| ApplePie | 05.07.2013 17:11 |
hi, danke für die schnelle Antwort.
Nein, gibt keine Malewarebytes-Logs mit Funden, auch sonst keine weiteren außer der Antivir-Meldung, die ich oben gepostet habe.
[CODE]OTL Logfile: Code:
OTL logfile created on: 05.07.2013 16:10:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 34,61% Memory free
6,20 Gb Paging File | 3,59 Gb Available in Paging File | 57,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 14,53 Gb Free Space | 9,75% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 122,46 Gb Free Space | 87,92% Space Free | Partition Type: NTFS
Drive F: | 149,04 Gb Total Space | 115,32 Gb Free Space | 77,37% Space Free | Partition Type: NTFS
Drive G: | 149,04 Gb Total Space | 143,90 Gb Free Space | 96,55% Space Free | Partition Type: NTFS
Drive H: | 3,72 Gb Total Space | 3,72 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.07.05 15:00:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- c:\Users\***\Desktop\OTL.exe
PRC - [2013.06.06 21:31:32 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.04.04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013.02.04 18:21:34 | 001,513,536 | ---- | M] (1und1 Mail und Media GmbH) -- C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
PRC - [2012.09.15 10:26:50 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.11 23:13:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.11 23:13:13 | 000,391,632 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avcenter.exe
PRC - [2012.05.11 23:13:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.11 23:13:13 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.09.23 20:22:34 | 000,218,624 | ---- | M] () -- C:\ProgramData\Mobile Partner\OnlineUpdate\ouc.exe
PRC - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
PRC - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () -- C:\ProgramData\DatacardService\HWDeviceService.exe
PRC - [2010.11.16 15:37:30 | 000,230,912 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\ProgramData\DatacardService\DCSHelper.exe
PRC - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () -- G:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009.04.11 08:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.12.05 06:14:26 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2008.07.18 19:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008.07.15 21:29:00 | 007,651,328 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2008.07.15 21:22:46 | 000,217,088 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\HControl.exe
PRC - [2008.07.10 03:09:26 | 000,191,032 | ---- | M] (ATK) -- C:\Program Files\P4G\BatteryLife.exe
PRC - [2008.06.25 05:01:08 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Media\DMedia.exe
PRC - [2008.06.24 06:16:24 | 002,482,176 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2008.06.19 22:18:12 | 000,154,168 | ---- | M] (ASUS) -- C:\Program Files\ASUS\ASUS CopyProtect\ASPG.exe
PRC - [2008.06.18 08:10:24 | 000,297,528 | ---- | M] (ASUS) -- C:\Program Files\ASUS\SmartLogon\sensorsrv.exe
PRC - [2008.06.13 07:52:51 | 006,183,456 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2008.06.12 07:52:08 | 000,212,992 | ---- | M] (CyberLink Corp.) -- C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe
PRC - [2008.06.04 03:29:08 | 000,851,968 | ---- | M] (ATK) -- C:\Program Files\ASUS\Splendid\ACMON.exe
PRC - [2008.05.20 03:15:06 | 000,172,032 | ---- | M] (CyberLink Corp.) -- C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe
PRC - [2008.04.10 21:32:18 | 000,752,168 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2008.03.18 06:27:11 | 000,013,312 | ---- | M] (Agere Systems) -- C:\Windows\System32\agrsmsvc.exe
PRC - [2008.01.26 04:32:38 | 000,778,240 | ---- | M] () -- C:\Program Files\P4P\P4P.exe
PRC - [2008.01.23 20:51:28 | 000,151,552 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\WDC.exe
PRC - [2008.01.21 04:23:32 | 001,008,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Defender\MSASCui.exe
PRC - [2008.01.21 04:23:24 | 000,215,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdSync.exe
PRC - [2008.01.12 08:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
PRC - [2007.11.05 05:48:06 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTranAgt.exe
PRC - [2007.10.03 07:53:00 | 000,094,208 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe
PRC - [2007.08.15 21:20:16 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
PRC - [2007.08.03 22:24:54 | 000,125,496 | ---- | M] () -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
PRC - [2007.07.06 02:53:44 | 001,040,384 | ---- | M] () -- C:\Program Files\Wireless Console 2\wcourier.exe
PRC - [2007.02.06 19:29:59 | 000,065,536 | R--- | M] (Cognizance Corporation) -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\asghost.exe
PRC - [2005.07.07 01:43:42 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\System32\ACEngSvr.exe
========== Modules (No Company Name) ==========
MOD - [2013.06.06 21:31:31 | 003,128,728 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2012.05.11 23:13:14 | 000,398,288 | ---- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2008.09.16 20:18:06 | 000,132,608 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2008.07.18 19:52:08 | 000,649,704 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2008.06.09 09:55:08 | 000,013,096 | ---- | M] () -- C:\Program Files\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2008.04.10 21:25:54 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2008.01.26 04:32:38 | 000,778,240 | ---- | M] () -- C:\Program Files\P4P\P4P.exe
MOD - [2008.01.12 08:40:10 | 000,098,304 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
MOD - [2007.11.30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files\ASUS\ASUS Live Update\ALU.exe
MOD - [2007.11.13 01:41:50 | 000,106,496 | ---- | M] () -- C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll
MOD - [2007.08.14 23:59:54 | 006,365,184 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtGui4.dll
MOD - [2007.07.12 23:55:52 | 000,131,072 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2007.07.12 23:55:28 | 001,581,056 | ---- | M] () -- C:\Program Files\Common Files\LightScribe\QtCore4.dll
========== Services (SafeList) ==========
SRV - [2013.06.06 21:31:31 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.05.11 23:13:14 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.11 23:13:13 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.11.16 18:23:44 | 000,377,344 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2011.09.23 20:22:34 | 000,218,624 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Huawai Intenet Stick O2 Sparhandy\UpdateDog\ouc.exe -- (Mobile Partner. RunOuc)
SRV - [2011.08.12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2011.02.02 12:00:32 | 000,052,288 | ---- | M] (NOS Microsystems Ltd.) [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2010.11.16 15:37:38 | 000,264,704 | ---- | M] () [Auto | Running] -- C:\ProgramData\DatacardService\HWDeviceService.exe -- (HWDeviceService.exe)
SRV - [2010.06.28 14:01:30 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Stopped] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009.04.30 12:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- G:\Programme\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008.03.18 06:27:11 | 000,013,312 | ---- | M] (Agere Systems) [Auto | Running] -- C:\Windows\System32\agrsmsvc.exe -- (AgereModemAudio)
SRV - [2008.01.21 04:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.21 04:23:24 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.21 04:23:24 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007.10.03 07:53:00 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2007.08.08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2007.08.03 22:24:54 | 000,125,496 | ---- | M] () [Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe -- (spmgr)
SRV - [2007.02.06 19:29:59 | 000,074,240 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWLNPkg.dll -- (ASBroker)
SRV - [2006.06.21 12:13:59 | 000,131,584 | R--- | M] (Cognizance Corporation) [Auto | Running] -- C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASChnl.dll -- (ASChannel)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2013.07.05 15:58:32 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2012.05.11 23:13:14 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.11 23:13:14 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011.10.11 15:00:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.23 20:22:37 | 000,116,736 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)
DRV - [2011.09.23 20:22:37 | 000,106,880 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2011.09.23 20:22:37 | 000,102,784 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)
DRV - [2011.09.23 20:22:37 | 000,072,576 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV - [2011.07.22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011.07.12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2010.06.23 09:21:32 | 000,259,176 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.05.15 17:30:46 | 000,457,304 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2010.02.02 00:04:47 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
DRV - [2009.05.28 22:41:28 | 004,233,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw5v32.sys -- (NETw5v32)
DRV - [2009.05.25 14:34:56 | 000,122,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdm.sys -- (s1029mdm)
