Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Facebook Virus (Koobface oder so) (https://www.trojaner-board.de/101779-facebook-virus-koobface-so.html)

Drumming 28.07.2011 00:27

Facebook Virus (Koobface oder so)
 
Hallo
Ich bin gestern auf diese bekannten Facebook Virus reingefallen.
Nun habe ich die befürchtung das ich diesen Virus auf den Rachner habe (bin mir nich sicher).
Ich habe auch im Forum schon einen Thread mit den selben anzeichen Gefunden, aller dings hat der mir nich weitergeholfen.
Erstmal wie ich zu dem Virus gekommen bin :

Ich wurd angeschrieben von einer Klassenkameradin (sie muss den Virus ebenfalls haben). IN der PN stand halt etwas von einem Video übermich (halt alles gefaket). In meiner Dummheit habe ich den natürlich angeklickt. Dann wurd ich auf diese angeblich Youtube seite geleitet, konnte aber nich das Video anschauen, weil ich angeblich nich den FlashPlayer hätte. Den hab ich dann von der Seite gedowloadet wie sich raustellte war es der Virus.

Nun hätte ich gerne Hilfe wie ich den loswerden kann ohne die Festplatte gleich zu formatieren.

Ich habe auch schon einen scan mit Antivir und danach mit Trend Micro Internet security gemacht, da die aber nichts gefunden haben, habe ich natürlich nach einer lösung gegoogelt, da habe ich ein tool von microsoft entdeckt.....hat aber ebenfalls nich geholfen...

ich bitte um schnellen Rat
PS: schonmal DANKE im Vorraus....

kira 28.07.2011 07:27

Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:
Zitat:

  • "Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
    - da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
    - also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
  • Charakteristische Merkmale/Profilinformationen:
    - aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
  • Die Systemprüfung und Bereinigung:
    - kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
  • Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
  • Innerhalb der Betreuungszeit:
    - ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
  • Die Reihenfolge:
    - genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
  • GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
  • Ansonsten unsere Forumsregeln:
    - Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?
  • Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org
  • Installieren und per Doppelklick starten.
  • Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
  • "Komplett Scan durchführen" wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

3.
→ Lade Dir HJTscanlist.zip herunter
→ entpacke die Datei auf deinem Desktop
→ Bei WindowsXP Home musst vor dem Scan zusätzlich tasklist.zip installieren
→ per Doppelklick starten
→ Wähle dein Betriebsystem aus - bei Win7 wähle Vista
→ Wenn Du gefragt wirst, die Option "Einstellung" (1) - scanlist" wählen
→ Nach kurzer Zeit sollte sich Dein Editor öffnen und die Datei hjtscanlist.txt präsentieren
→ Bitte kopiere den Inhalt hier in Deinen Thread.
** Falls es klappt auf einmal nicht, kannst den Text in mehrere Teile teilen und so posten

4.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool Ccleaner herunter
Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ falls nötig - unter Options settings-> "german" einstellen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B hjtsanlist o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw
gruß
kira

Drumming 28.07.2011 11:49

So habe alle auf der Liste getan ^^
Anti-Malware hat was gefunden. (69 Infizierte Dateien usw.)
Hier einmal der Bericht vom Anti-Malware
Code:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7308

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

28.07.2011 11:50:31
mbam-log-2011-07-28 (11-50-31).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 303866
Laufzeit: 49 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 8
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 9
Infizierte Registrierungswerte: 12
Infizierte Dateiobjekte der Registrierung: 3
Infizierte Verzeichnisse: 1
Infizierte Dateien: 36

Infizierte Speicherprozesse:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> 2520 -> Unloaded process successfully.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> 2596 -> Unloaded process successfully.
c:\Windows\update.tray-8-0\svchost.exe (Trojan.Dropper) -> 4484 -> Unloaded process successfully.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> 4852 -> Unloaded process successfully.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 2408 -> Unloaded process successfully.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> 2876 -> Unloaded process successfully.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2380 -> Unloaded process successfully.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> 2424 -> Unloaded process successfully.

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvsysdriver32 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpdrivers (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srviecheck (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvbtcclient (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\SERVICES32.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\wxpdrivers (Trojan.Agent) -> Quarantined and deleted successfully.

Infizierte Registrierungswerte:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32.exe (Trojan.Agent) -> Value: sysdriver32.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\tray_ico0 (Trojan.Dropper) -> Value: tray_ico0 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\l1rezerv.exe (Trojan.Agent) -> Value: l1rezerv.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\wxpdrv (Trojan.Dropper) -> Value: wxpdrv -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8994680.exe (Trojan.Agent) -> Value: 8994680.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysdriver32_.exe (Trojan.Agent) -> Value: sysdriver32_.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\1333882.exe (Trojan.Agent) -> Value: 1333882.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\9778665.exe (Trojan.Agent) -> Value: 9778665.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\26607594-loader2.exe (Trojan.Agent) -> Value: 26607594-loader2.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\3068739.exe (Trojan.Agent) -> Value: 3068739.exe -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Services32.exe\close (Trojan.Agent) -> Value: close -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wxpDrivers\ImagePath (Trojan.Agent) -> Value: ImagePath -> Quarantined and deleted successfully.

Infizierte Dateiobjekte der Registrierung:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Infizierte Verzeichnisse:
c:\Windows\rpcminer (Trojan.BCMiner) -> Quarantined and deleted successfully.

Infizierte Dateien:
c:\Windows\sysdriver32.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\update.1\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\update.tray-8-0\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\l1rezerv.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\services32.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\8994680.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\sysdriver32_.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\ASUS\AppData\Local\Temp\1333882.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\9778665.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\26607594-loader2.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\ASUS\AppData\Local\Temp\7392581.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\ASUS\AppData\Local\Temp\somoto_chrome.exe (Adware.BHO) -> Quarantined and deleted successfully.
c:\Windows\Temp\1380268.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\36487029.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\Temp\3765476.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\5526996.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\6698_myunrar2.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\update.tray-8-0-lnk\svchost.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Windows\Temp\3068739.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Temp\471761108.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
c:\Windows\update.2\svchost.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
c:\Windows\update.5.0\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinmineropencl.cl (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_10.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_11.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\bitcoinminercuda_20.cubin (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\cudart32_32_16.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\curllib.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\libeay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\libsasl.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\openldap.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-4way.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-cpu.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-cuda.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\rpcminer-opencl.exe (Trojan.BCMiner) -> Quarantined and deleted successfully.
c:\Windows\rpcminer\ssleay32.dll (Trojan.BCMiner) -> Quarantined and deleted successfully.


Drumming 28.07.2011 11:52

OTL:
Code:

OTL logfile created on: 7/28/2011 12:04:02 PM - Run 2
OTL by OldTimer - Version 3.2.26.1    Folder = C:\Users\ASUS\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4.00 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 63.70% Memory free
8.00 Gb Paging File | 6.19 Gb Available in Paging File | 77.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 72.54 Gb Free Space | 62.30% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 334.57 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ASUS\AppData\Roaming\cacaoweb\cacaoweb.exe ()
PRC - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (SfCtlCom) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (Trend Micro Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TmProxy) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe (Trend Micro Inc.)
SRV:64bit: - (TMBMServer) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\netsession_win_e477fed.dll ()
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (OberonGameConsoleService) -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe ()
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tmxpflt) -- C:\Windows\SysNative\drivers\tmxpflt.sys (Trend Micro Inc.)
DRV:64bit: - (tmpreflt) -- C:\Windows\SysNative\drivers\tmpreflt.sys (Trend Micro Inc.)
DRV:64bit: - (vsapint) -- C:\Windows\SysNative\drivers\vsapint.sys (Trend Micro Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\1107071805\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/21 22:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/07/21 22:07:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions
[2011/07/27 21:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions
[2011/07/27 20:28:24 | 000,000,000 | ---D | M] (Hyperionics DB Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2011/07/27 21:36:53 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions\cacaoweb@cacaoweb.org
[2011/07/21 22:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) --
[2011/07/08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/07/28 10:16:42 | 000,203,160 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} -  File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\1107071805\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ECAREME)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt]  File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Setwallpaper]  File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tray_ico]  File not found
O4 - HKLM..\Run: [tray_ico1]  File not found
O4 - HKLM..\Run: [tray_ico2]  File not found
O4 - HKLM..\Run: [tray_ico3]  File not found
O4 - HKLM..\Run: [tray_ico4]  File not found
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [cacaoweb] C:\Users\ASUS\AppData\Roaming\cacaoweb\cacaoweb.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/07/28 10:50:45 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Malwarebytes
[2011/07/28 10:50:39 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/28 10:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/28 10:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/28 10:50:35 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/28 10:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/28 00:44:17 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2011/07/28 00:25:19 | 049,089,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/07/27 20:58:53 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\ICQ
[2011/07/27 20:28:50 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
[2011/07/27 20:28:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Minibar
[2011/07/27 20:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hyperionics DB Toolbar
[2011/07/27 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\HyperCam 2
[2011/07/26 22:36:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\AMD
[2011/07/26 15:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/07/26 15:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/07/26 15:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011/07/26 15:00:38 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2011/07/26 15:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2011/07/26 15:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/07/26 14:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/07/26 14:48:11 | 000,000,000 | ---D | C] -- C:\ATI
[2011/07/26 14:46:50 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011/07/26 14:41:59 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011/07/26 14:41:59 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011/07/26 14:41:38 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011/07/26 14:40:05 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011/07/26 14:38:16 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011/07/26 14:35:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011/07/26 14:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0-lnk
[2011/07/26 14:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0
[2011/07/22 14:08:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\cacaoweb
[2011/07/22 13:58:47 | 000,000,000 | ---D | C] -- C:\FirefoxPortable
[2011/07/21 22:07:10 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Mozilla
[2011/07/21 22:06:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/07/21 16:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alaplaya
[2011/07/21 16:26:35 | 593,954,668 | ---- | C] (InstallShield Software Corporation) -- C:\Users\ASUS\Desktop\S4League.exe
[2011/07/21 15:32:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\ElevatedDiagnostics
[2011/07/16 14:17:25 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/07/16 01:45:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\.minecraft
[2011/07/06 21:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011/07/06 21:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2011/07/06 21:42:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Mozilla
[2011/07/06 21:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011/07/06 21:42:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\ICQ
[2011/07/06 21:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011/07/06 17:13:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Fiesta
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\texturepacks
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\saves
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\resources
[2011/07/01 14:17:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\stats
[2011/07/01 14:17:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\bin
[2011/06/30 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/06/30 17:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2011/06/30 17:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/06/30 17:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/06/29 18:10:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\ts3overlay
[2011/06/29 18:09:34 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\WinRAR
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 18:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/06/29 18:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/06/29 18:07:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2011/06/29 17:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/06/29 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/29 17:54:59 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/06/29 17:54:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/29 17:54:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/29 17:54:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/06/29 17:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/06/29 17:51:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\LogMeIn Hamachi
[2011/06/29 17:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/06/29 17:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2008/08/12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Users\ASUS\AppData\Local\*.tmp files -> C:\Users\ASUS\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/07/28 12:09:14 | 000,203,160 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2011/07/28 12:07:07 | 000,203,160 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2011/07/28 12:00:47 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/28 12:00:47 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/28 11:57:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/28 11:53:18 | 000,002,158 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/07/28 11:53:18 | 000,001,453 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/07/28 11:53:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/28 11:52:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/28 11:52:13 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/28 10:50:39 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/28 10:17:30 | 000,001,937 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/07/28 10:16:42 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/07/28 10:16:42 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011/07/28 00:44:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2011/07/28 00:17:04 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2011/07/27 23:36:21 | 1175,199,286 | ---- | M] () -- C:\Users\ASUS\Documents\clip0006.avi
[2011/07/27 22:31:33 | 3802,291,915 | ---- | M] () -- C:\Users\ASUS\Documents\clip0005.avi
[2011/07/27 21:51:18 | 012,707,496 | ---- | M] () -- C:\Users\ASUS\Documents\clip0004.avi
[2011/07/27 21:50:57 | 026,040,586 | ---- | M] () -- C:\Users\ASUS\Documents\clip0003.avi
[2011/07/27 20:38:59 | 214,771,614 | ---- | M] () -- C:\Users\ASUS\Documents\clip0002.avi
[2011/07/27 20:31:43 | 041,177,758 | ---- | M] () -- C:\Users\ASUS\Documents\clip0001.avi
[2011/07/27 20:28:51 | 000,000,937 | ---- | M] () -- C:\Users\ASUS\Desktop\HyperCam 2.lnk
[2011/07/27 20:10:10 | 000,000,155 | ---- | M] () -- C:\Windows\info1
[2011/07/26 14:41:58 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011/07/26 14:41:58 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011/07/26 14:41:58 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011/07/26 14:41:58 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011/07/26 14:40:27 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011/07/26 14:39:58 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011/07/26 14:02:29 | 000,123,784 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/07/26 14:02:29 | 000,088,288 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/07/22 18:32:29 | 000,001,971 | ---- | M] () -- C:\Users\ASUS\Desktop\He_Fights_all_Knight.png
[2011/07/21 22:07:11 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/07/21 17:00:29 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2011/07/21 16:41:04 | 593,954,668 | ---- | M] (InstallShield Software Corporation) -- C:\Users\ASUS\Desktop\S4League.exe
[2011/07/17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011/07/16 13:54:11 | 000,270,142 | ---- | M] () -- C:\Users\ASUS\Minecraft.exe
[2011/07/09 10:45:17 | 311,888,518 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/02 15:01:11 | 000,000,000 | ---- | M] () -- C:\Users\ASUS\AppData\Local\{BFA1C75D-2684-4A9E-AFDD-FA8B59E089D2}
[2011/07/01 09:54:42 | 049,089,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/06/29 18:07:37 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/29 17:54:51 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/06/29 17:54:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/29 17:54:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/29 17:54:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[1 C:\Users\ASUS\AppData\Local\*.tmp files -> C:\Users\ASUS\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/07/28 10:50:39 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/27 23:29:11 | 1175,199,286 | ---- | C] () -- C:\Users\ASUS\Documents\clip0006.avi
[2011/07/27 21:51:46 | 3802,291,915 | ---- | C] () -- C:\Users\ASUS\Documents\clip0005.avi
[2011/07/27 21:51:11 | 012,707,496 | ---- | C] () -- C:\Users\ASUS\Documents\clip0004.avi
[2011/07/27 21:50:47 | 026,040,586 | ---- | C] () -- C:\Users\ASUS\Documents\clip0003.avi
[2011/07/27 20:31:53 | 214,771,614 | ---- | C] () -- C:\Users\ASUS\Documents\clip0002.avi
[2011/07/27 20:30:16 | 041,177,758 | ---- | C] () -- C:\Users\ASUS\Documents\clip0001.avi
[2011/07/27 20:28:11 | 000,000,937 | ---- | C] () -- C:\Users\ASUS\Desktop\HyperCam 2.lnk
[2011/07/26 14:41:58 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011/07/26 14:41:58 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011/07/26 14:41:58 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011/07/26 14:40:27 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011/07/26 14:40:05 | 000,000,155 | ---- | C] () -- C:\Windows\info1
[2011/07/26 14:39:59 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011/07/26 14:39:58 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011/07/26 14:39:58 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011/07/22 18:32:29 | 000,001,971 | ---- | C] () -- C:\Users\ASUS\Desktop\He_Fights_all_Knight.png
[2011/07/21 22:07:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/07/21 17:00:29 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2011/07/16 13:54:07 | 000,270,142 | ---- | C] () -- C:\Users\ASUS\Minecraft.exe
[2011/07/02 15:01:11 | 000,000,000 | ---- | C] () -- C:\Users\ASUS\AppData\Local\{BFA1C75D-2684-4A9E-AFDD-FA8B59E089D2}
[2011/06/29 18:07:37 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/15 14:04:13 | 000,000,244 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2009/12/03 09:58:33 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009/12/03 09:58:21 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/12/03 09:38:38 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/12/03 09:00:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/09/16 22:08:27 | 000,001,016 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/08/19 10:33:09 | 000,018,944 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/01 10:10:50 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2006/05/19 13:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >

