF - prefs.js..extensions.enabledAddons: keyscrambler%40qfx.software.corporation:2.9.3.0
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4250
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130129
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0
FF - prefs.js..network.proxy.ftp: "93.57.100.228"
FF - prefs.js..network.proxy.ftp_port: 80
FF - prefs.js..network.proxy.http: "93.57.100.228"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "93.57.100.228"
FF - prefs.js..network.proxy.socks_port: 80
FF - prefs.js..network.proxy.ssl: "93.57.100.228"
FF - prefs.js..network.proxy.ssl_port: 80
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_168.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.01.19 00:07:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.01.19 00:07:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.01.19 00:07:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.01.19 00:07:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.01.19 00:07:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.20 10:32:09 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.20 10:32:09 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.01.18 23:57:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juve1\AppData\Roaming\mozilla\Extensions
[2013.02.24 14:51:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juve1\AppData\Roaming\mozilla\Firefox\Profiles\p1d0emrt.default\extensions
[2013.01.30 18:34:40 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Juve1\AppData\Roaming\mozilla\Firefox\Profiles\p1d0emrt.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.02.24 14:51:01 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Juve1\AppData\Roaming\mozilla\Firefox\Profiles\p1d0emrt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013.02.17 23:00:26 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Juve1\AppData\Roaming\mozilla\Firefox\Profiles\p1d0emrt.default\extensions\foxyproxy@eric.h.jung
[2013.01.18 23:59:00 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Juve1\AppData\Roaming\mozilla\Firefox\Profiles\p1d0emrt.default\extensions\ich@maltegoetz.de
[2013.01.19 00:07:44 | 000,000,000 | ---D | M] (KeyScrambler) -- C:\Users\Juve1\AppData\Roaming\mozilla\Firefox\Profiles\p1d0emrt.default\extensions\keyscrambler@qfx.software.corporation
[2013.02.10 08:59:33 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Juve1\AppData\Roaming\mozilla\firefox\profiles\p1d0emrt.default\extensions\stealthyextension@gmail.com.xpi
[2012.12.15 18:19:32 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Juve1\AppData\Roaming\mozilla\firefox\profiles\p1d0emrt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2013.01.24 19:20:44 | 000,002,273 | ---- | M] () -- C:\Users\Juve1\AppData\Roaming\mozilla\firefox\profiles\p1d0emrt.default\searchplugins\englische-ergebnisse.xml
[2013.01.24 19:20:44 | 000,010,563 | ---- | M] () -- C:\Users\Juve1\AppData\Roaming\mozilla\firefox\profiles\p1d0emrt.default\searchplugins\gmx-suche.xml
[2013.01.24 19:20:44 | 000,002,432 | ---- | M] () -- C:\Users\Juve1\AppData\Roaming\mozilla\firefox\profiles\p1d0emrt.default\searchplugins\lastminute.xml
[2013.01.24 19:20:44 | 000,005,545 | ---- | M] () -- C:\Users\Juve1\AppData\Roaming\mozilla\firefox\profiles\p1d0emrt.default\searchplugins\webde-suche.xml
[2013.02.20 10:32:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.19 00:07:16 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM
[2013.02.20 10:32:09 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.17 01:11:04 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.17 01:11:04 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.17 01:11:04 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.17 01:11:04 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.17 01:11:04 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.17 01:11:04 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://www.tuttosport.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.tuttosport.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\plugin/npUrlAdvisor.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\plugin/online_banking_npapi.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\plugin/content_blocker_npapi.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\plugin/npVKPlugin.dll
CHR - plugin: Kaspersky Anti-Virus (Enabled) = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\plugin/npABPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Java Deployment Toolkit 7.0.110.21 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Docs = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Modul zur Link-Untersuchung = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\
CHR - Extension: HTTPS Everywhere = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2013.1.18_0\
CHR - Extension: AdBlock = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.55_0\
CHR - Extension: Sicherer Zahlungsverkehr = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\
CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\
CHR - Extension: Virtuelle Tastatur = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\
CHR - Extension: Ghostery = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij\4.1.0_0\
CHR - Extension: Google Mail = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Anti-Banner = C:\Users\Juve1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (no name) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No CLSID value found.