DRV - [2009.05.25 14:34:56 | 000,090,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029bus.sys -- (s1029bus)
DRV - [2009.05.25 14:34:56 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029mdfl.sys -- (s1029mdfl)
DRV - [2009.05.25 14:34:54 | 000,111,912 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1029obex.sys -- (s1029obex)
DRV - [2009.04.11 06:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.03.25 17:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009.03.25 17:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009.03.25 17:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009.03.25 17:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009.03.25 17:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009.03.25 17:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009.03.25 17:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008.06.25 16:58:59 | 007,534,720 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.06.25 16:58:59 | 000,043,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2008.06.03 08:41:51 | 000,015,928 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\kbfiltr.sys -- (kbfiltr)
DRV - [2008.05.29 20:21:02 | 000,015,416 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [File_System | Boot | Running] -- C:\Windows\System32\drivers\lullaby.sys -- (lullaby)
DRV - [2008.05.20 03:15:42 | 000,061,424 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\ASUS\AI TouchMedia\PlayMovie\000.fcl -- ({49DE1C67-83F8-4102-99E0-C16DCC7EEC796})
DRV - [2008.03.21 06:12:59 | 001,203,776 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2008.02.16 03:42:42 | 000,046,592 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimmptsk.sys -- (rimmptsk)
DRV - [2008.02.05 09:52:23 | 000,206,464 | ---- | M] (eMPIA Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etFilter.sys -- (FiltUSBET)
DRV - [2008.01.31 13:18:57 | 000,006,528 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etScan.sys -- (ScanUSBET)
DRV - [2007.12.19 03:12:12 | 000,054,784 | ---- | M] (ITE Tech. Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\itecir.sys -- (itecir)
DRV - [2007.09.06 10:43:49 | 000,474,624 | ---- | M] (eMPIA Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\etDevice.sys -- (DCamUSBET)
DRV - [2007.08.03 06:26:21 | 000,020,936 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys -- (ghaio)
DRV - [2007.07.30 21:54:02 | 000,038,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rixdptsk.sys -- (rismxdp)
DRV - [2007.07.30 20:42:58 | 000,043,008 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\rimsptsk.sys -- (rimsptsk)
DRV - [2007.07.24 21:09:04 | 000,013,880 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP.sys -- (ASMMAP)
DRV - [2007.06.17 07:29:08 | 000,146,824 | ---- | M] (AuthenTec, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atswpdrv.sys -- (ATSWPDRV)
DRV - [2006.12.14 09:11:57 | 000,007,680 | ---- | M] (ATK0100) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ATKACPI.sys -- (MTsensor)
DRV - [2006.11.02 09:41:49 | 001,010,560 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\smserial.sys -- (smserial)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKLM\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKLM\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2613550
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\***\neue SimDOWNLO
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=ASUS&bmod=ASUS
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\URLSearchHook: {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
IE - HKCU\..\URLSearchHook: {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{1564FE23-947F-4EBB-93F8-5F9B965DA32A}: "URL" = hxxp://go.1und1.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{348B1588-3D54-4178-99D0-4731B5F690DF}: "URL" = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
IE - HKCU\..\SearchScopes\{3C9FA24E-6775-4517-A7BF-4ED64EF16BE0}: "URL" = hxxp://go.web.de/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{598634F3-07BA-4C68-976D-8D1B8534EAE3}: "URL" = hxxp://go.gmx.net/tb/ie_searchplugin/?su={searchTerms}
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUS_de
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.selectedEngine: "LEO Deu-Eng"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.web.de"
FF - prefs.js..extensions.enabledAddons: info%40bmi-calculator-plus.com:1.0
FF - prefs.js..extensions.enabledAddons: %7Bc666c018-6409-4479-afa3-68e4129e7eff%7D:1.1.0
FF - prefs.js..extensions.enabledAddons: status4evar%40caligonstudios.com:2013.02.16.23
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.0
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130515
FF - prefs.js..extensions.enabledAddons: %7B19503e42-ca3c-4c27-b1e2-9cdb2170ee34%7D:1.5.5.5
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.5.1
FF - prefs.js..extensions.enabledAddons: %7Bada4b710-8346-4b82-8199-5de2b400a6ae%7D:2.1.2
FF - prefs.js..extensions.enabledAddons: ffe_ff3ff4%40game-point.net:2.0.1
FF - prefs.js..extensions.enabledItems: {19503e42-ca3c-4c27-b1e2-9cdb2170ee34}:1.2.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {dc572301-7619-498c-a57d-39143191b318}:0.3.8.5
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - prefs.js..network.proxy.type: 0
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa2,version=2.0.0: C:\Program Files\Picasa2\npPicasa2.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nosltd.com/getPlus+(R),version=1.6.2.99: C:\Program Files\NOS\bin\np_gp.dll (NOS Microsystems Ltd.)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.5: G:\Filme\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF - HKLM\Software\MozillaPlugins\@zylom.com/ZylomGamesPlayer: C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\***\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\Amazon - MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.06.06 21:31:33 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.06.06 21:31:20 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.06.06 21:31:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.06.06 21:31:20 | 000,000,000 | ---D | M]
[2009.06.26 20:00:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions
[2013.07.05 13:35:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions
[2010.04.27 14:24:01 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2013.05.17 18:44:07 | 000,000,000 | ---D | M] (WOT) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2013.07.05 13:35:35 | 000,000,000 | ---D | M] (ReminderFox) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}
[2013.07.01 20:54:15 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\ich@maltegoetz.de
[2011.04.17 01:53:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\kxdclicb.default\extensions\nostmp
[2012.10.14 02:03:32 | 000,827,050 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\ffe_ff3aeroff4@game-point.net.xpi
[2013.06.06 21:34:55 | 000,827,317 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\ffe_ff3ff4@game-point.net.xpi
[2013.05.22 22:54:56 | 001,358,137 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\fpw@informatik.tu-darmstadt.de.xpi
[2012.11.11 21:15:09 | 000,027,699 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\info@bmi-calculator-plus.com.xpi
[2013.03.31 00:22:35 | 000,215,171 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\jid0-HYNmqxA9zQGfJADREri4n2AHKSI@jetpack.xpi
[2011.05.18 23:19:58 | 000,004,448 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\newoldmenu@rsjtdrjgfuzkfg.com.xpi
[2013.02.28 23:22:56 | 000,151,803 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\status4evar@caligonstudios.com.xpi
[2013.06.14 15:45:38 | 000,350,663 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
[2012.12.11 23:44:07 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2012.11.24 20:53:20 | 000,013,268 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{c666c018-6409-4479-afa3-68e4129e7eff}.xpi
[2013.05.11 00:27:47 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.04.21 22:17:40 | 000,765,412 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2012.11.24 23:28:42 | 000,001,831 | ---- | M] () -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\kxdclicb.default\searchplugins\leo-deu-eng.xml
[2013.06.06 21:31:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013.06.06 21:31:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
[2009.10.23 16:01:34 | 000,102,400 | ---- | M] (Zylom) -- C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.web.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Yahoo! activeX Plug-in Bridge (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
CHR - plugin: Zylom Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
CHR - plugin: getPlusPlus for Adobe 16299 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Picasa2\npPicasa2.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: Move Media Player 7 (Enabled) = C:\Users\***\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: VLC Multimedia Plug-in (Enabled) = G:\Filme\VideoLAN\VLC\npvlc.dll
CHR - Extension: Google Drive = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: WOT = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.12_0\
CHR - Extension: WOT = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.13_0\
CHR - Extension: YouTube = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Adblock Plus = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\
CHR - Extension: Google-Suche = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2010.08.21 11:58:46 | 000,416,853 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 14389 more lines...