hjtscanlist:
[/code]

Drumming 28.07.2011 11:53

OTL:
Code:

OTL logfile created on: 7/28/2011 12:04:02 PM - Run 2
OTL by OldTimer - Version 3.2.26.1    Folder = C:\Users\ASUS\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4.00 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 63.70% Memory free
8.00 Gb Paging File | 6.19 Gb Available in Paging File | 77.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 72.54 Gb Free Space | 62.30% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 334.57 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\ASUS\AppData\Roaming\cacaoweb\cacaoweb.exe ()
PRC - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
PRC - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe ()
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
PRC - C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
 
 
========== Modules (SafeList) ==========
 
MOD - C:\Users\ASUS\Desktop\OTL.exe (OldTimer Tools)
MOD - C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll (Microsoft Corporation)
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV:64bit: - (SfCtlCom) -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe (Trend Micro Inc.)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TmProxy) -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe (Trend Micro Inc.)
SRV:64bit: - (TMBMServer) -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe (Trend Micro Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (ATKGFNEXSrv) -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai\netsession_win_e477fed.dll ()
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (ICQ Service) -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe ()
SRV - (OberonGameConsoleService) -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe ()
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (ADSMService) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe (ASUSTek Computer Inc.)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (tmxpflt) -- C:\Windows\SysNative\drivers\tmxpflt.sys (Trend Micro Inc.)
DRV:64bit: - (tmpreflt) -- C:\Windows\SysNative\drivers\tmpreflt.sys (Trend Micro Inc.)
DRV:64bit: - (vsapint) -- C:\Windows\SysNative\drivers\vsapint.sys (Trend Micro Inc.)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (tmtdi) -- C:\Windows\SysNative\drivers\tmtdi.sys (Trend Micro Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (lullaby) -- C:\Windows\SysNative\drivers\lullaby.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:64bit: - (Ntfs) -- C:\Windows\SysNative\wbem\ntfs.mof ()
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (SNP2UVC) USB2.0 PC Camera (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:64bit: - (AtiPcie) AMD PCI Express (3GIO) -- C:\Windows\SysNative\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (ASMMAP64) -- C:\Program Files\ATKGFNEX\ASMMAP64.sys ()
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\1107071805\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011/07/21 22:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 5.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2011/07/21 22:07:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions
[2011/07/27 21:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions
[2011/07/27 20:28:24 | 000,000,000 | ---D | M] (Hyperionics DB Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2011/07/27 21:36:53 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions\cacaoweb@cacaoweb.org
[2011/07/21 22:06:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
File not found (No name found) --
[2011/07/08 09:31:38 | 000,142,296 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2010/01/01 10:00:00 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2010/01/01 10:00:00 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2010/01/01 10:00:00 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2010/01/01 10:00:00 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2010/01/01 10:00:00 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2010/01/01 10:00:00 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/07/28 10:16:42 | 000,203,160 | -H-- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: 127.0.0.1 vkontakte.ru
O1 - Hosts: 127.0.0.1 www.vkontakte.ru
O1 - Hosts: 127.0.0.1 login.vk.com
O1 - Hosts: 127.0.0.1 vk.com
O1 - Hosts: 127.0.0.1 www.vk.com
O1 - Hosts: 127.0.0.1 odnoklassniki.ru
O1 - Hosts: 127.0.0.1 www.odnoklassniki.ru
O1 - Hosts: 127.0.0.1 facebook.com
O1 - Hosts: 127.0.0.1 www.facebook.com
O1 - Hosts: 127.0.0.1 af-za.facebook.com
O1 - Hosts: 127.0.0.1 az-az.facebook.com
O1 - Hosts: 127.0.0.1 id-id.facebook.com
O1 - Hosts: 127.0.0.1 ms-my.facebook.com
O1 - Hosts: 127.0.0.1 bs-ba.facebook.com
O1 - Hosts: 127.0.0.1 ca-es.facebook.com
O1 - Hosts: 127.0.0.1 cs-cz.facebook.com
O1 - Hosts: 127.0.0.1 cy-gb.facebook.com
O1 - Hosts: 127.0.0.1 da-dk.facebook.com
O1 - Hosts: 127.0.0.1 de-de.facebook.com
O1 - Hosts: 127.0.0.1 et-ee.facebook.com
O1 - Hosts: 127.0.0.1 en-gb.facebook.com
O1 - Hosts: 127.0.0.1 es-la.facebook.com
O1 - Hosts: 127.0.0.1 eo-eo.facebook.com
O1 - Hosts: 127.0.0.1 eu-es.facebook.com
O1 - Hosts: 50060 more lines...
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} -  File not found
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\1107071805\ICQToolBar.dll (ICQ)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ECAREME)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt]  File not found
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [Setwallpaper]  File not found
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [tray_ico]  File not found
O4 - HKLM..\Run: [tray_ico1]  File not found
O4 - HKLM..\Run: [tray_ico2]  File not found
O4 - HKLM..\Run: [tray_ico3]  File not found
O4 - HKLM..\Run: [tray_ico4]  File not found
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [cacaoweb] C:\Users\ASUS\AppData\Roaming\cacaoweb\cacaoweb.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll (Google Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/07/28 10:50:45 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Malwarebytes
[2011/07/28 10:50:39 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/28 10:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/28 10:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/28 10:50:35 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/28 10:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/28 00:44:17 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2011/07/28 00:25:19 | 049,089,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/07/27 20:58:53 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\ICQ
[2011/07/27 20:28:50 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
[2011/07/27 20:28:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Minibar
[2011/07/27 20:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hyperionics DB Toolbar
[2011/07/27 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\HyperCam 2
[2011/07/26 22:36:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\AMD
[2011/07/26 15:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/07/26 15:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/07/26 15:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011/07/26 15:00:38 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2011/07/26 15:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2011/07/26 15:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/07/26 14:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/07/26 14:48:11 | 000,000,000 | ---D | C] -- C:\ATI
[2011/07/26 14:46:50 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011/07/26 14:41:59 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011/07/26 14:41:59 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011/07/26 14:41:38 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011/07/26 14:40:05 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011/07/26 14:38:16 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011/07/26 14:35:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011/07/26 14:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0-lnk
[2011/07/26 14:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0
[2011/07/22 14:08:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\cacaoweb
[2011/07/22 13:58:47 | 000,000,000 | ---D | C] -- C:\FirefoxPortable
[2011/07/21 22:07:10 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Mozilla
[2011/07/21 22:06:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2011/07/21 16:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alaplaya
[2011/07/21 16:26:35 | 593,954,668 | ---- | C] (InstallShield Software Corporation) -- C:\Users\ASUS\Desktop\S4League.exe
[2011/07/21 15:32:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\ElevatedDiagnostics
[2011/07/16 14:17:25 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/07/16 01:45:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\.minecraft
[2011/07/06 21:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011/07/06 21:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2011/07/06 21:42:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Mozilla
[2011/07/06 21:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011/07/06 21:42:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\ICQ
[2011/07/06 21:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011/07/06 17:13:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Fiesta
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\texturepacks
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\saves
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\resources
[2011/07/01 14:17:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\stats
[2011/07/01 14:17:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\bin
[2011/06/30 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/06/30 17:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2011/06/30 17:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/06/30 17:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/06/29 18:10:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\ts3overlay
[2011/06/29 18:09:34 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\WinRAR
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 18:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/06/29 18:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/06/29 18:07:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2011/06/29 17:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/06/29 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/29 17:54:59 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/06/29 17:54:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/29 17:54:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/29 17:54:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/06/29 17:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/06/29 17:51:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\LogMeIn Hamachi
[2011/06/29 17:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/06/29 17:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2008/08/12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Users\ASUS\AppData\Local\*.tmp files -> C:\Users\ASUS\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/07/28 12:09:14 | 000,203,160 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2011/07/28 12:07:07 | 000,203,160 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2011/07/28 12:00:47 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/28 12:00:47 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/28 11:57:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/28 11:53:18 | 000,002,158 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/07/28 11:53:18 | 000,001,453 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/07/28 11:53:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/28 11:52:29 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/28 11:52:13 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/28 10:50:39 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/28 10:17:30 | 000,001,937 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/07/28 10:16:42 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2011/07/28 10:16:42 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011/07/28 00:44:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2011/07/28 00:17:04 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2011/07/27 23:36:21 | 1175,199,286 | ---- | M] () -- C:\Users\ASUS\Documents\clip0006.avi
[2011/07/27 22:31:33 | 3802,291,915 | ---- | M] () -- C:\Users\ASUS\Documents\clip0005.avi
[2011/07/27 21:51:18 | 012,707,496 | ---- | M] () -- C:\Users\ASUS\Documents\clip0004.avi
[2011/07/27 21:50:57 | 026,040,586 | ---- | M] () -- C:\Users\ASUS\Documents\clip0003.avi
[2011/07/27 20:38:59 | 214,771,614 | ---- | M] () -- C:\Users\ASUS\Documents\clip0002.avi
[2011/07/27 20:31:43 | 041,177,758 | ---- | M] () -- C:\Users\ASUS\Documents\clip0001.avi
[2011/07/27 20:28:51 | 000,000,937 | ---- | M] () -- C:\Users\ASUS\Desktop\HyperCam 2.lnk
[2011/07/27 20:10:10 | 000,000,155 | ---- | M] () -- C:\Windows\info1
[2011/07/26 14:41:58 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011/07/26 14:41:58 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011/07/26 14:41:58 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011/07/26 14:41:58 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011/07/26 14:40:27 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011/07/26 14:39:58 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
[2011/07/26 14:02:29 | 000,123,784 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/07/26 14:02:29 | 000,088,288 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/07/22 18:32:29 | 000,001,971 | ---- | M] () -- C:\Users\ASUS\Desktop\He_Fights_all_Knight.png
[2011/07/21 22:07:11 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/07/21 17:00:29 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2011/07/21 16:41:04 | 593,954,668 | ---- | M] (InstallShield Software Corporation) -- C:\Users\ASUS\Desktop\S4League.exe
[2011/07/17 03:24:20 | 004,636,907 | ---- | M] () -- C:\Windows\geoiplist
[2011/07/16 13:54:11 | 000,270,142 | ---- | M] () -- C:\Users\ASUS\Minecraft.exe
[2011/07/09 10:45:17 | 311,888,518 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/02 15:01:11 | 000,000,000 | ---- | M] () -- C:\Users\ASUS\AppData\Local\{BFA1C75D-2684-4A9E-AFDD-FA8B59E089D2}
[2011/07/01 09:54:42 | 049,089,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/06/29 18:07:37 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/29 17:54:51 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/06/29 17:54:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/29 17:54:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/29 17:54:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[1 C:\Users\ASUS\AppData\Local\*.tmp files -> C:\Users\ASUS\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/07/28 10:50:39 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/27 23:29:11 | 1175,199,286 | ---- | C] () -- C:\Users\ASUS\Documents\clip0006.avi
[2011/07/27 21:51:46 | 3802,291,915 | ---- | C] () -- C:\Users\ASUS\Documents\clip0005.avi
[2011/07/27 21:51:11 | 012,707,496 | ---- | C] () -- C:\Users\ASUS\Documents\clip0004.avi
[2011/07/27 21:50:47 | 026,040,586 | ---- | C] () -- C:\Users\ASUS\Documents\clip0003.avi
[2011/07/27 20:31:53 | 214,771,614 | ---- | C] () -- C:\Users\ASUS\Documents\clip0002.avi
[2011/07/27 20:30:16 | 041,177,758 | ---- | C] () -- C:\Users\ASUS\Documents\clip0001.avi
[2011/07/27 20:28:11 | 000,000,937 | ---- | C] () -- C:\Users\ASUS\Desktop\HyperCam 2.lnk
[2011/07/26 14:41:58 | 005,589,370 | ---- | C] () -- C:\Windows\phoenix.rar
[2011/07/26 14:41:58 | 001,075,284 | ---- | C] () -- C:\Windows\rpcminer.rar
[2011/07/26 14:41:58 | 000,182,617 | ---- | C] () -- C:\Windows\ufa.rar
[2011/07/26 14:40:27 | 000,000,000 | ---- | C] () -- C:\Windows\loader2.exe_ok
[2011/07/26 14:40:05 | 000,000,155 | ---- | C] () -- C:\Windows\info1
[2011/07/26 14:39:59 | 004,636,907 | ---- | C] () -- C:\Windows\geoiplist
[2011/07/26 14:39:58 | 000,904,792 | ---- | C] () -- C:\Windows\geoiplist.rar
[2011/07/26 14:39:58 | 000,246,272 | ---- | C] () -- C:\Windows\unrar.exe
[2011/07/22 18:32:29 | 000,001,971 | ---- | C] () -- C:\Users\ASUS\Desktop\He_Fights_all_Knight.png
[2011/07/21 22:07:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/07/21 17:00:29 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2011/07/16 13:54:07 | 000,270,142 | ---- | C] () -- C:\Users\ASUS\Minecraft.exe
[2011/07/02 15:01:11 | 000,000,000 | ---- | C] () -- C:\Users\ASUS\AppData\Local\{BFA1C75D-2684-4A9E-AFDD-FA8B59E089D2}
[2011/06/29 18:07:37 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/15 14:04:13 | 000,000,244 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2009/12/03 09:58:33 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009/12/03 09:58:21 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/12/03 09:38:38 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/12/03 09:00:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/09/16 22:08:27 | 000,001,016 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/08/19 10:33:09 | 000,018,944 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/01 10:10:50 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2006/05/19 13:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA

< End of report >

hjtscanlist:
[code]

Drumming 28.07.2011 11:54

hjtscanlist:
Code:

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
                        º                                    º
                                    hjtscanlist v2.0             
                        º                                    º
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [Version 6.1.7600]
 
 
C:

      C:\pagefile.sys ---------   
      C:\hiberfil.sys ---------   
  28.07.2011 11:50    C:\Windows --------- 40960 
  28.07.2011 10:50    C:\ProgramData --------- 8192 
  28.07.2011 10:50    C:\Program Files (x86) --------- 20480 
  28.07.2011 00:54    C:\System Volume Information --------- 4096 
  27.07.2011 20:28    C:\Program Files --------- 8192 
  26.07.2011 14:48    C:\ATI --------- 0 
  22.07.2011 13:58    C:\FirefoxPortable --------- 4096 
  15.06.2011 23:24    C:\ProcasterInstaller.log --------- 388652 
  03.06.2011 17:09    C:\Fraps --------- 4096 
  19.05.2011 12:02    C:\asus.dat --------- 4096 
  19.05.2011 12:01    C:\$Recycle.Bin --------- 0 
  19.05.2011 11:46    C:\Users --------- 4096 
  19.05.2011 11:44    C:\Recovery --------- 0 
  03.12.2009 10:02    C:\devlist.txt --------- 13444 
  03.12.2009 10:01    C:\Finish.log --------- 9 
  03.12.2009 09:58    C:\setup.log --------- 90 
  03.12.2009 09:52    C:\inject.log.txt --------- 743079 
  03.12.2009 09:51    C:\Temp --------- 8192 
  03.12.2009 09:18    C:\SumHidd.txt --------- 170 
  03.12.2009 09:16    C:\SumOS.txt --------- 98 
  03.12.2009 09:05    C:\MSOCache --------- 0 
  02.12.2009 19:27    C:\Pass.txt --------- 146 
  10.11.2009 05:02    C:\Patch_Win7.log --------- 196 
  30.10.2009 08:40    C:\K40AB_K50AB_K40AD_K50AD_WIN7.30 --------- 19 
  30.10.2009 04:01    C:\K50ADAS.BIN --------- 1048576 
  30.10.2009 03:17    C:\K40ADAS.BIN --------- 1048576 
  27.10.2009 03:58    C:\K50ABAS.BIN --------- 1048576 
  27.10.2009 03:20    C:\K40ABAS.BIN --------- 1048576 
  16.09.2009 20:04    C:\v82.txt --------- 24 
  25.08.2009 02:10    C:\RECOVERY.DAT --------- 26 
  29.07.2009 08:03    C:\BOOTSECT.BAK --------- 8192 
  29.07.2009 08:03    C:\Boot --------- 4096 
  14.07.2009 07:08    C:\Documents and Settings --------- 0 
  14.07.2009 05:20    C:\PerfLogs --------- 0 
  14.07.2009 03:38    C:\bootmgr --------- 383562 
  02.07.2009 09:17    C:\Nero.Log --------- 37 
  15.06.2009 13:11    C:\AdobeReader.log --------- 54 
  12.06.2009 03:32    C:\OFFICE2007_L.TXT --------- 57 
----------------------------------------

 
C:\Windows

  28.07.2011 11:56    C:\Windows\WindowsUpdate.log --------- 577147 
  28.07.2011 11:52    C:\Windows\setupact.log --------- 42074 
  28.07.2011 11:52    C:\Windows\bootstat.dat --------- 67584 
  28.07.2011 11:17    C:\Windows\iecheck_iplist.txt --------- 12413 
  28.07.2011 11:16    C:\Windows\btc_client_iplist.txt --------- 10935 
  28.07.2011 11:16    C:\Windows\iplist.txt --------- 10929 
  28.07.2011 10:17    C:\Windows\proc_list1.log --------- 1672 
  27.07.2011 20:10    C:\Windows\info1 --------- 155 
  26.07.2011 17:07    C:\Windows\front_ip_list.txt --------- 9474 
  26.07.2011 14:41    C:\Windows\unrar.exe --------- 246272 
  26.07.2011 14:41    C:\Windows\ufa.rar --------- 182617 
  26.07.2011 14:41    C:\Windows\phoenix.rar --------- 5589370 
  26.07.2011 14:41    C:\Windows\rpcminer.rar --------- 1075284 
  26.07.2011 14:40    C:\Windows\loader2.exe_ok --------- 0 
  26.07.2011 14:40    C:\Windows\winsetupapi.log --------- 11 
  26.07.2011 14:39    C:\Windows\geoiplist.rar --------- 904792 
  26.07.2011 14:23    C:\Windows\winlog-ids.txt --------- 5 
  26.07.2011 14:23    C:\Windows\winlog-dirs.txt --------- 52 
  23.07.2011 02:33    C:\Windows\TMFilter.log --------- 432 
  22.07.2011 18:11    C:\Windows\PFRO.log --------- 6322 
  21.07.2011 22:07    C:\Windows\nsreg.dat --------- 0 
  17.07.2011 03:24    C:\Windows\geoiplist --------- 4636907 
  09.07.2011 10:45    C:\Windows\MEMORY.DMP --------- 311888518 
  15.06.2011 14:04    C:\Windows\ODBCINST.INI --------- 244 
  19.05.2011 12:04    C:\Windows\win.ini --------- 640 
  19.05.2011 12:01    C:\Windows\PQArecord.log --------- 1567 
  19.05.2011 12:01    C:\Windows\AsCDProc.log --------- 211506 
  19.05.2011 12:01    C:\Windows\AsDebug.log --------- 5209586 
  19.05.2011 11:53    C:\Windows\DirectX.log --------- 31343 
  19.05.2011 11:53    C:\Windows\0”z --------- 20 
  19.05.2011 11:47    C:\Windows\FixPatch.log --------- 194 
  03.12.2009 10:01    C:\Windows\AsChkDev.txt --------- 61126 
  03.12.2009 09:58    C:\Windows\AsScrProlog.exe --------- 47672 
  03.12.2009 09:58    C:\Windows\ASUS Camera ScreenSaver.exe --------- 4814371 
  03.12.2009 09:58    C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe --------- 281144 
  03.12.2009 09:58    C:\Windows\AsScrPro.exe --------- 3054136 
  03.12.2009 09:51    C:\Windows\DPINST.LOG --------- 5684 
  03.12.2009 09:49    C:\Windows\explorer.exe --------- 2868224 
  03.12.2009 09:01    C:\Windows\TSSysprep.log --------- 3540 
  03.12.2009 09:00    C:\Windows\ativpsrm.bin --------- 0 
  02.12.2009 18:03    C:\Windows\DtcInstall.log --------- 3043 
  11.11.2009 11:34    C:\Windows\csup.txt --------- 10 
  02.11.2009 13:33    C:\Windows\OOBEPlayer.exe --------- 18944 
  22.09.2009 11:27    C:\Windows\OOBEPlayer.ini --------- 35 
  07.08.2009 09:31    C:\Windows\atiogl.xml --------- 18618 
  29.07.2009 20:37    C:\Windows\FullScreen.wmv --------- 26541350 
  14.07.2009 06:54    C:\Windows\WindowsShell.Manifest --------- 749 
  14.07.2009 06:51    C:\Windows\setuperr.log --------- 0 
  14.07.2009 03:39    C:\Windows\write.exe --------- 10240 
  14.07.2009 03:39    C:\Windows\splwow64.exe --------- 61952 
  14.07.2009 03:39    C:\Windows\regedit.exe --------- 427008 
  14.07.2009 03:39    C:\Windows\notepad.exe --------- 193536 
  14.07.2009 03:39    C:\Windows\hh.exe --------- 16896 
  14.07.2009 03:39    C:\Windows\HelpPane.exe --------- 733696 
  14.07.2009 03:39    C:\Windows\fveupdate.exe --------- 15360 
  14.07.2009 03:38    C:\Windows\bfsvc.exe --------- 71168 
  14.07.2009 03:16    C:\Windows\twain_32.dll --------- 51200 
  14.07.2009 03:14    C:\Windows\winhlp32.exe --------- 9728 
  14.07.2009 03:14    C:\Windows\twunk_32.exe --------- 31232 
  14.07.2009 01:06    C:\Windows\mib.bin --------- 43131 
  01.07.2009 10:10    C:\Windows\explorer.exe.config --------- 176 
  10.06.2009 23:41    C:\Windows\twunk_16.exe --------- 49680 
  10.06.2009 23:41    C:\Windows\twain.dll --------- 94784 
  10.06.2009 23:08    C:\Windows\system.ini --------- 219 
  10.06.2009 22:52    C:\Windows\WMSysPr9.prx --------- 316640 
  10.06.2009 22:36    C:\Windows\msdfmap.ini --------- 1405 
  10.06.2009 22:31    C:\Windows\Starter.xml --------- 48201 
  10.06.2009 22:30    C:\Windows\HomePremium.xml --------- 48265 
  05.12.2008 00:19    C:\Windows\WLXPGSS.SCR --------- 308584 
  11.04.2007 09:34    C:\Windows\difxapi.dll --------- 414632 
  19.05.2006 13:53    C:\Windows\snp2uvc.src --------- 13022 
  19.05.2006 13:39    C:\Windows\snp2uvc.ini --------- 15497 
  22.02.2003 06:42    C:\Windows\msvcr71.dll --------- 348160 
  15.07.2000 10:00    C:\Windows\MSVCRTD.DLL --------- 434252 
  23.06.2000 22:46    C:\Windows\WMPrfPtg.prx --------- 35916 
  23.06.2000 22:46    C:\Windows\WMPrfJpn.prx --------- 23304 
  23.06.2000 22:46    C:\Windows\WMPrfKor.prx --------- 22338 
  23.06.2000 22:46    C:\Windows\WMPrfIta.prx --------- 35680 
  23.06.2000 22:46    C:\Windows\WMPrfFra.prx --------- 37916 
  23.06.2000 22:46    C:\Windows\WMPrfEsp.prx --------- 35590 
  23.06.2000 22:46    C:\Windows\WMPrfDeu.prx --------- 33820 
  23.06.2000 22:46    C:\Windows\WMPrfCht.prx --------- 18804 
  23.06.2000 22:46    C:\Windows\WMPrfChs.prx --------- 19492 
----------------------------------------