O2 - BHO: (KeyScramblerBHO Class) - {2B9F5787-88A5-4945-90E7-C4B18563BC5E} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (no name) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Apoint] C:\Programme\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [ChatON Alarm] C:\Program Files (x86)\Samsung\ChatON\ChatON Alarm File not found
O4 - HKCU..\Run: [EPSON Stylus DX9400F Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICFE.EXE /FU "C:\Windows\TEMP\E_S5450.tmp" /EF "HKCU" File not found
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Juve1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\x64\KeyScramblerIE.dll (QFX Software Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra 'Tools' menuitem : &KeyScrambler Options - {5C106A59-CC3C-4caa-81A4-6D909B5ACE23} - C:\Program Files (x86)\KeyScrambler\KeyScramblerIE.dll (QFX Software Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~4\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 1.7.0_11)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_11-windows-i586.cab (Java Plug-in 10.15.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{24865046-379A-4788-8CD7-4FE6D4D7474C}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BB8C9484-BDD0-485F-9085-847F9BF303D0}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.02.26 15:38:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Juve1\Desktop\OTL.exe
[2013.02.25 22:56:39 | 000,000,000 | ---D | C] -- C:\Program Files\HitmanPro
[2013.02.25 22:54:56 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2013.02.25 22:54:37 | 009,511,456 | ---- | C] (SurfRight B.V.) -- C:\Users\Juve1\Desktop\HitmanPro_x64.exe
[2013.02.25 22:45:28 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2013.02.22 00:36:40 | 000,000,000 | ---D | C] -- C:\Users\Juve1\AppData\Roaming\HandBrake
[2013.02.22 00:35:39 | 000,000,000 | ---D | C] -- C:\Users\Juve1\Desktop\dvd
[2013.02.22 00:34:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.02.22 00:34:28 | 000,000,000 | ---D | C] -- C:\Users\Juve1\AppData\Roaming\DVDVideoSoft
[2013.02.22 00:34:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.02.22 00:34:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.02.22 00:17:52 | 034,027,096 | ---- | C] (DVDVideoSoft Ltd. ) -- C:\Users\Juve1\Desktop\FreeDVDVideoConverter.exe
[2013.02.21 23:46:17 | 000,000,000 | ---D | C] -- C:\ProgramData\DVD Shrink
[2013.02.21 23:46:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Shrink deutsch
[2013.02.21 23:46:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVD Shrink DE
[2013.02.21 23:45:28 | 001,258,692 | ---- | C] (DVD Shrink ) -- C:\Users\Juve1\Desktop\dvdshrink.3.2.de._decss-frei_.setup.exe
[2013.02.20 10:32:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.20 10:31:17 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.20 10:31:02 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.20 10:31:02 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.20 10:31:02 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.18 23:44:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.02.18 23:44:49 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.02.18 23:43:49 | 004,189,792 | ---- | C] (Piriform Ltd) -- C:\Users\Juve1\Desktop\ccsetup327.exe
[2013.02.17 17:23:45 | 000,000,000 | ---D | C] -- C:\satangels-updater-e2-oe2_1.4.3-20120728-r0_all
[2013.02.17 11:42:53 | 000,000,000 | ---D | C] -- C:\VU+ Picons
[2013.02.16 21:41:16 | 000,000,000 | ---D | C] -- C:\APK-Multi-Tool
[2013.02.16 13:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChatON
[2013.02.14 14:42:46 | 000,000,000 | ---D | C] -- C:\Users\Juve1\apktool
[2013.02.14 12:44:53 | 000,233,472 | ---- | C] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.02.14 12:43:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MarkAny
[2013.02.13 16:13:13 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 16:13:13 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 16:13:13 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 16:13:13 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 16:13:12 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 16:13:12 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 16:13:12 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 16:13:12 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 16:13:12 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 16:13:12 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 16:13:11 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 16:13:11 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 16:13:09 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 16:13:09 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 16:13:09 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 16:12:18 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.13 16:12:17 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 16:12:17 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 16:12:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 16:12:17 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 16:12:17 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 16:12:17 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 16:12:15 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 16:12:13 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 16:12:13 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.12 15:29:40 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Msinet.ocx