O2 - BHO: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.)
O2 - BHO: (FG2CatchUrl) - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (FlashGet)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (WEB.DE MailCheck BHO) - {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ASUS Security Protect Manager) - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
O2 - BHO: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O2 - BHO: (Free i-Dressup Toolbar) - {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bigpoint Games DE Toolbar) - {0e3dbc69-a682-48da-84e1-82c63a5d678e} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (WEB.DE MailCheck) - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKLM\..\Toolbar: (ZoneAlarm-Sicherheit Toolbar) - {fc2b76fc-2132-4d80-a9a3-1f5c6e49066b} - C:\Program Files\ZoneAlarm-Sicherheit\prxtbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Free i-Dressup Toolbar) - {ff19b72a-36ed-4066-8865-a580ae938cce} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (Bigpoint Games DE Toolbar) - {0E3DBC69-A682-48DA-84E1-82C63A5D678E} - C:\Program Files\Bigpoint_Games_DE\prxtbBigp.dll (Conduit Ltd.)
O3 - HKCU\..\Toolbar\WebBrowser: (WEB.DE MailCheck) - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O3 - HKCU\..\Toolbar\WebBrowser: (Free i-Dressup Toolbar) - {FF19B72A-36ED-4066-8865-A580AE938CCE} - C:\Program Files\Free_i-Dressup\prxtbFre1.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe ()
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ChkMail] C:\Program Files\ChkMail\ChkMail\ChkMail.exe (ChkMail)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [CognizanceTS] C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASTSVCC.dll (Cognizance Corporation)
O4 - HKLM..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe ()
O4 - HKLM..\Run: [MailCheck IE Broker] C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe (1und1 Mail und Media GmbH)
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\Windows\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [P2Go_Menu] C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PCMAgent] C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PlayMovie] C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerForPhone] C:\Program Files\P4P\P4P.exe ()
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [ICQ] C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm ()
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll (Bioscrypt Inc.)
O9 - Extra 'Tools' menuitem : ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll (Bioscrypt Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O13 - gopher Prefix: missing
O16 - DPF: {6E718D87-6909-4FCE-92D4-EDCB2F725727} hxxp://navigram.com/engine/v1026/Navigram.cab (Navigram Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.25.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2DD56FA5-DE1B-478C-AB76-FA5DD4A32FEC}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9DCA037F-18CB-4CCB-BF23-D809D7B85D54}: DhcpNameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A78EC9D7-F568-4B26-A915-66935720D571}: DhcpNameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D73336F7-D902-4394-ACE1-78F763D4E622}: DhcpNameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FD10FF70-9B4D-4927-943C-69EAFEE5F622}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\webde {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll (1und1 Mail und Media GmbH)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (APSHook.dll) - APSHook.dll (Cognizance Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\***\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{39d5a075-600d-11de-85da-002354a126b8}\Shell\AutoRun\command - "" = I:\Toshiba\more4you.exe
O33 - MountPoints2\{63574742-e610-11e0-b05f-002354a126b8}\Shell - "" = AutoRun
O33 - MountPoints2\{63574742-e610-11e0-b05f-002354a126b8}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{63574760-e610-11e0-b05f-001e101fb45e}\Shell - "" = AutoRun
O33 - MountPoints2\{63574760-e610-11e0-b05f-001e101fb45e}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{66f1f981-e7a6-11e0-a270-001e101f1ed9}\Shell - "" = AutoRun
O33 - MountPoints2\{66f1f981-e7a6-11e0-a270-001e101f1ed9}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\{767e2a53-2239-11df-bb10-002354a126b8}\Shell - "" = AutoRun
O33 - MountPoints2\{767e2a53-2239-11df-bb10-002354a126b8}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{fdb8cdda-f50f-11e0-9984-001e101f2d88}\Shell - "" = AutoRun
O33 - MountPoints2\{fdb8cdda-f50f-11e0-9984-001e101f2d88}\Shell\AutoRun\command - "" = H:\AutoRun.exe
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.07.05 15:58:32 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.07.05 14:59:52 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.06.21 21:30:31 | 005,261,912 | ---- | C] (Canneverbe Limited ) -- C:\Users\***\Desktop\cdbxp_setup_4.5.1.4003.exe
[2013.06.10 18:55:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Realore_Whiterra Roads Of Rome 3
[2013.06.09 23:21:30 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Realore_Whiterra Roads Of Rome 2
[2013.06.07 22:57:46 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Realore_Whiterra Roads Of Rome 1.2
[2013.06.06 21:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.09.20 21:09:49 | 006,722,216 | ---- | C] (Adobe Systems Inc.) -- C:\Users\***\Shockwave_Installer_Slim.exe
[2012.06.13 20:55:04 | 000,894,952 | ---- | C] (Oracle Corporation) -- C:\Users\***\jxpiinstall.exe
[2011.05.09 19:38:04 | 013,835,919 | ---- | C] (Written by Alexander Herzog) -- C:\Users\***\DosBoxoberfläche für alte spiele D-Fend-Reloaded-1.1.0-Setup.exe
[2010.12.04 15:15:40 | 003,214,648 | ---- | C] (ASCOMP Software GmbH ) -- C:\Users\***\zr FESTPLATTENBEREINIGUNG UND DOPPELTE FINDENhddboostVV.exe.exe
[2010.11.13 23:23:25 | 002,790,864 | ---- | C] (Adobe Systems, Inc.) -- C:\Users\***\install_flash_player.exe
[2010.11.13 21:21:36 | 018,102,608 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\***\FreeYouTubeToMp3Converter39.exe
[2010.04.18 19:12:20 | 033,850,672 | ---- | C] (Apple Inc.) -- C:\Users\***\QuickTimeInstaller.exe