 
C:\Windows\System

----------------------------------------

 
C:\Windows\System32

 28.07.2011 12:04    C:\Windows\system32\config --------- 49152 
 28.07.2011 12:00    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 10016 
 28.07.2011 12:00    C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 10016 
 28.07.2011 11:53    C:\Windows\system32\AutoRunFilter.ini --------- 2158 
 28.07.2011 11:53    C:\Windows\system32\ServiceFilter.ini --------- 1453 
 28.07.2011 10:50    C:\Windows\system32\drivers --------- 65536 
 27.07.2011 21:31    C:\Windows\system32\NDF --------- 4096 
 26.07.2011 23:56    C:\Windows\system32\catroot2 --------- 20480 
 26.07.2011 15:00    C:\Windows\system32\catroot --------- 4096 
 26.07.2011 15:00    C:\Windows\system32\DriverStore --------- 4096 
 22.07.2011 15:07    C:\Windows\system32\Tasks --------- 4096 
 09.07.2011 23:32    C:\Windows\system32\Service --------- 4096 
 01.07.2011 16:19    C:\Windows\system32\wdi --------- 4096 
 01.07.2011 10:31    C:\Windows\system32\MRT.exe --------- 50867144 
 20.06.2011 14:51    C:\Windows\system32\winrm --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\oobe --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\migwiz --------- 8192 
 20.06.2011 14:51    C:\Windows\system32\Boot --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\slmgr --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\sysprep --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\Setup --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\migration --------- 8192 
 20.06.2011 14:51    C:\Windows\system32\WCN --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\Dism --------- 4096 
 20.06.2011 14:51    C:\Windows\system32\MUI --------- 4096 
 20.06.2011 14:50    C:\Windows\system32\Printing_Admin_Scripts --------- 4096 
 20.06.2011 14:50    C:\Windows\system32\wbem --------- 65536 
 20.06.2011 14:50    C:\Windows\system32\es-ES --------- 307200 
 20.06.2011 14:48    C:\Windows\system32\com --------- 4096 
 20.06.2011 14:41    C:\Windows\system32\pt-PT --------- 327680 
 20.06.2011 14:39    C:\Windows\system32\en-US --------- 192512 
 20.06.2011 14:36    C:\Windows\system32\nl-NL --------- 307200 
 20.06.2011 14:35    C:\Windows\system32\it-IT --------- 307200 
 20.06.2011 14:34    C:\Windows\system32\he-IL --------- 172032 
 20.06.2011 14:33    C:\Windows\system32\el-GR --------- 327680 
 20.06.2011 14:33    C:\Windows\system32\fr-FR --------- 307200 
 20.06.2011 14:31    C:\Windows\system32\zh-TW --------- 327680 
 12.06.2011 20:51    C:\Windows\system32\LogFiles --------- 4096 
 09.06.2011 19:14    C:\Windows\system32\perfh009.dat --------- 607190 
 09.06.2011 19:14    C:\Windows\system32\perfc009.dat --------- 103568 
 09.06.2011 19:14    C:\Windows\system32\perfh007.dat --------- 643866 
 09.06.2011 19:14    C:\Windows\system32\perfc007.dat --------- 126394 
 09.06.2011 19:14    C:\Windows\system32\PerfStringBackup.INI --------- 7024528 
 28.05.2011 14:56    C:\Windows\system32\frapsv64.dll --------- 71680 
 24.05.2011 23:44    C:\Windows\system32\OVDecode64.dll --------- 61952 
 24.05.2011 23:44    C:\Windows\system32\OpenCL.dll --------- 53760 
 24.05.2011 23:44    C:\Windows\system32\amdocl64.dll --------- 16672768 
 24.05.2011 19:14    C:\Windows\system32\MpSigStub.exe --------- 270720 
 23.05.2011 12:47    C:\Windows\system32\Defrag.ini --------- 80 
 23.05.2011 12:29    C:\Windows\system32\FNTCACHE.DAT --------- 452688 
 19.05.2011 20:43    C:\Windows\system32\license.rtf --------- 52953 
 19.05.2011 11:55    C:\Windows\system32\DRVSTORE --------- 0 
 19.05.2011 11:44    C:\Windows\system32\log --------- 0 
 19.05.2011 11:44    C:\Windows\system32\Recovery --------- 0 
 24.10.2010 00:56    C:\Windows\system32\CamCodec.dll --------- 49664 
 18.03.2010 09:36    C:\Windows\system32\mfc100fra.dll --------- 64336 
 18.03.2010 09:36    C:\Windows\system32\msvcp100.dll --------- 607568 
 18.03.2010 09:36    C:\Windows\system32\msvcr100.dll --------- 827728 
 18.03.2010 09:36    C:\Windows\system32\mfcm100u.dll --------- 91472 
 18.03.2010 09:36    C:\Windows\system32\mfcm100.dll --------- 91472 
 18.03.2010 09:36    C:\Windows\system32\mfc100u.dll --------- 5522768 
 18.03.2010 09:36    C:\Windows\system32\vcomp100.dll --------- 57168 
 18.03.2010 09:36    C:\Windows\system32\atl100.dll --------- 158536 
 18.03.2010 09:36    C:\Windows\system32\mfc100.dll --------- 5493576 
 18.03.2010 09:36    C:\Windows\system32\mfc100chs.dll --------- 36176 
 18.03.2010 09:36    C:\Windows\system32\mfc100cht.dll --------- 36176 
 18.03.2010 09:36    C:\Windows\system32\mfc100deu.dll --------- 64336 
 18.03.2010 09:36    C:\Windows\system32\mfc100enu.dll --------- 55120 
 18.03.2010 09:36    C:\Windows\system32\mfc100esn.dll --------- 63824 
 18.03.2010 09:36    C:\Windows\system32\mfc100rus.dll --------- 60752 
 18.03.2010 09:36    C:\Windows\system32\mfc100kor.dll --------- 43344 
 18.03.2010 09:36    C:\Windows\system32\mfc100ita.dll --------- 62288 
 18.03.2010 09:36    C:\Windows\system32\mfc100jpn.dll --------- 43856 
 03.12.2009 09:51    C:\Windows\system32\SRSLabs --------- 0 
 03.12.2009 09:51    C:\Windows\system32\msv1_0.dll --------- 311808 
 03.12.2009 09:51    C:\Windows\system32\msasn1.dll --------- 46592 
 03.12.2009 09:50    C:\Windows\system32\mshtml.dll --------- 9272320 
 03.12.2009 09:50    C:\Windows\system32\msfeedsbs.dll --------- 82944 
 03.12.2009 09:49    C:\Windows\system32\wmploc.DLL --------- 12625920 
 03.12.2009 09:49    C:\Windows\system32\wmp.dll --------- 14629376 
 03.12.2009 09:49    C:\Windows\system32\fontsub.dll --------- 100864 
 03.12.2009 09:49    C:\Windows\system32\atmfd.dll --------- 366080 
 03.12.2009 09:49    C:\Windows\system32\CertEnroll.dll --------- 1975296 
 03.12.2009 09:49    C:\Windows\system32\t2embed.dll --------- 148480 
 03.12.2009 09:45    C:\Windows\system32\OEM --------- 0 
 03.12.2009 09:05    C:\Windows\system32\restore --------- 0 
 02.10.2009 05:39    C:\Windows\system32\ATIDEMGX.dll --------- 446464 
 02.10.2009 05:38    C:\Windows\system32\atieclxx.exe --------- 439296 
 02.10.2009 05:38    C:\Windows\system32\atiesrxx.exe --------- 202752 
 02.10.2009 05:36    C:\Windows\system32\atitmm64.dll --------- 120320 
 02.10.2009 05:36    C:\Windows\system32\atipdl64.dll --------- 421376 
 02.10.2009 05:36    C:\Windows\system32\atimuixx.dll --------- 12288 
 02.10.2009 05:36    C:\Windows\system32\atiedu64.dll --------- 59392 
 02.10.2009 05:24    C:\Windows\system32\atidxx64.dll --------- 3599360 
 02.10.2009 05:17    C:\Windows\system32\atio6axx.dll --------- 16681984 
 02.10.2009 05:10    C:\Windows\system32\atiumd64.dll --------- 4649472 
 02.10.2009 05:02    C:\Windows\system32\atiumd6a.dll --------- 2519040 
 02.10.2009 05:00    C:\Windows\system32\atiumd6a.cap --------- 333904 
 02.10.2009 04:40    C:\Windows\system32\atimpc64.dll --------- 53248 
 02.10.2009 04:40    C:\Windows\system32\amdpcom64.dll --------- 53248 
----------------------------------------

 
C:\Windows\Prefetch

 23.05.2011 13:35    C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 338851 
 23.05.2011 13:35    C:\Windows\Prefetch\AgGlFaultHistory.db --------- 357203 
 23.05.2011 13:35    C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 1297268 
 23.05.2011 13:35    C:\Windows\Prefetch\AgRobust.db --------- 66384 
 23.05.2011 13:35    C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584 
 23.05.2011 13:05    C:\Windows\Prefetch\ReadyBoot --------- 0 
 19.05.2011 11:47    C:\Windows\Prefetch\AgAppLaunch.db --------- 334168 
----------------------------------------

 
C:\Windows\Tasks

 28.07.2011 11:57    C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1106 
 28.07.2011 11:53    C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1102 
 28.07.2011 11:52    C:\Windows\Tasks\SA.DAT --------- 6 
 19.07.2011 12:32    C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632 
----------------------------------------