[2013.02.12 15:29:40 | 000,109,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Mswinsck.ocx
[2013.02.10 11:12:45 | 000,000,000 | ---D | C] -- C:\Users\Juve1\AppData\Roaming\Android
[2013.02.06 15:08:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HumaxSmartSuite
[2013.02.06 15:08:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HumaxSmartSuite
[2013.02.06 14:48:36 | 000,000,000 | ---D | C] -- C:\Users\Juve1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HumBox
[2013.02.06 14:48:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Humax Digital
[2013.02.06 14:29:23 | 000,085,384 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\drivers\ftser2k.sys
[2013.02.06 14:29:23 | 000,065,416 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftcserco.dll
[2013.02.06 14:29:23 | 000,055,176 | ---- | C] (FTDI Ltd.) -- C:\Windows\SysNative\ftserui2.dll
[2013.02.05 15:20:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Humax Zone Uploader 2.0
[2013.02.05 15:20:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HumaxZoneUploader
[2013.02.04 18:53:00 | 000,000,000 | ---D | C] -- C:\Users\Juve1\AppData\Roaming\EPSON
[2013.02.04 18:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2013.02.04 18:47:10 | 000,008,704 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2013.02.04 18:47:09 | 000,108,032 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMCFE.DLL
[2013.02.04 18:47:09 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBCFE.DLL
[2013.02.04 18:45:07 | 000,083,968 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\esxcwiad.dll
[2013.02.04 18:45:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan
[2013.02.04 18:45:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\epson
[2013.02.04 18:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2013.02.04 17:39:44 | 000,000,000 | ---D | C] -- C:\Users\Juve1\Desktop\Humax
[2013.01.30 17:17:57 | 000,000,000 | ---D | C] -- C:\Users\Juve1\AppData\Roaming\vlc
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.02.26 15:42:54 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.26 15:39:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.26 15:38:18 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Juve1\Desktop\OTL.exe
[2013.02.26 15:32:18 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.26 15:31:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.25 22:55:00 | 009,511,456 | ---- | M] (SurfRight B.V.) -- C:\Users\Juve1\Desktop\HitmanPro_x64.exe
[2013.02.25 22:27:48 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.25 22:27:48 | 000,013,936 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.25 22:19:08 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.25 21:42:16 | 000,594,019 | ---- | M] () -- C:\Users\Juve1\Desktop\adwcleaner.exe
[2013.02.25 16:34:03 | 000,168,663 | ---- | M] () -- C:\test.xml
[2013.02.22 11:19:00 | 002,310,203 | ---- | M] () -- C:\Users\Juve1\Desktop\20130222_111509.jpg
[2013.02.22 11:19:00 | 001,675,776 | ---- | M] () -- C:\Users\Juve1\Desktop\20130222_111528.jpg
[2013.02.22 01:24:52 | 001,492,188 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.22 01:24:52 | 000,652,012 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.22 01:24:52 | 000,614,160 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.22 01:24:52 | 000,129,020 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.22 01:24:52 | 000,105,402 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.22 01:19:08 | 1474,615,628 | ---- | M] () -- C:\Users\Juve1\Desktop\Hochzeit Brattella 2006.avi
[2013.02.22 01:19:08 | 000,039,424 | ---- | M] () -- C:\Users\Juve1\Documents\tmp_cover771.jpg
[2013.02.22 00:34:38 | 000,001,347 | ---- | M] () -- C:\Users\Juve1\Desktop\Free DVD Video Converter.lnk
[2013.02.22 00:34:38 | 000,001,243 | ---- | M] () -- C:\Users\Juve1\Desktop\DVDVideoSoft Free Studio.lnk
[2013.02.22 00:18:33 | 034,027,096 | ---- | M] (DVDVideoSoft Ltd. ) -- C:\Users\Juve1\Desktop\FreeDVDVideoConverter.exe
[2013.02.21 23:46:16 | 000,001,082 | ---- | M] () -- C:\Users\Juve1\Desktop\DVD Shrink 3.2 deutsch (DeCSS-frei).lnk
[2013.02.21 23:45:35 | 001,258,692 | ---- | M] (DVD Shrink ) -- C:\Users\Juve1\Desktop\dvdshrink.3.2.de._decss-frei_.setup.exe
[2013.02.21 23:42:25 | 001,094,021 | ---- | M] () -- C:\Users\Juve1\Desktop\dvdshrink32setup.zip