[2010.04.18 15:20:26 | 000,318,904 | ---- | C] (Microsoft Corporation) -- C:\Users\***\wmpfirefoxplugin.exe
[2010.04.18 13:12:01 | 022,229,776 | ---- | C] (DVDVideoSoft Limited. ) -- C:\Users\***\FreeYouTubeToMp3Converter.exe
[2010.02.02 00:01:05 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2744.dll
[2010.01.03 19:48:53 | 005,061,520 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\***\mbam143-setup.exe
[2010.01.03 19:09:39 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\***\spybotsd162.exe
[2010.01.03 19:09:17 | 091,338,304 | ---- | C] (Lavasoft ) -- C:\Users\***\Ad-AwareInstallation.exe
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\***\Documents\*.tmp files -> C:\Users\***\Documents\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.07.05 15:58:32 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013.07.05 15:45:46 | 000,628,742 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.07.05 15:45:46 | 000,595,996 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.07.05 15:45:46 | 000,126,454 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.07.05 15:45:46 | 000,104,070 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.07.05 15:33:05 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 15:33:05 | 000,003,616 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.05 15:16:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.07.05 15:00:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.07.05 14:30:46 | 000,000,873 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.07.05 13:33:57 | 000,045,056 | ---- | M] () -- C:\Windows\System32\acovcnt.exe
[2013.07.05 13:33:54 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.07.05 13:33:09 | 000,042,462 | ---- | M] () -- C:\ProgramData\nvModes.001
[2013.07.05 13:33:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.05 13:32:57 | 3220,295,680 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.05 01:47:01 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.06.24 18:38:46 | 000,007,592 | ---- | M] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2013.06.22 22:39:00 | 000,001,701 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.06.21 21:33:16 | 005,261,912 | ---- | M] (Canneverbe Limited ) -- C:\Users\***\Desktop\cdbxp_setup_4.5.1.4003.exe
[1 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[1 C:\Users\***\Documents\*.tmp files -> C:\Users\***\Documents\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.07.05 14:30:46 | 000,000,873 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.11.04 16:41:01 | 000,030,641 | ---- | C] () -- C:\Users\***\435v rwetrtt.jpg
[2012.11.04 00:51:48 | 000,262,117 | ---- | C] () -- C:\Users\***\ggdgdfgfg.jpg
[2012.11.03 23:54:25 | 000,065,578 | ---- | C] () -- C:\Users\***\dsfsfsfsss.jpg
[2012.11.02 14:41:22 | 000,149,967 | ---- | C] () -- C:\Users\***\Calciumtabelle.pdf
[2012.10.22 23:47:01 | 000,258,428 | ---- | C] () -- C:\Users\***\1.bild.jpeg
[2012.10.16 17:39:51 | 006,581,704 | ---- | C] () -- C:\Users\***\3.bild.pdf
[2012.09.21 23:42:57 | 006,216,460 | ---- | C] () -- C:\Users\***\Besta SChweiz iKEA.pdf
[2012.07.13 22:39:22 | 000,309,066 | ---- | C] () -- C:\Users\***\1183_littledays.zip
[2012.07.13 22:39:15 | 000,027,415 | ---- | C] () -- C:\Users\***\1736_blackjack.zip
[2012.07.13 22:38:54 | 000,091,517 | ---- | C] () -- C:\Users\***\2959_worstveld_sling_ext.zip
[2012.07.13 22:38:50 | 000,040,200 | ---- | C] () -- C:\Users\***\1823_homework.zip
[2012.07.13 22:38:46 | 000,045,191 | ---- | C] () -- C:\Users\***\0292_champagne.zip
[2012.07.13 22:38:34 | 000,030,412 | ---- | C] () -- C:\Users\***\1624_ankecalligraphic.zip
[2012.07.13 22:38:21 | 000,043,799 | ---- | C] () -- C:\Users\***\3973_windsong.zip
[2012.07.13 22:38:12 | 000,098,641 | ---- | C] () -- C:\Users\***\brock-script.zip
[2012.07.13 22:38:05 | 000,026,052 | ---- | C] () -- C:\Users\***\1573_athemeforamurder.zip
[2012.07.13 22:37:54 | 000,011,919 | ---- | C] () -- C:\Users\***\1880_honeyistoleyourjumper.zip
[2012.07.13 22:37:40 | 000,036,079 | ---- | C] () -- C:\Users\***\1881_janeausten.zip
[2012.07.13 22:37:27 | 000,047,121 | ---- | C] () -- C:\Users\***\0814_freebooterscript.zip
[2012.07.13 22:37:12 | 000,015,382 | ---- | C] () -- C:\Users\***\0435_anarchistic.zip
[2012.07.13 22:37:04 | 000,017,429 | ---- | C] () -- C:\Users\***\james-fajardo.zip
[2012.07.13 22:36:05 | 000,038,078 | ---- | C] () -- C:\Users\***\0618_lunabar.zip
[2012.07.13 21:14:02 | 000,029,848 | ---- | C] () -- C:\Users\***\0824_adinekirnbergscript.zip
[2012.07.13 21:11:35 | 000,175,717 | ---- | C] () -- C:\Users\***\4232_jellyka_castles_queen.zip
[2012.07.13 21:11:31 | 000,058,650 | ---- | C] () -- C:\Users\***\0121_scriptina.zip
[2012.07.13 21:10:44 | 000,047,301 | ---- | C] () -- C:\Users\***\0089_angelina.zip
[2012.07.13 21:10:36 | 000,059,504 | ---- | C] () -- C:\Users\***\0921_younglove.zip
[2012.07.13 21:10:30 | 000,125,416 | ---- | C] () -- C:\Users\***\4070_the_king_queen_font.zip
[2012.07.13 20:56:00 | 000,127,507 | ---- | C] () -- C:\Users\***\Font janda-fabulous.zip
[2012.07.13 20:55:48 | 000,311,139 | ---- | C] () -- C:\Users\***\Font janda-christmas-doodles.zip
[2012.07.13 20:55:15 | 000,040,561 | ---- | C] () -- C:\Users\***\Font kg-keep-your-head-up.zip
[2012.07.13 20:55:06 | 000,042,995 | ---- | C] () -- C:\Users\***\Font kg-like-a-skyscraper.zip
[2012.07.13 20:54:56 | 000,023,620 | ---- | C] () -- C:\Users\***\Font kg-god-gave-me-you.zip
[2012.07.13 20:54:47 | 000,039,433 | ---- | C] () -- C:\Users\***\Font kg-les-bouquinistes-de-paris.zip
[2012.07.13 20:54:17 | 000,029,388 | ---- | C] () -- C:\Users\***\Font janda-swirlygirl.zip
[2012.07.13 20:54:06 | 000,021,840 | ---- | C] () -- C:\Users\***\Font kg-sweet-n-sassy.zip
[2012.07.13 20:53:50 | 000,026,023 | ---- | C] () -- C:\Users\***\Font kg-legacy-of-virtue.zip
[2012.07.13 20:53:37 | 000,026,974 | ---- | C] () -- C:\Users\***\Font kg-mercy-in-the-morning.zip
[2012.07.13 20:53:25 | 000,102,042 | ---- | C] () -- C:\Users\***\Font kg-heart-doodles.zip
[2012.07.13 20:53:13 | 000,074,242 | ---- | C] () -- C:\Users\***\Font janda-apple-cobbler.zip
[2012.07.13 20:52:44 | 000,018,158 | ---- | C] () -- C:\Users\***\Font kg-skinny-latte.zip