 
C:\Windows\Temp

 28.07.2011 12:21    C:\Windows\Temp\MpCmdRun.log --------- 11514 
 28.07.2011 11:54    C:\Windows\Temp\lpksetup-20110728-115414-0.log --------- 2650 
 28.07.2011 11:53    C:\Windows\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb --------- 3596 
 28.07.2011 11:52    C:\Windows\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb --------- 3596 
 28.07.2011 11:51    C:\Windows\Temp\fwtsqmfile17.sqm --------- 608 
 28.07.2011 11:17    C:\Windows\Temp\js_vk_1 --------- 7164 
 28.07.2011 11:17    C:\Windows\Temp\js_vk_0 --------- 13317 
 28.07.2011 10:58    C:\Windows\Temp\GoogleToolbarInstaller1.log --------- 18180 
 28.07.2011 10:18    C:\Windows\Temp\lpksetup-20110728-101726-0.log --------- 2650 
 28.07.2011 01:44    C:\Windows\Temp\WERC4E5.tmp.appcompat.txt --------- 31422 
 28.07.2011 01:44    C:\Windows\Temp\fwtsqmfile16.sqm --------- 608 
 28.07.2011 00:17    C:\Windows\Temp\lpksetup-20110728-001733-0.log --------- 2650 
 27.07.2011 23:36    C:\Windows\Temp\fwtsqmfile15.sqm --------- 608 
 27.07.2011 23:07    C:\Windows\Temp\lpksetup-20110727-230713-0.log --------- 2650 
 27.07.2011 23:04    C:\Windows\Temp\fwtsqmfile14.sqm --------- 608 
 27.07.2011 21:37    C:\Windows\Temp\lpksetup-20110727-213710-0.log --------- 2650 
 27.07.2011 21:34    C:\Windows\Temp\fwtsqmfile13.sqm --------- 608 
 27.07.2011 20:11    C:\Windows\Temp\lpksetup-20110727-201049-0.log --------- 2650 
 26.07.2011 23:56    C:\Windows\Temp\xx1885 --------- 0 
 26.07.2011 23:56    C:\Windows\Temp\xx1884 --------- 0 
 26.07.2011 23:56    C:\Windows\Temp\xx1886 --------- 0 
 26.07.2011 23:56    C:\Windows\Temp\xx1887 --------- 0 
 26.07.2011 23:56    C:\Windows\Temp\xx1883 --------- 0 
 26.07.2011 23:54    C:\Windows\Temp\fwtsqmfile12.sqm --------- 608 
 26.07.2011 22:36    C:\Windows\Temp\lpksetup-20110726-223518-0.log --------- 2650 
 26.07.2011 16:27    C:\Windows\Temp\fwtsqmfile11.sqm --------- 608 
 26.07.2011 15:16    C:\Windows\Temp\MpSigStub.log --------- 3442 
 26.07.2011 15:13    C:\Windows\Temp\OCL59D5.tmp --------- 0 
 26.07.2011 15:13    C:\Windows\Temp\OCL3987.tmp --------- 0 
 26.07.2011 15:00    C:\Windows\Temp\x86 --------- 0 
 26.07.2011 15:00    C:\Windows\Temp\amd64 --------- 0 
 26.07.2011 14:45    C:\Windows\Temp\488025.exe --------- 643072 
 26.07.2011 14:44    C:\Windows\Temp\268349748_ati.exe --------- 90660504 
 26.07.2011 14:41    C:\Windows\Temp\332159.exe --------- 495616 
 26.07.2011 14:40    C:\Windows\Temp\841380.exe --------- 348672 
 26.07.2011 14:38    C:\Windows\Temp\lpksetup-20110726-143801-0.log --------- 2650 
 26.07.2011 14:33    C:\Windows\Temp\fwtsqmfile10.sqm --------- 608 
 26.07.2011 14:23    C:\Windows\Temp\bcdedit32.exe --------- 294912 
 26.07.2011 14:03    C:\Windows\Temp\AskSLib.dll --------- 12590 
 26.07.2011 13:58    C:\Windows\Temp\lpksetup-20110726-135814-0.log --------- 2650 
 25.07.2011 07:47    C:\Windows\Temp\fwtsqmfile09.sqm --------- 608 
 25.07.2011 07:37    C:\Windows\Temp\lpksetup-20110725-073644-0.log --------- 2650 
 24.07.2011 23:56    C:\Windows\Temp\fwtsqmfile08.sqm --------- 608 
 24.07.2011 22:51    C:\Windows\Temp\lpksetup-20110724-225046-0.log --------- 2650 
 24.07.2011 20:27    C:\Windows\Temp\lpksetup-20110724-202715-0.log --------- 2650 
 24.07.2011 18:06    C:\Windows\Temp\lpksetup-20110724-180614-0.log --------- 2650 
 24.07.2011 16:14    C:\Windows\Temp\fwtsqmfile07.sqm --------- 608 
 24.07.2011 16:04    C:\Windows\Temp\lpksetup-20110724-160402-0.log --------- 2650 
 24.07.2011 00:29    C:\Windows\Temp\fwtsqmfile06.sqm --------- 608 
 23.07.2011 18:41    C:\Windows\Temp\lpksetup-20110723-184041-0.log --------- 2650 
 23.07.2011 13:29    C:\Windows\Temp\fwtsqmfile05.sqm --------- 608 
 23.07.2011 13:02    C:\Windows\Temp\lpksetup-20110723-130134-0.log --------- 2650 
 23.07.2011 02:33    C:\Windows\Temp\fwtsqmfile04.sqm --------- 608 
 23.07.2011 01:45    C:\Windows\Temp\lpksetup-20110723-014529-0.log --------- 2650 
 22.07.2011 18:43    C:\Windows\Temp\fwtsqmfile03.sqm --------- 608 
 22.07.2011 18:13    C:\Windows\Temp\lpksetup-20110722-181338-0.log --------- 2650 
 22.07.2011 17:29    C:\Windows\Temp\fwtsqmfile02.sqm --------- 608 
 22.07.2011 11:09    C:\Windows\Temp\lpksetup-20110722-110840-0.log --------- 2650 
 22.07.2011 01:32    C:\Windows\Temp\fwtsqmfile01.sqm --------- 608 
 21.07.2011 19:10    C:\Windows\Temp\lpksetup-20110721-191027-0.log --------- 2650 
 21.07.2011 18:06    C:\Windows\Temp\fwtsqmfile00.sqm --------- 608 
 21.07.2011 16:18    C:\Windows\Temp\lpksetup-20110721-161800-0.log --------- 2650 
 21.07.2011 15:48    C:\Windows\Temp\fwtsqmfile19.sqm --------- 608 
 21.07.2011 15:07    C:\Windows\Temp\lpksetup-20110721-150735-0.log --------- 2650 
 21.07.2011 14:54    C:\Windows\Temp\fwtsqmfile18.sqm --------- 608 
 21.07.2011 14:39    C:\Windows\Temp\lpksetup-20110721-143854-0.log --------- 2650 
 21.07.2011 14:32    C:\Windows\Temp\WER9251.tmp.appcompat.txt --------- 80550 
 21.07.2011 13:25    C:\Windows\Temp\lpksetup-20110721-132447-0.log --------- 2642 
 20.07.2011 23:34    C:\Windows\Temp\lpksetup-20110720-233415-0.log --------- 2650 
 20.07.2011 05:57    C:\Windows\Temp\lpksetup-20110720-055725-0.log --------- 2650 
 19.07.2011 17:05    C:\Windows\Temp\lpksetup-20110719-170517-0.log --------- 2650 
 19.07.2011 12:34    C:\Windows\Temp\lpksetup-20110719-123357-0.log --------- 2650 
 19.07.2011 00:26    C:\Windows\Temp\lpksetup-20110719-002612-0.log --------- 2650 
 18.07.2011 17:37    C:\Windows\Temp\lpksetup-20110718-173708-0.log --------- 2650 
 18.07.2011 14:38    C:\Windows\Temp\lpksetup-20110718-143756-0.log --------- 2650 
 18.07.2011 00:01    C:\Windows\Temp\lpksetup-20110718-000121-0.log --------- 2650 
 17.07.2011 13:03    C:\Windows\Temp\lpksetup-20110717-130314-0.log --------- 2650 
 17.07.2011 00:22    C:\Windows\Temp\lpksetup-20110717-002146-0.log --------- 2650 
 16.07.2011 18:53    C:\Windows\Temp\xx141 --------- 0 
 16.07.2011 18:53    C:\Windows\Temp\xx137 --------- 0 
 16.07.2011 18:53    C:\Windows\Temp\xx140 --------- 0 
 16.07.2011 18:53    C:\Windows\Temp\xx139 --------- 0 
 16.07.2011 18:53    C:\Windows\Temp\xx138 --------- 0 
 16.07.2011 18:25    C:\Windows\Temp\lpksetup-20110716-182504-0.log --------- 2650 
 16.07.2011 11:53    C:\Windows\Temp\lpksetup-20110716-115300-0.log --------- 2650 
 16.07.2011 01:49    C:\Windows\Temp\xx1569 --------- 0 
 16.07.2011 01:49    C:\Windows\Temp\xx1570 --------- 0 
 16.07.2011 01:49    C:\Windows\Temp\xx1571 --------- 0 
 16.07.2011 01:49    C:\Windows\Temp\xx1568 --------- 0 
 16.07.2011 01:49    C:\Windows\Temp\xx1572 --------- 0 
 15.07.2011 16:27    C:\Windows\Temp\lpksetup-20110715-162732-0.log --------- 2650 
 14.07.2011 19:10    C:\Windows\Temp\lpksetup-20110714-191018-0.log --------- 2650 
 14.07.2011 11:10    C:\Windows\Temp\lpksetup-20110714-110951-0.log --------- 2650 
 13.07.2011 21:30    C:\Windows\Temp\WERA9E.tmp.appcompat.txt --------- 80776 
 13.07.2011 17:50    C:\Windows\Temp\lpksetup-20110713-175030-0.log --------- 2650 
 13.07.2011 14:10    C:\Windows\Temp\lpksetup-20110713-141009-0.log --------- 2650 
 13.07.2011 00:26    C:\Windows\Temp\WERCE1C.tmp.appcompat.txt --------- 77178 
 12.07.2011 20:13    C:\Windows\Temp\lpksetup-20110712-201325-0.log --------- 2650 
 12.07.2011 00:15    C:\Windows\Temp\WER73CB.tmp.appcompat.txt --------- 102250 
 11.07.2011 21:37    C:\Windows\Temp\lpksetup-20110711-213724-0.log --------- 2650 
 11.07.2011 18:01    C:\Windows\Temp\WERC39E.tmp.appcompat.txt --------- 95044 
 11.07.2011 15:51    C:\Windows\Temp\lpksetup-20110711-155038-0.log --------- 2650 
 11.07.2011 14:01    C:\Windows\Temp\lpksetup-20110711-140054-0.log --------- 2650 
 11.07.2011 10:45    C:\Windows\Temp\lpksetup-20110711-104515-0.log --------- 2650 
 10.07.2011 12:41    C:\Windows\Temp\WER86CC.tmp.appcompat.txt --------- 82434 
 10.07.2011 11:53    C:\Windows\Temp\lpksetup-20110710-115309-0.log --------- 2650 
 10.07.2011 11:50    C:\Windows\Temp\xx200 --------- 0 
 10.07.2011 11:50    C:\Windows\Temp\xx201 --------- 0 
 10.07.2011 11:50    C:\Windows\Temp\xx198 --------- 0 
 10.07.2011 11:50    C:\Windows\Temp\xx199 --------- 0 
 10.07.2011 11:50    C:\Windows\Temp\xx197 --------- 0 
 10.07.2011 11:22    C:\Windows\Temp\lpksetup-20110710-112219-0.log --------- 2650 
 10.07.2011 00:57    C:\Windows\Temp\lpksetup-20110710-005635-0.log --------- 2650 
 10.07.2011 00:19    C:\Windows\Temp\WER1074.tmp.appcompat.txt --------- 106056 
 09.07.2011 23:33    C:\Windows\Temp\lpksetup-20110709-233256-0.log --------- 2650 
 09.07.2011 10:47    C:\Windows\Temp\lpksetup-20110709-104718-0.log --------- 2650 
 09.07.2011 01:03    C:\Windows\Temp\WER2D29.tmp.appcompat.txt --------- 99906 
 08.07.2011 22:59    C:\Windows\Temp\lpksetup-20110708-225844-0.log --------- 2650 
 08.07.2011 19:14    C:\Windows\Temp\lpksetup-20110708-191340-0.log --------- 2650 
 08.07.2011 18:24    C:\Windows\Temp\WERCFDC.tmp.appcompat.txt --------- 80550 
 08.07.2011 17:44    C:\Windows\Temp\lpksetup-20110708-174354-0.log --------- 2650 
 08.07.2011 13:43    C:\Windows\Temp\WER674D.tmp.appcompat.txt --------- 106056 
 08.07.2011 10:41    C:\Windows\Temp\lpksetup-20110708-104049-0.log --------- 2650 
 07.07.2011 17:59    C:\Windows\Temp\lpksetup-20110707-175831-0.log --------- 2642 
 07.07.2011 12:25    C:\Windows\Temp\lpksetup-20110707-122446-0.log --------- 2650 
 07.07.2011 11:10    C:\Windows\Temp\lpksetup-20110707-110950-0.log --------- 2650 
 06.07.2011 22:42    C:\Windows\Temp\xx3564 --------- 0 