[2013.02.20 13:13:09 | 000,691,568 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.20 13:13:09 | 000,071,024 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.20 10:30:50 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.02.20 10:30:50 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.20 10:30:50 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.20 10:30:50 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.20 10:30:50 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.20 10:30:50 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.18 23:43:56 | 004,189,792 | ---- | M] (Piriform Ltd) -- C:\Users\Juve1\Desktop\ccsetup327.exe
[2013.02.16 21:41:03 | 005,806,160 | ---- | M] () -- C:\Users\Juve1\Desktop\APK-Multi-Tool-Stable-RELEASE.zip
[2013.02.14 14:42:00 | 003,081,315 | ---- | M] () -- C:\Users\Juve1\Desktop\Android-Hilfe.de App.apk
[2013.02.14 12:50:11 | 000,071,134 | ---- | M] () -- C:\Users\Juve1\Desktop\fehlermeldung beim hochfahren.png
[2013.02.13 20:26:14 | 000,095,428 | ---- | M] () -- C:\Windows\SysNative\s000001.dat
[2013.02.13 20:16:30 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\sstate_prev.sdt
[2013.02.13 20:16:27 | 000,000,102 | ---- | M] () -- C:\Windows\SysNative\sstates.sdt
[2013.02.13 17:23:42 | 000,415,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.12 07:30:01 | 000,344,064 | ---- | M] (Steganos GmbH) -- C:\Users\Juve1\Documents\Password2.exe
[2013.02.10 11:10:06 | 034,614,812 | ---- | M] () -- C:\Users\Juve1\Desktop\NOVO App_1.5.apk
[2013.02.10 09:31:26 | 004,024,188 | ---- | M] () -- C:\Users\Juve1\Desktop\Shazam_3.9.0-BB73852.apk
[2013.02.08 07:28:18 | 000,144,834 | ---- | M] () -- C:\Users\Juve1\Desktop\WirelessKeyView_1.60.zip
[2013.02.07 17:57:51 | 000,577,944 | ---- | M] () -- C:\Windows\SysNative\s000000.dat
[2013.02.05 09:54:40 | 000,233,472 | ---- | M] (Teruten) -- C:\Windows\SysWow64\FsUsbExService.Exe
[2013.02.05 09:54:40 | 000,037,344 | ---- | M] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.02.25 21:42:09 | 000,594,019 | ---- | C] () -- C:\Users\Juve1\Desktop\adwcleaner.exe
[2013.02.22 11:19:00 | 002,310,203 | ---- | C] () -- C:\Users\Juve1\Desktop\20130222_111509.jpg
[2013.02.22 11:19:00 | 001,675,776 | ---- | C] () -- C:\Users\Juve1\Desktop\20130222_111528.jpg
[2013.02.22 01:19:08 | 000,039,424 | ---- | C] () -- C:\Users\Juve1\Documents\tmp_cover771.jpg
[2013.02.22 00:51:31 | 1474,615,628 | ---- | C] () -- C:\Users\Juve1\Desktop\Hochzeit Brattella 2006.avi
[2013.02.22 00:34:38 | 000,001,347 | ---- | C] () -- C:\Users\Juve1\Desktop\Free DVD Video Converter.lnk
[2013.02.22 00:34:38 | 000,001,243 | ---- | C] () -- C:\Users\Juve1\Desktop\DVDVideoSoft Free Studio.lnk
[2013.02.21 23:46:16 | 000,001,082 | ---- | C] () -- C:\Users\Juve1\Desktop\DVD Shrink 3.2 deutsch (DeCSS-frei).lnk
[2013.02.21 23:42:23 | 001,094,021 | ---- | C] () -- C:\Users\Juve1\Desktop\dvdshrink32setup.zip
[2013.02.16 21:40:57 | 005,806,160 | ---- | C] () -- C:\Users\Juve1\Desktop\APK-Multi-Tool-Stable-RELEASE.zip
[2013.02.14 14:42:00 | 003,081,315 | ---- | C] () -- C:\Users\Juve1\Desktop\Android-Hilfe.de App.apk
[2013.02.14 12:50:09 | 000,071,134 | ---- | C] () -- C:\Users\Juve1\Desktop\fehlermeldung beim hochfahren.png
[2013.02.14 12:44:54 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.02.14 12:44:54 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.02.13 20:26:14 | 000,095,428 | ---- | C] () -- C:\Windows\SysNative\s000001.dat
[2013.02.10 11:30:25 | 004,024,188 | ---- | C] () -- C:\Users\Juve1\Desktop\Shazam_3.9.0-BB73852.apk
[2013.02.10 11:12:00 | 034,614,812 | ---- | C] () -- C:\Users\Juve1\Desktop\NOVO App_1.5.apk
[2013.02.08 14:05:17 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.08 07:28:17 | 000,144,834 | ---- | C] () -- C:\Users\Juve1\Desktop\WirelessKeyView_1.60.zip
[2013.02.07 17:57:51 | 000,577,944 | ---- | C] () -- C:\Windows\SysNative\s000000.dat
[2013.02.07 16:37:41 | 000,000,102 | ---- | C] () -- C:\Windows\SysNative\sstates.sdt
[2013.02.07 16:37:41 | 000,000,040 | ---- | C] () -- C:\Windows\SysNative\sstate_prev.sdt
[2013.01.20 01:20:57 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2013.01.20 01:16:14 | 001,590,506 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.18 23:18:44 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\SonyVideoProcessor.dll
[2013.01.18 23:14:52 | 000,001,607 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
[2012.12.18 10:06:10 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.12.18 10:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.12.18 10:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.12.18 10:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.12.18 10:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 04:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
< End of report >
OK so? |
AdwCleaner auf deinen Desktop.
Textbox.