[2012.07.13 20:52:32 | 000,040,749 | ---- | C] () -- C:\Users\***\Font janda-swirly-twirly.zip
[2012.07.13 20:52:16 | 000,056,208 | ---- | C] () -- C:\Users\***\FONT janda-manatee.zip
[2012.06.08 20:56:16 | 000,122,048 | ---- | C] () -- C:\Users\***\IMG_3571.jpeg
[2012.03.31 22:14:23 | 000,000,021 | ---- | C] () -- C:\Windows\preview.ini
[2011.12.27 00:20:04 | 000,032,256 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2011.12.27 00:07:38 | 000,107,520 | RHS- | C] () -- C:\Windows\System32\TAKDSDecoder.dll
[2011.12.26 17:43:28 | 001,322,592 | ---- | C] () -- C:\Users\***\MOV DAT IN AVI RADTools.exe
[2011.10.23 13:14:59 | 000,350,978 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_ice.rar
[2011.10.23 13:14:53 | 000,345,412 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_blonde.rar
[2011.10.23 13:14:48 | 000,351,843 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_orange.rar
[2011.10.23 13:14:45 | 000,351,690 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_gold.rar
[2011.10.23 13:14:36 | 000,337,252 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_chocolate.rar
[2011.10.23 13:14:33 | 000,339,787 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_caramel.rar
[2011.10.23 13:14:07 | 000,325,380 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_black.rar
[2011.10.23 13:14:04 | 002,268,114 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair92_mesh.rar
[2011.10.23 13:13:07 | 008,796,943 | ---- | C] () -- C:\Users\***\www.coolsims.net_fhair93.rar
[2011.10.22 22:11:47 | 004,080,888 | ---- | C] () -- C:\Users\***\Peggy_female_hair_mesh#007930.rar
[2011.10.20 23:08:24 | 000,246,547 | ---- | C] () -- C:\Users\***\FEparty5_AAS.zip
[2011.10.20 23:08:01 | 000,336,440 | ---- | C] () -- C:\Users\***\FEparty2_AAS.zip
[2011.10.20 23:06:47 | 000,016,221 | ---- | C] () -- C:\Users\***\inbeatz_mesh16.rar
[2011.10.20 23:06:46 | 000,125,972 | ---- | C] () -- C:\Users\***\inbeatz_mesh22.rar
[2011.10.20 23:06:46 | 000,018,133 | ---- | C] () -- C:\Users\***\inbeatz_mesh14.rar
[2011.10.20 23:06:46 | 000,010,915 | ---- | C] () -- C:\Users\***\inbeatz_mesh13.rar
[2011.10.20 23:06:46 | 000,010,582 | ---- | C] () -- C:\Users\***\inbeatz_mesh12.rar
[2011.10.14 01:56:07 | 000,306,430 | ---- | C] () -- C:\Users\***\TMturkformal.zip
[2011.10.14 01:55:30 | 000,979,608 | ---- | C] () -- C:\Users\***\wws.zip
[2011.10.11 10:55:33 | 000,374,138 | ---- | C] () -- C:\Users\***\38434.pdf
[2011.10.09 20:58:54 | 000,006,359 | ---- | C] () -- C:\Users\***\274310_908140690_2721112_n.jpg
[2011.10.09 20:40:10 | 026,061,148 | ---- | C] () -- C:\Users\***\Der_Leichenraeuber-Teil_2-Robert_Louis_Stevenson.zip
[2011.10.09 20:39:57 | 024,551,883 | ---- | C] () -- C:\Users\***\Der_Leichenraeuber-Teil_1-Robert_Louis_Stevenson.zip
[2011.10.09 20:39:29 | 025,784,868 | ---- | C] () -- C:\Users\***\Der_Untergang_des_Hauses_Usher-Teil_2-Edgar_Allan_Poe.zip
[2011.10.09 08:19:40 | 000,024,267 | ---- | C] () -- C:\Users\***\cover-der-untergang-des-hauses-usher.gif
[2011.10.09 08:18:23 | 023,881,969 | ---- | C] () -- C:\Users\***\Der_Untergang_des_Hauses_Usher-Teil_1-Edgar_Allan_Poe.zip
[2011.10.09 08:16:41 | 030,433,043 | ---- | C] () -- C:\Users\***\Das_gefleckte_Band-Teil_2-Arthur_Conan_Doyle.zip
[2011.10.09 08:15:21 | 028,631,167 | ---- | C] () -- C:\Users\***\Das_gefleckte_Band-Teil_1-Arthur_Conan_Doyle.zip
[2011.08.23 20:19:42 | 006,437,900 | ---- | C] () -- C:\Users\***\CIMG2434.JPG
[2011.08.23 20:19:32 | 006,078,116 | ---- | C] () -- C:\Users\***\CIMG2432.JPG
[2011.06.24 01:10:14 | 000,002,850 | ---- | C] () -- C:\Users\***\WasWar FIRST VERSION.bak
[2011.06.24 01:06:58 | 000,002,850 | ---- | C] () -- C:\Users\***\WasWar FIRST VERSION.yw5
[2011.05.17 23:21:44 | 000,036,193 | ---- | C] () -- C:\Users\***\2,h=343et.bild.jpg
[2011.05.17 23:17:08 | 000,036,533 | ---- | C] () -- C:\Users\***\2,h=343.bhgild.jpg
[2011.05.17 23:02:01 | 000,037,275 | ---- | C] () -- C:\Users\***\2,h=343.bivld.jpg
[2011.05.15 00:58:19 | 000,024,290 | ---- | C] () -- C:\Users\***\2,h=343.bildd.jpg
[2011.05.15 00:57:41 | 000,028,948 | ---- | C] () -- C:\Users\***\2,h=34s3.bild.jpg
[2011.05.15 00:56:58 | 000,030,526 | ---- | C] () -- C:\Users\***\2,h=343.bild.jpg
[2011.05.09 19:19:51 | 001,132,200 | ---- | C] () -- C:\Users\***\1869.zip
[2011.04.29 20:49:12 | 001,602,254 | ---- | C] () -- C:\Users\***\projektfahrplan_samsung-galaxy-s2.pdf
[2011.02.28 15:57:32 | 000,001,083 | ---- | C] () -- C:\Users\***\AppData\Roaming\mdbu.bin
[2011.01.31 13:39:17 | 001,259,520 | ---- | C] () -- C:\Users\***\Giraffe.pps
[2010.12.25 12:20:39 | 000,078,831 | ---- | C] () -- C:\Users\***\x2_3db1c13.jpg
[2010.12.13 00:55:40 | 012,144,452 | ---- | C] () -- C:\Users\***\Anthony Robson - No.4 Aria (Alto) Bereite dich, Zion.mp3
[2010.12.07 23:28:03 | 011,357,600 | ---- | C] () -- C:\Users\***\Orchestra Sinfonica Nazionale della Rai & Elina Garanca & Coro Filarmonico del Regio di T... - L'amour est un oiseau rebelle (Havanaise).mp3
[2010.12.07 22:24:21 | 087,362,240 | ---- | C] ( ) -- C:\Users\***\fotokasten_comfort_3.6-Tchibo-Edition.exe
[2010.12.06 21:25:29 | 007,612,431 | ---- | C] () -- C:\Users\***\Andreas Scholl & Stefano Montanari & Accademia Bizantina - What Power art thou.mp3
[2010.11.22 15:14:58 | 000,973,780 | ---- | C] () -- C:\Users\***\z1_reisezeit_2009.pdf
[2010.11.21 23:27:45 | 000,204,517 | ---- | C] () -- C:\Users\***\media_871770.pdf
[2010.11.21 23:24:43 | 000,203,683 | ---- | C] () -- C:\Users\***\media_872064.pdf
[2010.11.11 01:57:33 | 000,105,984 | ---- | C] () -- C:\Users\***\5f50fe7a-52e4-42f6-a3ac-8ffc1a764c2e_2.mp3
[2010.11.11 00:07:52 | 053,182,768 | ---- | C] () -- C:\Users\***\avira_antivir_personal_de NEUE VERSION 10.exe
[2010.06.10 12:19:32 | 000,034,502 | ---- | C] () -- C:\Users\***\369457.zip
[2010.05.19 23:31:23 | 000,155,695 | ---- | C] () -- C:\Users\***\PDFSeptember 2009Mai 2010.pdf
[2010.05.13 01:01:00 | 122,427,805 | ---- | C] () -- C:\Users\***\RoyalEnvoySetup.exe
[2010.05.09 18:20:24 | 000,220,160 | ---- | C] () -- C:\Users\***\Foto des perfekten Mannes TW.pps
[2010.04.18 13:18:50 | 001,008,736 | ---- | C] () -- C:\Users\***\AmazonMP3Installer-de_DE.exe