 06.07.2011 22:42    C:\Windows\Temp\xx3566 --------- 0 
 06.07.2011 22:42    C:\Windows\Temp\xx3567 --------- 0 
 06.07.2011 22:42    C:\Windows\Temp\xx3565 --------- 0 
 06.07.2011 22:42    C:\Windows\Temp\xx3563 --------- 0 
 06.07.2011 14:01    C:\Windows\Temp\lpksetup-20110706-140130-0.log --------- 2650 
 05.07.2011 22:53    C:\Windows\Temp\WERA1DB.tmp.appcompat.txt --------- 80550 
 05.07.2011 21:33    C:\Windows\Temp\lpksetup-20110705-213313-0.log --------- 2650 
 05.07.2011 18:50    C:\Windows\Temp\lpksetup-20110705-185008-0.log --------- 2650 
 05.07.2011 12:59    C:\Windows\Temp\lpksetup-20110705-125924-0.log --------- 2650 
 05.07.2011 00:10    C:\Windows\Temp\WER3810.tmp.appcompat.txt --------- 80776 
 04.07.2011 23:54    C:\Windows\Temp\lpksetup-20110704-235400-0.log --------- 2650 
 04.07.2011 19:22    C:\Windows\Temp\lpksetup-20110704-192208-0.log --------- 2642 
 04.07.2011 17:20    C:\Windows\Temp\xx647 --------- 0 
 04.07.2011 14:52    C:\Windows\Temp\lpksetup-20110704-145210-0.log --------- 2650 
 03.07.2011 19:18    C:\Windows\Temp\lpksetup-20110703-191726-0.log --------- 2650 
 03.07.2011 16:35    C:\Windows\Temp\lpksetup-20110703-163517-0.log --------- 2650 
 03.07.2011 12:24    C:\Windows\Temp\lpksetup-20110703-122419-0.log --------- 2650 
 02.07.2011 16:46    C:\Windows\Temp\lpksetup-20110702-164558-0.log --------- 2650 
 02.07.2011 15:01    C:\Windows\Temp\xx375 --------- 0 
 02.07.2011 15:01    C:\Windows\Temp\xx374 --------- 0 
 02.07.2011 15:01    C:\Windows\Temp\xx373 --------- 0 
 02.07.2011 15:01    C:\Windows\Temp\xx372 --------- 0 
 02.07.2011 15:01    C:\Windows\Temp\xx376 --------- 0 
 02.07.2011 15:01    C:\Windows\Temp\GUR4186.tmp --------- 0 
 02.07.2011 11:42    C:\Windows\Temp\Google Toolbar --------- 0 
 02.07.2011 11:41    C:\Windows\Temp\GoogleToolbarInstaller2.log --------- 935 
 02.07.2011 11:20    C:\Windows\Temp\lpksetup-20110702-112010-0.log --------- 2650 
 02.07.2011 08:42    C:\Windows\Temp\lpksetup-20110702-084134-0.log --------- 2650 
 01.07.2011 19:42    C:\Windows\Temp\lpksetup-20110701-194157-0.log --------- 2650 
 01.07.2011 16:18    C:\Windows\Temp\lpksetup-20110701-161828-0.log --------- 2650 
 01.07.2011 13:25    C:\Windows\Temp\lpksetup-20110701-132441-0.log --------- 2650 
 01.07.2011 00:05    C:\Windows\Temp\lpksetup-20110701-000508-0.log --------- 2650 
 30.06.2011 17:15    C:\Windows\Temp\lpksetup-20110630-171448-0.log --------- 2650 
 30.06.2011 16:11    C:\Windows\Temp\lpksetup-20110630-161056-0.log --------- 2650 
 30.06.2011 13:30    C:\Windows\Temp\lpksetup-20110630-132958-0.log --------- 2650 
 29.06.2011 22:03    C:\Windows\Temp\lpksetup-20110629-220303-0.log --------- 2650 
 29.06.2011 17:46    C:\Windows\Temp\lpksetup-20110629-174633-0.log --------- 2650 
 29.06.2011 12:43    C:\Windows\Temp\lpksetup-20110629-124257-0.log --------- 2650 
 28.06.2011 21:35    C:\Windows\Temp\lpksetup-20110628-213442-0.log --------- 2650 
 28.06.2011 12:56    C:\Windows\Temp\lpksetup-20110628-125543-0.log --------- 2650 
 27.06.2011 21:33    C:\Windows\Temp\WER66BF.tmp.appcompat.txt --------- 67118 
 27.06.2011 19:36    C:\Windows\Temp\lpksetup-20110627-193615-0.log --------- 2650 
 27.06.2011 16:19    C:\Windows\Temp\lpksetup-20110627-161922-0.log --------- 2650 
 26.06.2011 21:29    C:\Windows\Temp\WER3D22.tmp.appcompat.txt --------- 22656 
 26.06.2011 18:28    C:\Windows\Temp\lpksetup-20110626-182809-0.log --------- 2650 
 26.06.2011 11:23    C:\Windows\Temp\lpksetup-20110626-112315-0.log --------- 2650 
 24.06.2011 14:23    C:\Windows\Temp\lpksetup-20110624-142307-0.log --------- 2650 
 23.06.2011 23:00    C:\Windows\Temp\WER8FE3.tmp.appcompat.txt --------- 5032 
 23.06.2011 19:55    C:\Windows\Temp\lpksetup-20110623-195510-0.log --------- 2650 
 23.06.2011 17:43    C:\Windows\Temp\lpksetup-20110623-174328-0.log --------- 2650 
 23.06.2011 16:41    C:\Windows\Temp\WER2629.tmp.appcompat.txt --------- 39940 
 23.06.2011 13:28    C:\Windows\Temp\lpksetup-20110623-132806-0.log --------- 2650 
 22.06.2011 20:11    C:\Windows\Temp\WERF18F.tmp.appcompat.txt --------- 44138 
 22.06.2011 19:52    C:\Windows\Temp\lpksetup-20110622-195150-0.log --------- 2650 
 22.06.2011 13:34    C:\Windows\Temp\lpksetup-20110622-133346-0.log --------- 2650 
 22.06.2011 01:15    C:\Windows\Temp\WER6E7C.tmp.appcompat.txt --------- 65422 
 22.06.2011 00:12    C:\Windows\Temp\lpksetup-20110622-001244-0.log --------- 2650 
 21.06.2011 21:20    C:\Windows\Temp\lpksetup-20110621-211958-0.log --------- 2650 
 21.06.2011 20:10    C:\Windows\Temp\xx2066 --------- 0 
 21.06.2011 20:10    C:\Windows\Temp\xx2062 --------- 0 
 21.06.2011 20:10    C:\Windows\Temp\xx2065 --------- 0 
 21.06.2011 20:10    C:\Windows\Temp\xx2064 --------- 0 
 21.06.2011 20:10    C:\Windows\Temp\xx2063 --------- 0 
 21.06.2011 16:29    C:\Windows\Temp\lpksetup-20110621-162830-0.log --------- 2650 
 21.06.2011 13:33    C:\Windows\Temp\lpksetup-20110621-133307-0.log --------- 2650 
 20.06.2011 22:09    C:\Windows\Temp\WERDC9.tmp.appcompat.txt --------- 8342 
 20.06.2011 18:28    C:\Windows\Temp\lpksetup-20110620-182732-0.log --------- 4364 
 20.06.2011 15:05    C:\Windows\Temp\WER8B1F.tmp.appcompat.txt --------- 94592 
 20.06.2011 15:00    C:\Windows\Temp\lpksetup-20110620-145843-0.log --------- 950 
 20.06.2011 00:01    C:\Windows\Temp\xx2028 --------- 0 
 20.06.2011 00:01    C:\Windows\Temp\xx2031 --------- 0 
 20.06.2011 00:01    C:\Windows\Temp\xx2030 --------- 0 
 20.06.2011 00:01    C:\Windows\Temp\xx2029 --------- 0 
 20.06.2011 00:01    C:\Windows\Temp\xx2027 --------- 0 
 19.06.2011 22:55    C:\Windows\Temp\lpksetup-20110619-223031-0.log --------- 162750 
 18.06.2011 17:16    C:\Windows\Temp\WERE536.tmp.appcompat.txt --------- 11556 
 18.06.2011 00:12    C:\Windows\Temp\WERE3B1.tmp.appcompat.txt --------- 17574 
 17.06.2011 14:14    C:\Windows\Temp\WERAF14.tmp.appcompat.txt --------- 110180 
 15.06.2011 22:20    C:\Windows\Temp\WER4731.tmp.appcompat.txt --------- 82208 
 14.06.2011 19:35    C:\Windows\Temp\WER30C6.tmp.appcompat.txt --------- 81982 
 13.06.2011 23:38    C:\Windows\Temp\WER63B4.tmp.appcompat.txt --------- 42236 
 12.06.2011 12:43    C:\Windows\Temp\WER5E66.tmp.appcompat.txt --------- 81982 
 11.06.2011 23:13    C:\Windows\Temp\WER4C5E.tmp.appcompat.txt --------- 117964 
 11.06.2011 17:26    C:\Windows\Temp\WERD2AA.tmp.appcompat.txt --------- 92784 
 11.06.2011 00:51    C:\Windows\Temp\WERD723.tmp.appcompat.txt --------- 30970 
 10.06.2011 17:34    C:\Windows\Temp\WER312E.tmp.appcompat.txt --------- 126660 
 10.06.2011 14:45    C:\Windows\Temp\WERD7BA.tmp.appcompat.txt --------- 113670 
 09.06.2011 22:53    C:\Windows\Temp\WERB676.tmp.appcompat.txt --------- 27182 
 09.06.2011 17:32    C:\Windows\Temp\WER5C63.tmp.appcompat.txt --------- 85826 
 09.06.2011 15:44    C:\Windows\Temp\xx730 --------- 0 
 09.06.2011 15:44    C:\Windows\Temp\xx728 --------- 0 
 09.06.2011 15:44    C:\Windows\Temp\xx729 --------- 0 
 09.06.2011 15:44    C:\Windows\Temp\xx727 --------- 0 
 09.06.2011 15:44    C:\Windows\Temp\xx731 --------- 0 
 07.06.2011 13:02    C:\Windows\Temp\WERC591.tmp.appcompat.txt --------- 91766 
 04.06.2011 19:30    C:\Windows\Temp\WERC8AE.tmp.appcompat.txt --------- 94366 
 04.06.2011 00:48    C:\Windows\Temp\WER4081.tmp.appcompat.txt --------- 9890 
 03.06.2011 17:17    C:\Windows\Temp\WER403A.tmp.appcompat.txt --------- 167760 
 03.06.2011 17:16    C:\Windows\Temp\~temp-20110603_1715_43.avi --------- 180248576 
 03.06.2011 17:15    C:\Windows\Temp\~temp-20110603_1715_43.txt --------- 0 
 03.06.2011 17:14    C:\Windows\Temp\20110603_1714_27.avi --------- 113384960 
 03.06.2011 17:14    C:\Windows\Temp\20110603_1714_27.txt --------- 67 
 23.05.2011 12:30    C:\Windows\Temp\WER60A5.tmp.appcompat.txt --------- 125012 
 19.05.2011 11:48    C:\Windows\Temp\History --------- 0 
 19.05.2011 11:48    C:\Windows\Temp\Cookies --------- 0 
 19.05.2011 11:48    C:\Windows\Temp\Temporary Internet Files --------- 0 
 19.05.2011 11:46    C:\Windows\Temp\FXSAPIDebugLogFile.txt --------- 0 
 19.05.2011 11:46    C:\Windows\Temp\FXSTIFFDebugLogFile.txt --------- 0 
 04.11.2010 22:00    C:\Windows\Temp\AMDCatalyst_EXE_Package_Banner_415x82_Oct_2010.bmp --------- 102390 
 03.12.2009 09:34    C:\Windows\Temp\_tis_msiexecdb9.log --------- 1014668 
 03.12.2009 09:34    C:\Windows\Temp\02122009_TIS17_tismsi_S-1-5-21-3496300140-1810844875-3561447292-500.log --------- 6551766 
 03.12.2009 09:34    C:\Windows\Temp\tismsi --------- 4096 
 03.12.2009 09:33    C:\Windows\Temp\tmdbg.ini --------- 1406 
 03.12.2009 09:28    C:\Windows\Temp\MPTelemetrySubmit --------- 0 
 03.12.2009 09:00    C:\Windows\Temp\DMI3468.tmp --------- 0 
 02.12.2009 18:04    C:\Windows\Temp\WER2625.tmp.appcompat.txt --------- 118586 
 22.10.2009 06:55    C:\Windows\Temp\LOCAL1.cmd --------- 1131 
 29.07.2009 07:08    C:\Windows\Temp\TS_84B1.tmp --------- 327680 
 29.07.2009 07:08    C:\Windows\Temp\TS_7E3A.tmp --------- 196608 
 29.07.2009 07:08    C:\Windows\Temp\TS_6A2D.tmp --------- 720896 
 29.07.2009 07:08    C:\Windows\Temp\TS_680A.tmp --------- 262144 
 29.07.2009 07:08    C:\Windows\Temp\TS_5C75.tmp --------- 524288 
 29.07.2009 07:08    C:\Windows\Temp\TS_59D5.tmp --------- 262144 
 29.07.2009 07:08    C:\Windows\Temp\TS_4EEC.tmp --------- 458752 
 29.07.2009 07:07    C:\Windows\Temp\TS_45A7.tmp --------- 262144 
 29.07.2009 07:06    C:\Windows\Temp\DMIA83F.tmp --------- 0 
 09.12.2008 03:04    C:\Windows\Temp\LOCAL.cmd --------- 1290 
----------------------------------------