[2010.04.09 17:54:55 | 000,000,687 | ---- | C] () -- C:\Users\***\MTS_Chaavik_1079516_NoAutonomousPlayFetch-PETS.rar
[2010.04.09 14:14:26 | 065,639,962 | ---- | C] () -- C:\Users\***\DinerDash5BoomSetup.exe
[2010.03.04 01:55:30 | 015,844,722 | ---- | C] () -- C:\Users\***\FindersKeepersSetup.exe
[2010.02.02 19:52:31 | 004,585,545 | ---- | C] () -- C:\Users\***\W995__UG_DE_1225_4616_1.pdf
[2010.01.19 18:58:09 | 000,007,592 | ---- | C] () -- C:\Users\***\AppData\Local\d3d9caps.dat
[2010.01.10 02:19:48 | 011,963,422 | ---- | C] () -- C:\Users\***\FamilyFeudIISetup.exe
[2009.08.14 23:57:28 | 015,627,356 | ---- | C] () -- C:\Users\***\YahtzeeSetup.exe
[2009.08.14 23:54:38 | 069,201,270 | ---- | C] () -- C:\Users\***\SatisfashionSetup.exe
[2009.07.22 21:54:36 | 000,097,792 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.07.14 22:12:36 | 020,874,987 | ---- | C] () -- C:\Users\***\TheGameOfLIFEPTSSetup.exe
[2009.07.14 22:12:03 | 031,406,373 | ---- | C] () -- C:\Users\***\UNOUndercoverSetup.exe
[2009.07.14 22:09:53 | 025,169,925 | ---- | C] () -- C:\Users\***\MahjonggAncientMayasSetup.exe
[2009.06.23 17:58:26 | 000,042,462 | ---- | C] () -- C:\ProgramData\nvModes.001
[2009.06.23 17:55:52 | 000,042,462 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2008.07.02 05:28:38 | 000,061,440 | ---- | C] () -- C:\Program Files\Common Files\CPInstallAction.dll
[2008.05.22 19:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files\Common Files\banner.jpg
[2007.03.12 18:59:00 | 000,299,008 | ---- | C] () -- C:\Program Files\navigram_register.exe
========== ZeroAccess Check ==========
[2012.07.14 19:11:12 | 000,000,596 | ---- | M] () -- C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\kxdclicb.default\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}\defaults\printing\icons\@.png
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 08:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2009.10.21 03:21:21 | 000,000,000 | -HSD | M] -- C:\Users\***\AppData\Roaming\.#
[2013.03.25 00:24:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\1&1 Mail & Media GmbH
[2010.04.18 13:20:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2011.12.26 23:40:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AnvSoft
[2013.07.01 03:14:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BITS
[2011.07.27 14:48:16 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Canneverbe Limited
[2011.08.17 01:03:55 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\CheckPoint
[2012.01.11 18:58:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.01.11 18:57:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.08.15 00:02:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\eGames
[2010.01.22 23:51:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Gamelab
[2009.12.27 23:16:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\GamesCafe
[2013.04.14 20:12:32 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ
[2009.07.14 14:08:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView
[2013.05.06 20:53:09 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Islands
[2013.05.12 19:52:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Islands2
[2013.05.04 23:35:28 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Islands3
[2013.06.02 16:09:15 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\island_tribe_4_realore_bfg_en
[2009.11.13 20:24:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\iWin
[2011.05.09 20:44:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Jane s Hotel 3
[2011.08.15 03:10:59 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JewelMatch2
[2013.03.26 03:24:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Peace Craft
[2013.03.29 06:05:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PeaceCraft2
[2013.03.08 07:06:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PeaceCraft3
[2009.12.26 22:58:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Playfirst
[2009.09.26 01:02:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Skip-Bo
[2010.02.01 23:58:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony
[2010.02.01 23:55:08 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony Setup
[2011.06.24 01:02:57 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spacejock Software
[2009.08.10 00:37:37 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\UNOUndercover
[2011.01.07 12:24:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Ykusox
[2011.01.02 00:34:41 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Yvymo
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 252 bytes -> C:\ProgramData\Temp:38FF076E
@Alternate Data Stream - 246 bytes -> C:\ProgramData\Temp:84FA02E7
@Alternate Data Stream - 234 bytes -> C:\ProgramData\Temp:E5BA9ADD
@Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:C9B27A06
@Alternate Data Stream - 225 bytes -> C:\ProgramData\Temp:EC0279DC
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:99AC3203
@Alternate Data Stream - 206 bytes -> C:\ProgramData\Temp:DCA79AB3
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:F43B7E8F
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:A9ABA3FF
< End of report >
--- --- --- Code:
OTL Extras logfile created on: 05.07.2013 16:10:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = c:\Users\***\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,04 Gb Available Physical Memory | 34,61% Memory free
6,20 Gb Paging File | 3,59 Gb Available in Paging File | 57,92% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 149,04 Gb Total Space | 14,53 Gb Free Space | 9,75% Space Free | Partition Type: NTFS
Drive D: | 139,28 Gb Total Space | 122,46 Gb Free Space | 87,92% Space Free | Partition Type: NTFS
Drive F: | 149,04 Gb Total Space | 115,32 Gb Free Space | 77,37% Space Free | Partition Type: NTFS
Drive G: | 149,04 Gb Total Space | 143,90 Gb Free Space | 96,55% Space Free | Partition Type: NTFS
Drive H: | 3,72 Gb Total Space | 3,72 Gb Free Space | 100,00% Space Free | Partition Type: FAT32
Computer Name: *** | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "G:\Filme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "G:\Filme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 1