 
C:\Users\ASUS\AppData\Local\Temp

 28.07.2011 12:02    C:\Users\ASUS\AppData\Local\Temp\~DF0982F92F5377033F.TMP --------- 32768 
 28.07.2011 12:02    C:\Users\ASUS\AppData\Local\Temp\~DFB2EDCB7C2979C5BF.TMP --------- 16384 
 28.07.2011 11:58    C:\Users\ASUS\AppData\Local\Temp\jusched.log --------- 67089 
 28.07.2011 11:54    C:\Users\ASUS\AppData\Local\Temp\WPDNSE --------- 0 
 28.07.2011 11:54    C:\Users\ASUS\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb --------- 3596 
 28.07.2011 11:53    C:\Users\ASUS\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb --------- 3596 
 28.07.2011 11:43    C:\Users\ASUS\AppData\Local\Temp\Google Toolbar --------- 0 
 28.07.2011 10:51    C:\Users\ASUS\AppData\Local\Temp\~DFB46FF8F5CD16BEC7.TMP --------- 147456 
 28.07.2011 10:51    C:\Users\ASUS\AppData\Local\Temp\~DFB13B5B1B09FC276B.TMP --------- 147456 
 28.07.2011 10:41    C:\Users\ASUS\AppData\Local\Temp\StructuredQuery.log --------- 118027 
 28.07.2011 10:22    C:\Users\ASUS\AppData\Local\Temp\hsperfdata_ASUS --------- 0 
 28.07.2011 10:18    C:\Users\ASUS\AppData\Local\Temp\cacaonew068cb2.exe --------- 398064 
 28.07.2011 10:17    C:\Users\ASUS\AppData\Local\Temp\log115.txt --------- 50867 
 27.07.2011 23:16    C:\Users\ASUS\AppData\Local\Temp\xprt27c3.ico --------- 4286 
 27.07.2011 23:12    C:\Users\ASUS\AppData\Local\Temp\xprt5a9e.ico --------- 4286 
 27.07.2011 23:11    C:\Users\ASUS\AppData\Local\Temp\xprt4b9d.ico --------- 4286 
 27.07.2011 23:09    C:\Users\ASUS\AppData\Local\Temp\xprt7284.ico --------- 4286 
 27.07.2011 23:01    C:\Users\ASUS\AppData\Local\Temp\msdtadmin --------- 0 
 27.07.2011 23:01    C:\Users\ASUS\AppData\Local\Temp\xprt3835.ico --------- 4286 
 27.07.2011 22:57    C:\Users\ASUS\AppData\Local\Temp\xprt2b18.ico --------- 4286 
 27.07.2011 22:45    C:\Users\ASUS\AppData\Local\Temp\xprt2464.ico --------- 4286 
 27.07.2011 22:36    C:\Users\ASUS\AppData\Local\Temp\xprt4d7a.ico --------- 4286 
 27.07.2011 22:34    C:\Users\ASUS\AppData\Local\Temp\xprt37c3.ico --------- 4286 
 27.07.2011 22:33    C:\Users\ASUS\AppData\Local\Temp\xprt5724.ico --------- 4286 
 27.07.2011 21:49    C:\Users\ASUS\AppData\Local\Temp\delete.ini --------- 0 
 27.07.2011 21:49    C:\Users\ASUS\AppData\Local\Temp\maintenance.ini --------- 87 
 27.07.2011 20:29    C:\Users\ASUS\AppData\Local\Temp\InstallComplete --------- 0 
 27.07.2011 20:29    C:\Users\ASUS\AppData\Local\Temp\HyperCam.exe --------- 2295832 
 27.07.2011 20:28    C:\Users\ASUS\AppData\Local\Temp\xx.ini --------- 281 
 27.07.2011 20:28    C:\Users\ASUS\AppData\Local\Temp\RarSFX1 --------- 4096 
 27.07.2011 20:28    C:\Users\ASUS\AppData\Local\Temp\nss1AE2.tmp --------- 0 
 27.07.2011 20:28    C:\Users\ASUS\AppData\Local\Temp\RarSFX0 --------- 4096 
 27.07.2011 20:12    C:\Users\ASUS\AppData\Local\Temp\cacaonew608acd.exe --------- 398064 
 26.07.2011 15:18    C:\Users\ASUS\AppData\Local\Temp\Log --------- 0 
 26.07.2011 14:23    C:\Users\ASUS\AppData\Local\Temp\bcdedit32.exe --------- 294912 
 26.07.2011 14:23    C:\Users\ASUS\AppData\Local\Temp\51773975.bat --------- 234 
 26.07.2011 14:21    C:\Users\ASUS\AppData\Local\Temp\MSI72146.LOG --------- 364530 
 22.07.2011 14:10    C:\Users\ASUS\AppData\Local\Temp\chrome_installer.log --------- 0 
 22.07.2011 14:10    C:\Users\ASUS\AppData\Local\Temp\cacaonew7224c3.exe --------- 398064 
 22.07.2011 14:02    C:\Users\ASUS\AppData\Local\Temp\{6F2C548D-3B6F-4A89-B968-B07427D891C7} --------- 28672 
 21.07.2011 14:41    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(201107211441069C8).log --------- 695 
 21.07.2011 14:41    C:\Users\ASUS\AppData\Local\Temp\SetupExe(201107211441029C8).log --------- 18106 
 21.07.2011 14:05    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(2011072114051610AC).log --------- 70837 
 21.07.2011 14:05    C:\Users\ASUS\AppData\Local\Temp\SetupExe(2011072114051310AC).log --------- 18110 
 21.07.2011 10:58    C:\Users\ASUS\AppData\Local\Temp\Hyperionics DB Toolbar.xpi --------- 155831 
 21.07.2011 10:58    C:\Users\ASUS\AppData\Local\Temp\ietb.cab --------- 1485143 
 21.07.2011 00:03    C:\Users\ASUS\AppData\Local\Temp\jar_cache1678786475409790603.tmp --------- 2111443 
 21.07.2011 00:02    C:\Users\ASUS\AppData\Local\Temp\www.minecraft.net --------- 0 
 19.07.2011 13:35    C:\Users\ASUS\AppData\Local\Temp\WMPBurn --------- 0 
 19.07.2011 01:22    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(2011071901163817D4).log --------- 70837 
 19.07.2011 01:16    C:\Users\ASUS\AppData\Local\Temp\SetupExe(2011071901163517D4).log --------- 18110 
 08.07.2011 19:29    C:\Users\ASUS\AppData\Local\Temp\Low --------- 4096 
 08.07.2011 10:48    C:\Users\ASUS\AppData\Local\Temp\e4j37F1.tmp_dir --------- 0 
 08.07.2011 01:04    C:\Users\ASUS\AppData\Local\Temp\e4jC7D8.tmp_dir --------- 0 
 07.07.2011 23:55    C:\Users\ASUS\AppData\Local\Temp\e4j45CC.tmp_dir --------- 0 
 07.07.2011 23:46    C:\Users\ASUS\AppData\Local\Temp\e4j4E83.tmp_dir --------- 0 
 07.07.2011 21:12    C:\Users\ASUS\AppData\Local\Temp\e4j4DC5.tmp_dir --------- 0 
 07.07.2011 18:07    C:\Users\ASUS\AppData\Local\Temp\e4j508F.tmp_dir --------- 0 
 07.07.2011 18:05    C:\Users\ASUS\AppData\Local\Temp\{0A83BBC5-6E66-4538-B73B-1E5A210FC8DB} --------- 4096 
 07.07.2011 13:16    C:\Users\ASUS\AppData\Local\Temp\e4j5753.tmp_dir --------- 0 
 06.07.2011 21:43    C:\Users\ASUS\AppData\Local\Temp\{BB501BD4-3E4B-4AA4-AD22-350DE3380537} --------- 0 
 06.07.2011 21:43    C:\Users\ASUS\AppData\Local\Temp\{5D53CE6D-8724-4EEB-A774-48943B20EB16} --------- 4096 
 06.07.2011 18:36    C:\Users\ASUS\AppData\Local\Temp\wmsetup.log --------- 4467 
 06.07.2011 15:40    C:\Users\ASUS\AppData\Local\Temp\e4j274F.tmp_dir --------- 0 
 05.07.2011 21:38    C:\Users\ASUS\AppData\Local\Temp\e4jCCC0.tmp_dir --------- 0 
 05.07.2011 18:56    C:\Users\ASUS\AppData\Local\Temp\e4j757D.tmp_dir --------- 0 
 05.07.2011 13:12    C:\Users\ASUS\AppData\Local\Temp\e4j8BBB.tmp_dir --------- 0 
 04.07.2011 21:20    C:\Users\ASUS\AppData\Local\Temp\e4jEE27.tmp_dir --------- 0 
 04.07.2011 19:24    C:\Users\ASUS\AppData\Local\Temp\e4j2413.tmp_dir --------- 0 
 04.07.2011 14:59    C:\Users\ASUS\AppData\Local\Temp\e4j389C.tmp_dir --------- 0 
 03.07.2011 21:27    C:\Users\ASUS\AppData\Local\Temp\e4j8B40.tmp_dir --------- 0 
 03.07.2011 20:22    C:\Users\ASUS\AppData\Local\Temp\e4j74D2.tmp_dir --------- 0 
 03.07.2011 19:18    C:\Users\ASUS\AppData\Local\Temp\e4jCB59.tmp_dir --------- 0 
 03.07.2011 19:18    C:\Users\ASUS\AppData\Local\Temp\e4j6C87.tmp_dir --------- 0 
 03.07.2011 19:18    C:\Users\ASUS\AppData\Local\Temp\e4j8C76.tmp_dir --------- 0 
 03.07.2011 16:37    C:\Users\ASUS\AppData\Local\Temp\e4j6843.tmp_dir --------- 0 
 03.07.2011 12:27    C:\Users\ASUS\AppData\Local\Temp\e4jEF7C.tmp_dir --------- 0 
 02.07.2011 22:05    C:\Users\ASUS\AppData\Local\Temp\e4j62CD.tmp_dir --------- 0 
 02.07.2011 21:50    C:\Users\ASUS\AppData\Local\Temp\e4j7FBF.tmp_dir --------- 0 
 02.07.2011 21:39    C:\Users\ASUS\AppData\Local\Temp\e4j6221.tmp_dir --------- 0 
 02.07.2011 21:33    C:\Users\ASUS\AppData\Local\Temp\e4jAF56.tmp_dir --------- 0 
 02.07.2011 20:38    C:\Users\ASUS\AppData\Local\Temp\e4jF9DC.tmp_dir --------- 0 
 02.07.2011 20:17    C:\Users\ASUS\AppData\Local\Temp\e4j95CC.tmp_dir --------- 0 
 02.07.2011 19:50    C:\Users\ASUS\AppData\Local\Temp\e4j2001.tmp_dir --------- 0 
 02.07.2011 18:39    C:\Users\ASUS\AppData\Local\Temp\msdt --------- 0 
 02.07.2011 18:36    C:\Users\ASUS\AppData\Local\Temp\e4jBD67.tmp_dir --------- 0 
 02.07.2011 18:32    C:\Users\ASUS\AppData\Local\Temp\e4j71E6.tmp_dir --------- 0 
 02.07.2011 17:52    C:\Users\ASUS\AppData\Local\Temp\e4jF316.tmp_dir --------- 0 
 02.07.2011 17:41    C:\Users\ASUS\AppData\Local\Temp\e4jB616.tmp_dir --------- 0 
 02.07.2011 17:17    C:\Users\ASUS\AppData\Local\Temp\e4jD2E8.tmp_dir --------- 0 
 02.07.2011 17:12    C:\Users\ASUS\AppData\Local\Temp\e4jD8B2.tmp_dir --------- 0 
 02.07.2011 17:11    C:\Users\ASUS\AppData\Local\Temp\e4jC783.tmp_dir --------- 0 
 02.07.2011 11:39    C:\Users\ASUS\AppData\Local\Temp\e4j4327.tmp_dir --------- 0 
 02.07.2011 11:39    C:\Users\ASUS\AppData\Local\Temp\e4j4318.tmp_dir --------- 0 
 02.07.2011 08:53    C:\Users\ASUS\AppData\Local\Temp\e4j888.tmp_dir --------- 0 
 01.07.2011 23:22    C:\Users\ASUS\AppData\Local\Temp\e4j5D9D.tmp_dir --------- 0 
 01.07.2011 21:09    C:\Users\ASUS\AppData\Local\Temp\e4j42CB.tmp_dir --------- 0 
 01.07.2011 21:06    C:\Users\ASUS\AppData\Local\Temp\e4j7E92.tmp_dir --------- 0 
 01.07.2011 20:07    C:\Users\ASUS\AppData\Local\Temp\e4jDD06.tmp_dir --------- 0 
 01.07.2011 17:13    C:\Users\ASUS\AppData\Local\Temp\e4j695D.tmp_dir --------- 0 
 01.07.2011 17:13    C:\Users\ASUS\AppData\Local\Temp\e4jE012.tmp_dir --------- 0 
 01.07.2011 17:12    C:\Users\ASUS\AppData\Local\Temp\e4j1FA1.tmp_dir --------- 0 
 01.07.2011 17:11    C:\Users\ASUS\AppData\Local\Temp\e4j864F.tmp_dir --------- 0 
 01.07.2011 17:11    C:\Users\ASUS\AppData\Local\Temp\e4j43E3.tmp_dir --------- 0 
 01.07.2011 17:09    C:\Users\ASUS\AppData\Local\Temp\e4j1A83.tmp_dir --------- 0 
 01.07.2011 17:07    C:\Users\ASUS\AppData\Local\Temp\e4jCB79.tmp_dir --------- 0 
 01.07.2011 17:06    C:\Users\ASUS\AppData\Local\Temp\e4jE34D.tmp_dir --------- 0 
 01.07.2011 17:06    C:\Users\ASUS\AppData\Local\Temp\e4jA7E3.tmp_dir --------- 0 
 01.07.2011 17:02    C:\Users\ASUS\AppData\Local\Temp\e4jB579.tmp_dir --------- 0 
 01.07.2011 17:00    C:\Users\ASUS\AppData\Local\Temp\e4j12B6.tmp_dir --------- 0 
 01.07.2011 16:58    C:\Users\ASUS\AppData\Local\Temp\e4j73C8.tmp_dir --------- 0 
 01.07.2011 16:35    C:\Users\ASUS\AppData\Local\Temp\e4jB5D7.tmp_dir --------- 0 
 01.07.2011 16:33    C:\Users\ASUS\AppData\Local\Temp\e4j674A.tmp_dir --------- 0 
 01.07.2011 16:30    C:\Users\ASUS\AppData\Local\Temp\e4j2D18.tmp_dir --------- 0 
 01.07.2011 14:13    C:\Users\ASUS\AppData\Local\Temp\e4jFB6E.tmp_dir --------- 0 
 01.07.2011 13:59    C:\Users\ASUS\AppData\Local\Temp\e4j958B.tmp_dir --------- 0 
 01.07.2011 13:27    C:\Users\ASUS\AppData\Local\Temp\e4jBF87.tmp_dir --------- 0 
 30.06.2011 18:53    C:\Users\ASUS\AppData\Local\Temp\is2F5B.tmp --------- 0 
 30.06.2011 18:53    C:\Users\ASUS\AppData\Local\Temp\._msigeplugin60 --------- 4096 
 30.06.2011 18:45    C:\Users\ASUS\AppData\Local\Temp\e4j8CB6.tmp_dir --------- 0 
 30.06.2011 18:44    C:\Users\ASUS\AppData\Local\Temp\e4j4F49.tmp_dir --------- 0 
 30.06.2011 18:36    C:\Users\ASUS\AppData\Local\Temp\e4jDE5E.tmp_dir --------- 0 
 30.06.2011 18:16    C:\Users\ASUS\AppData\Local\Temp\e4j121A.tmp_dir --------- 0 
 30.06.2011 17:58    C:\Users\ASUS\AppData\Local\Temp\e4j1DAE.tmp_dir --------- 0 
 30.06.2011 17:55    C:\Users\ASUS\AppData\Local\Temp\Blizzard --------- 0 
 30.06.2011 17:54    C:\Users\ASUS\AppData\Local\Temp\~DFDABA3E907F9CA309.TMP --------- 131072 
 30.06.2011 17:54    C:\Users\ASUS\AppData\Local\Temp\~DF6064598C0BD59A44.TMP --------- 131072 
 30.06.2011 17:50    C:\Users\ASUS\AppData\Local\Temp\~DF3E5E2697AF9A34FD.TMP --------- 131072 
 30.06.2011 17:50    C:\Users\ASUS\AppData\Local\Temp\Blizzard Installer Bootstrap - 00224653 --------- 0 
 30.06.2011 17:47    C:\Users\ASUS\AppData\Local\Temp\~DF76C6CBAFD3B9875E.TMP --------- 131072 
 30.06.2011 17:39    C:\Users\ASUS\AppData\Local\Temp\e4j9655.tmp_dir --------- 0 
 30.06.2011 17:34    C:\Users\ASUS\AppData\Local\Temp\e4j98E5.tmp_dir --------- 0 
 30.06.2011 17:21    C:\Users\ASUS\AppData\Local\Temp\e4jFF25.tmp_dir --------- 0 
 30.06.2011 16:36    C:\Users\ASUS\AppData\Local\Temp\e4j3929.tmp_dir --------- 0 
 30.06.2011 16:33    C:\Users\ASUS\AppData\Local\Temp\e4j8DBE.tmp_dir --------- 0 
 30.06.2011 16:28    C:\Users\ASUS\AppData\Local\Temp\e4jAD20.tmp_dir --------- 0 
 30.06.2011 16:24    C:\Users\ASUS\AppData\Local\Temp\e4jAFED.tmp_dir --------- 0 
 30.06.2011 13:43    C:\Users\ASUS\AppData\Local\Temp\e4j8E5.tmp_dir --------- 0 
 29.06.2011 23:00    C:\Users\ASUS\AppData\Local\Temp\e4j754F.tmp_dir --------- 0 
 29.06.2011 22:04    C:\Users\ASUS\AppData\Local\Temp\e4jD7E7.tmp_dir --------- 0 
 29.06.2011 19:00    C:\Users\ASUS\AppData\Local\Temp\e4j9C1.tmp_dir --------- 0 
 29.06.2011 18:39    C:\Users\ASUS\AppData\Local\Temp\e4jD098.tmp_dir --------- 0 
 29.06.2011 18:27    C:\Users\ASUS\AppData\Local\Temp\e4jB08.tmp_dir --------- 0 
 29.06.2011 18:25    C:\Users\ASUS\AppData\Local\Temp\e4j5C72.tmp_dir --------- 0 
 29.06.2011 18:08    C:\Users\ASUS\AppData\Local\Temp\dd_vcredistUI000F.txt --------- 11430 
 29.06.2011 18:08    C:\Users\ASUS\AppData\Local\Temp\dd_vcredistMSI000F.txt --------- 406454 
 29.06.2011 17:55    C:\Users\ASUS\AppData\Local\Temp\JAUReg.log --------- 255 
 29.06.2011 17:55    C:\Users\ASUS\AppData\Local\Temp\AUCHECK_PARSER.txt --------- 183 
 29.06.2011 17:55    C:\Users\ASUS\AppData\Local\Temp\java_install_reg.log --------- 2606 
 29.06.2011 17:54    C:\Users\ASUS\AppData\Local\Temp\java_install.log --------- 28813 
 29.06.2011 17:54    C:\Users\ASUS\AppData\Local\Temp\java_install_sp.log --------- 1221 
 29.06.2011 17:53    C:\Users\ASUS\AppData\Local\Temp\jinstall.cfg --------- 1284 
 29.06.2011 17:51    C:\Users\ASUS\AppData\Local\Temp\HamachiSetup.log --------- 4209 
 29.06.2011 14:46    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(201106291446291970).log --------- 70837 
 29.06.2011 14:46    C:\Users\ASUS\AppData\Local\Temp\SetupExe(201106291446261970).log --------- 18110 
 21.06.2011 15:25    C:\Users\ASUS\AppData\Local\Temp\InstallAX.exe --------- 3118592 
 19.06.2011 22:04    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(201106192203581904).log --------- 36235 
 19.06.2011 22:03    C:\Users\ASUS\AppData\Local\Temp\SetupExe(201106192203561904).log --------- 18113 
 19.06.2011 22:02    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(20110619220201390).log --------- 70837 
 19.06.2011 22:02    C:\Users\ASUS\AppData\Local\Temp\SetupExe(20110619220200390).log --------- 18112 
 19.06.2011 18:50    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(2011061918501117D4).log --------- 70837 
 19.06.2011 18:50    C:\Users\ASUS\AppData\Local\Temp\SetupExe(2011061918500817D4).log --------- 18110 
 19.06.2011 18:34    C:\Users\ASUS\AppData\Local\Temp\oPackage --------- 0 
 13.06.2011 09:03    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(20110613090338131C).log --------- 70836 
 13.06.2011 09:03    C:\Users\ASUS\AppData\Local\Temp\SetupExe(20110613090334131C).log --------- 18107 
 12.06.2011 15:27    C:\Users\ASUS\AppData\Local\Temp\TFR9ACA.tmp --------- 45624 
 12.06.2011 12:14    C:\Users\ASUS\AppData\Local\Temp\msohtmlclip1 --------- 0 
 12.06.2011 12:14    C:\Users\ASUS\AppData\Local\Temp\msohtmlclip --------- 0 
 12.06.2011 12:14    C:\Users\ASUS\AppData\Local\Temp\SketchUpUndo0.log --------- 2921 
 12.06.2011 12:11    C:\Users\ASUS\AppData\Local\Temp\GoogleToolbarInstaller2.log --------- 7603 
 12.06.2011 12:11    C:\Users\ASUS\AppData\Local\Temp\GoogleToolbarInstaller1.log --------- 4224 
 12.06.2011 12:11    C:\Users\ASUS\AppData\Local\Temp\swg5.6.5805.1910110612-121138.dmp --------- 1084227 
 12.06.2011 12:11    C:\Users\ASUS\AppData\Local\Temp\7zS5B3A.tmp --------- 0 
 12.06.2011 12:11    C:\Users\ASUS\AppData\Local\Temp\MSI926.tmp --------- 2302128 
 12.06.2011 12:08    C:\Users\ASUS\AppData\Local\Temp\VSD711B.tmp --------- 0 
 12.06.2011 10:59    C:\Users\ASUS\AppData\Local\Temp\UserInfoSetup(20110612105936834).log --------- 70835 
 12.06.2011 10:59    C:\Users\ASUS\AppData\Local\Temp\SetupExe(20110612105931834).log --------- 18106 
 12.06.2011 10:59    C:\Users\ASUS\AppData\Local\Temp\VBE --------- 0 
 08.06.2011 22:52    C:\Users\ASUS\AppData\Local\Temp\akamaiclient --------- 0 
 03.06.2011 23:51    C:\Users\ASUS\AppData\Local\Temp\Cab572B.tmp --------- 44566 
 03.06.2011 23:51    C:\Users\ASUS\AppData\Local\Temp\Tar572C.tmp --------- 0 
 03.06.2011 13:15    C:\Users\ASUS\AppData\Local\Temp\dd_vcredistUI2FD6.txt --------- 11630 
 03.06.2011 13:15    C:\Users\ASUS\AppData\Local\Temp\dd_vcredistMSI2FD6.txt --------- 407378 
 03.06.2011 13:10    C:\Users\ASUS\AppData\Local\Temp\FiestaOnline-Dawn-Of-The-Spirits-DE_Downloader_05192011[1].exe.log --------- 2352434 
 03.06.2011 12:54    C:\Users\ASUS\AppData\Local\Temp\Windows Live Toolbar --------- 0 
 03.06.2011 12:46    C:\Users\ASUS\AppData\Local\Temp\pdoF037.tmp --------- 0 
 03.06.2011 12:45    C:\Users\ASUS\AppData\Local\Temp\53434a04b9dd2cbf65e49f35e53625ed.lock --------- 0 
 03.06.2011 12:45    C:\Users\ASUS\AppData\Local\Temp\swt-win32-3349.dll --------- 139672 
 19.05.2011 12:03    C:\Users\ASUS\AppData\Local\Temp\B6A1.tmp --------- 0 
 19.05.2011 12:02    C:\Users\ASUS\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0 
 19.05.2011 12:02    C:\Users\ASUS\AppData\Local\Temp\MUI --------- 0 
 19.05.2011 12:01    C:\Users\ASUS\AppData\Local\Temp\ASUS.bmp --------- 49208 
 19.05.2011 12:00    C:\Users\ASUS\AppData\Local\Temp\Silverlight0.log --------- 2078 
 19.05.2011 12:00    C:\Users\ASUS\AppData\Local\Temp\SilverlightMSI.log --------- 529884 
 20.04.2011 01:21    C:\Users\ASUS\AppData\Local\Temp\AskSLib.dll --------- 178568 
----------------------------------------