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" = C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe:*:Enabled:Flashget2 -- (FLASHGET)
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdate.exe:*:Enabled:FGLiveUpdate
"C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe" = C:\Program Files\FlashGet Network\FlashGet universal\LiveUpdateEx.exe:*:Enabled:FGLiveUpdateEx
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{FAE23E7E-C456-4A5E-B357-E8E4E5EC51D0}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05D9635A-8B2F-4F80-848F-E97C31BAA344}" = protocol=6 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{230F670B-9846-4251-BEF1-BEFFC9EF99EB}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\pmvservice.exe |
"{2A0FE31C-80BC-4E19-A2BD-E5E8F241A6C7}" = protocol=17 | dir=in | app=c:\windows\system32\zonelabs\vsmon.exe |
"{2BF9FC6F-4A62-4E76-BC2E-C365EE7DBCBD}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3315CCD0-F76D-4F2E-B134-ACE91DC6E421}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3A165E6B-A367-46DF-AE78-AD71A87BEBFC}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{3ED5E282-A401-44B8-95E2-B7066FA23BC5}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{5A15BBD5-F629-4723-A18C-46E43D4B176F}" = protocol=17 | dir=in | app=g:\program files\sony ericsson\update service\update service.exe |
"{68B2243C-0A91-4157-A56C-D4341AE7F7A7}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dmp\clbrowserengine.exe |
"{6C01D200-5584-4E19-87A6-9A44395B83AC}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\pcmservice.exe |
"{76E279AA-7EE8-4F23-AF16-ABD49210F7D8}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\powercinema.exe |
"{92E6A180-3607-450D-93F5-5FD617B53B12}" = protocol=6 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{95DEAC44-8D5D-4F09-BD64-552E8547BD76}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{A4016150-03DA-4532-BF50-57FF5C903956}" = dir=in | app=c:\program files\asus\ai touchmedia\playmovie\playmovie.exe |
"{B58CB3CF-70DE-4204-AE78-CC2372831E38}" = protocol=17 | dir=in | app=c:\program files\icq7.5\icq.exe |
"{BABC3380-1A7E-4613-AFEF-2335C866B5F1}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{C0A11FFD-8C6D-43D4-8B93-A466BFC0B7B3}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{CE0A70BE-9D2B-4DAB-B503-3D0D18FBA033}" = protocol=6 | dir=in | app=g:\program files\sony ericsson\update service\update service.exe |
"{EBCFF5EE-C815-4B1F-BAFA-319A9AF9E707}" = dir=in | app=c:\program files\asus\ai touchmedia\ai touchmedia\kernel\dms\clmsservice.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01521746-02A6-4A72-00BD-A285DF6B80C6}" = Die Sims 2: Wilde Campus-Jahre
"{03D1988F-469F-4843-8E6E-E5FE9D17889D}" = WIDCOMM Bluetooth Software
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software 1.14.17.1
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{250F0996-1830-40C8-9B1D-6874D808DD95}" = ChkMail
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{27D51A76-371D-48B6-B06E-4137A15B7583}" = Express Gate
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite 6.011.00
"{34B32B70-8081-11E2-89AF-B8AC6F98CCE3}" = Google Earth Plug-in
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{40580068-9B10-40B5-9548-536CE88AB23C}" = ITECIR
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{4817189D-1785-4627-A33C-39FD90919300}" = Die Sims™ 2 Haustiere
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{59F6A514-9813-47A3-948C-8A155460CC2A}" = RICOH R5C83x/84x Flash Media Controller Driver Ver.3.55.01
"{5C98D841-6392-41F1-A80E-B1A741F32A95}" = DSL-Speedtest
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}" = NB Probe
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6E7DD182-9FC6-4651-0095-2E666CC6AF35}" = Die Sims 2
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{770103E9-E1C3-48C9-812B-2982C7070575}_is1" = Pazera Free MOV to AVI Converter 1.4
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}" = Die Sims 2: Open For Business
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83F73CB1-7705-49D1-9852-84D839CA2A45}" = Wireless Console 2
"{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}" = Die Sims™ 2 Freizeit-Spaß
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8169 8168 8101E 8102E Ethernet Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear eXtreme
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.7) - Deutsch
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{B6F5B704-06D3-4687-90F3-6195304AD755}" = Die Sims™ 2 Apartment-Leben
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE52F670-9E10-4C0A-B0CB-D78BAB0A7923}" = NimoFilm
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{D8D4AF9A-6ADE-4B14-A7F5-BA858792729E}" = ASUS Security Protect Manager
"{DE10AB76-4756-4913-BE25-55D1C1051F9A}" = WinFlash
"{DE66EFAD-B9CC-4FD4-9157-6C18E5100161}" = Dolby Control Center
"{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}" = Die Sims™ 2 Vier Jahreszeiten
"{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EB4DF30B-102B-4F0C-927A-D50E037A325D}" = AuthenTec Fingerprint Sensor Minimum Install
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F248ADFA-64E0-4b03-8A83-059078BED6A0}" = Die Sims™ 2 Gute Reise
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F7529650-B9DB-481B-0089-A2AC3C2821C1}" = Die Sims 2: Nightlife
"{FBE5AA96-22F0-4C4A-8E92-4BE3498D4CCB}" = Media Go
"{FC3D290D-79BE-44B7-ABF9-FDD110925930}" = P4P
"1&1 Mail & Media GmbH 1und1Softwareaktualisierung" = WEB.DE Softwareaktualisierung
"1&1 Mail & Media GmbH Toolbar IE8" = WEB.DE MailCheck für Internet Explorer
"10888a5b8643982a1f8e7de8c303ccbd" = Big Kahuna Reef 2 - Chain Reaction
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"am-skipbocastawaycapertm" = SKIP-BO Castaway Caper(TM)
"Any Video Converter_is1" = Any Video Converter 3.3.2
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber Lame-MP3-Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"BFGC" = Big Fish Games: Game Manager
"BFG-Farm Frenzy 3 - American Pie" = Farm Frenzy 3: American Pie
"BFG-Island Tribe" = Island Tribe
"BFG-Island Tribe 2" = Island Tribe 2
"BFG-Island Tribe 3" = Island Tribe 3
"BFG-Island Tribe 4" = Island Tribe 4
"BFG-Jane's Hotel Mania" = Jane's Hotel Mania
"BFG-My Kingdom for the Princess" = My Kingdom for the Princess
"BFG-My Kingdom for the Princess II" = My Kingdom for the Princess II
"BFG-My Kingdom for the Princess III" = My Kingdom for the Princess III
"BFG-Roads of Rome" = Roads of Rome
"BFG-Roads of Rome II" = Roads of Rome II
"Bigpoint_Games_DE Toolbar" = Bigpoint Games DE Toolbar
"D-Fend Reloaded" = D-Fend Reloaded 1.1.0 (deinstallieren)
"Digital Image Recovery_is1" = Digital Image Recovery 1.47
"Dolphin Dice9.03" = Dolphin Dice 9.03
"FKC22153088_is1" = fotokasten comfort
"FlashGet 2.0" = FlashGet 2.0
"fotokasten comfort_is1" = fotokasten comfort 4.4
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube Download_is1" = Free YouTube Download 2.3
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Free_i-Dressup Toolbar" = Free i-Dressup Toolbar
"Google Chrome" = Google Chrome
"Governor of Poker_is1" = Governor of Poker
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = AI TouchMedia
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"IrfanView" = IrfanView (remove only)
"Island Realms_is1" = Island Realms
"Jewel Match 2_is1" = Jewel Match 2
"Jojos Fashion Show 2_is1" = Jojos Fashion Show 2
"Jojos Fashion Show World Tour_is1" = Jojos Fashion Show World Tour
"Jojos Fashion Show_is1" = Jojos Fashion Show
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIA Drivers" = NVIDIA Drivers
"Picasa2" = Picasa 2
"PROHYBRIDR" = 2007 Microsoft Office system
"Quilting Time_is1" = Quilting Time
"RADVideo" = RAD Video Tools
"Ranch Rush_is1" = Ranch Rush
"Royal Envoy 2" = Royal Envoy 2
"Royal Envoy_is1" = Royal Envoy
"Sims 2 Wardrobe Wrangler v1.1" = Sims 2 Wardrobe Wrangler v1.1
"Sims2Pack Clean Installer " = Sims2Pack Clean Installer
"SKIPBO Castaway Caper_is1" = SKIPBO Castaway Caper
"Sony Ericsson Themes Creator" = Sony Ericsson Themes Creator 4.12.2.4
"Spiel Des Lebens" = Spiel Des Lebens
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Service" = Update Service
"USB2.0 1.3M UVC WebCam" = USB2.0 1.3M UVC WebCam
"VLC media player" = VLC media player 1.0.5
"Wedding Salon" = Wedding Salon
"WinPolis" = WinPolis
"WinRAR archiver" = WinRAR
"XMedia Recode" = XMedia Recode 3.0.6.0
"Yahoo! Widget Engine" = Yahoo! Widgets
"YTdetect" = Yahoo! Detect
"yWriter5_is1" = yWriter5
"Zero Assumption Digital Image Recovery_is1" = Zero Assumption Digital Image Recovery 1.2
"ZMBV" = Zip Motion Block Video codec (Remove Only)
"ZoneAlarm" = ZoneAlarm
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Kindle" = Amazon Kindle
"Move Media Player" = Move Media Player
"Zylom Games Player Plugin" = Zylom Games Player Plugin
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 23.07.2011 07:51:47 | Computer Name = *** | Source = .NET Runtime Optimization Service | ID = 1101
Description =
Error - 23.07.2011 17:49:07 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 24.07.2011 07:46:22 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 25.07.2011 12:08:02 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 26.07.2011 13:24:48 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 27.07.2011 08:07:50 | Computer Name = *** | Source = WinMgmt | ID = 10
Description =
Error - 27.07.2011 08:31:51 | Computer Name = *** | Source = Application Error | ID = 1000
Description = Fehlerhafte Anwendung Power2Go.exe, Version 6.0.0.1924, Zeitstempel
0x4888181a, fehlerhaftes Modul btmmhook.dll, Version 5.2.0.500, Zeitstempel 0x47fe5d08,
Ausnahmecode 0x40000015, Fehleroffset 0x0000e7ef, Prozess-ID 0x1330, Anwendungsstartzeit
01cc4c58f3cd6c82.
Error - 27.07.2011 08:34:52 | Computer Name = *** | Source = VSS | ID = 8194
Description =
Error - 27.07.2011 08:39:43 | Computer Name = *** | Source = MsiInstaller | ID = 11905
Description =
Error - 27.07.2011 08:40:42 | Computer Name = *** | Source = MsiInstaller | ID = 11311
Description =
[ ASUS Security Protect Manager Events ]
Error - 30.05.2013 18:04:58 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 02.06.2013 08:31:31 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 02.06.2013 08:31:33 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 05.06.2013 14:38:36 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 07.06.2013 05:12:36 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 25.06.2013 07:13:03 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 25.06.2013 07:13:11 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 29.06.2013 05:08:26 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 03.07.2013 16:27:25 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
Error - 03.07.2013 16:27:29 | Computer Name = *** | Source = AuthWiz | ID = 100796068
Description = The submitted credentials were rejected. User: ***@***
Credentials:
Password Error: (0xC516020B) The system could not log you on. Verify your user
name and domain are correct and then type your password again. Letters in passwords
must be typed using the correct case. Verify that Caps Lock is off.
[ System Events ]
Error - 29.06.2013 05:31:13 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 01.07.2013 14:39:15 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description =
Error - 01.07.2013 14:39:15 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 01.07.2013 14:39:59 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 03.07.2013 16:27:00 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description =
Error - 03.07.2013 16:27:00 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 03.07.2013 16:29:05 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
Error - 05.07.2013 07:34:35 | Computer Name = *** | Source = Service Control Manager | ID = 7009
Description =
Error - 05.07.2013 07:34:35 | Computer Name = *** | Source = Service Control Manager | ID = 7000
Description =
Error - 05.07.2013 07:40:21 | Computer Name = *** | Source = Microsoft-Windows-LanguagePackSetup | ID = 1001
Description =
< End of report >
|
TDSSKiller.exe und speichere diese Datei auf dem Desktop
AdwCleaner auf deinen Desktop.
WARNUNG an die MITLESER: 
Textbox.