 
C:\Program Files

 27.07.2011 20:28    C:\Program Files\HyperCam 2 --------- 4096 
 26.07.2011 15:00    C:\Program Files\ATI Technologies --------- 0 
 20.06.2011 14:53    C:\Program Files\Windows Mail --------- 4096 
 20.06.2011 14:53    C:\Program Files\Windows Sidebar --------- 4096 
 20.06.2011 14:53    C:\Program Files\Internet Explorer --------- 4096 
 20.06.2011 14:53    C:\Program Files\Windows Media Player --------- 4096 
 20.06.2011 14:53    C:\Program Files\Windows Journal --------- 4096 
 20.06.2011 14:53    C:\Program Files\Windows Photo Viewer --------- 4096 
 20.06.2011 14:53    C:\Program Files\Windows Defender --------- 4096 
 20.06.2011 14:32    C:\Program Files\DVD Maker --------- 4096 
 12.06.2011 12:11    C:\Program Files\Google --------- 0 
 19.05.2011 11:55    C:\Program Files\Windows Live --------- 0 
 03.12.2009 09:58    C:\Program Files\ASUS --------- 0 
 03.12.2009 09:56    C:\Program Files\P4G --------- 4096 
 03.12.2009 09:53    C:\Program Files\Elantech --------- 4096 
 03.12.2009 09:52    C:\Program Files\SRS Labs --------- 0 
 03.12.2009 09:51    C:\Program Files\DIFX --------- 0 
 03.12.2009 09:51    C:\Program Files\ATKGFNEX --------- 4096 
 03.12.2009 09:47    C:\Program Files\ATI --------- 0 
 03.12.2009 09:46    C:\Program Files\Trend Micro --------- 0 
 03.12.2009 09:11    C:\Program Files\Microsoft Office --------- 0 
 14.07.2009 09:45    C:\Program Files\Microsoft Games --------- 4096 
 14.07.2009 07:32    C:\Program Files\Windows Portable Devices --------- 0 
 14.07.2009 07:32    C:\Program Files\MSBuild --------- 0 
 14.07.2009 07:32    C:\Program Files\Reference Assemblies --------- 0 
 14.07.2009 07:32    C:\Program Files\Windows NT --------- 0 
 14.07.2009 07:09    C:\Program Files\Uninstall Information --------- 0 
 14.07.2009 06:54    C:\Program Files\desktop.ini --------- 174 
 14.07.2009 05:20    C:\Program Files\Common Files --------- 4096 
----------------------------------------

 
C:\ProgramData\..

ASUS   
Public   
Default   
Default User   
All Users   
desktop.ini   
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1      localhost
127.0.0.1 vkontakte.ru
127.0.0.1 www.vkontakte.ru
127.0.0.1 login.vk.com
127.0.0.1 vk.com
127.0.0.1 www.vk.com
127.0.0.1 odnoklassniki.ru
127.0.0.1 www.odnoklassniki.ru
127.0.0.1 facebook.com
127.0.0.1 www.facebook.com
127.0.0.1 af-za.facebook.com
127.0.0.1 az-az.facebook.com
127.0.0.1 id-id.facebook.com
127.0.0.1 ms-my.facebook.com
127.0.0.1 bs-ba.facebook.com
127.0.0.1 ca-es.facebook.com
127.0.0.1 cs-cz.facebook.com
127.0.0.1 cy-gb.facebook.com
127.0.0.1 da-dk.facebook.com
127.0.0.1 de-de.facebook.com
127.0.0.1 et-ee.facebook.com
127.0.0.1 en-gb.facebook.com
127.0.0.1 es-la.facebook.com
127.0.0.1 eo-eo.facebook.com
127.0.0.1 eu-es.facebook.com
127.0.0.1 tl-ph.facebook.com
127.0.0.1 fo-fo.facebook.com
127.0.0.1 fr-fr.facebook.com
127.0.0.1 fy-nl.facebook.com
127.0.0.1 ga-ie.facebook.com
127.0.0.1 gl-es.facebook.com
127.0.0.1 ko-kr.facebook.com
127.0.0.1 hr-hr.facebook.com
127.0.0.1 is-is.facebook.com
127.0.0.1 it-it.facebook.com
127.0.0.1 ka-ge.facebook.com
127.0.0.1 sw-ke.facebook.com
127.0.0.1 ku-tr.facebook.com
127.0.0.1 lv-lv.facebook.com
127.0.0.1 fb-lt.facebook.com
127.0.0.1 lt-lt.facebook.com
127.0.0.1 la-va.facebook.com
127.0.0.1 hu-hu.facebook.com
127.0.0.1 nl-nl.facebook.com
127.0.0.1 ja-jp.facebook.com
127.0.0.1 nb-no.facebook.com
127.0.0.1 nn-no.facebook.com
127.0.0.1 pl-pl.facebook.com
127.0.0.1 pt-br.facebook.com
127.0.0.1 ro-ro.facebook.com
127.0.0.1 ru-ru.facebook.com
127.0.0.1 sq-al.facebook.com
127.0.0.1 sk-sk.facebook.com
127.0.0.1 sl-si.facebook.com
127.0.0.1 fi-fi.facebook.com
127.0.0.1 sv-se.facebook.com
127.0.0.1 th-th.facebook.com
127.0.0.1 vi-vn.facebook.com
127.0.0.1 tr-tr.facebook.com
127.0.0.1 zh-tw.facebook.com
127.0.0.1 el-gr.facebook.com
127.0.0.1 be-by.facebook.com
127.0.0.1 bg-bg.facebook.com
127.0.0.1 mk-mk.facebook.com
127.0.0.1 sr-rs.facebook.com
127.0.0.1 uk-ua.facebook.com
127.0.0.1 hy-am.facebook.com
127.0.0.1 he-il.facebook.com
127.0.0.1 ar-ar.facebook.com
127.0.0.1 ps-af.facebook.com
127.0.0.1 fa-ir.facebook.com
127.0.0.1 ne-np.facebook.com
127.0.0.1 hi-in.facebook.com
127.0.0.1 bn-in.facebook.com
127.0.0.1 pa-in.facebook.com
127.0.0.1 ta-in.facebook.com
127.0.0.1 te-in.facebook.com
127.0.0.1 ml-in.facebook.com
127.0.0.1 es-es.facebook.com
127.0.0.1 fr-ca.facebook.com
127.0.0.1 pt-pt.facebook.com
127.0.0.1 zh-cn.facebook.com
127.0.0.1 zh-hk.facebook.com

----------------------------------------

 

Abbildname                    PID Sitzungsname      Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                  0            24 K
System                          4 Services                  0          748 K
smss.exe                      252 Services                  0        1.032 K
csrss.exe                      336 Services                  0        6.896 K
csrss.exe                      416 Console                    1        7.292 K
wininit.exe                    424 Services                  0        6.028 K
winlogon.exe                  512 Console                    1        6.736 K
services.exe                  552 Services                  0        10.520 K
lsass.exe                      560 Services                  0        12.584 K
lsm.exe                        568 Services                  0        4.144 K
svchost.exe                    672 Services                  0        9.308 K
svchost.exe                    784 Services                  0        8.556 K
atiesrxx.exe                  868 Services                  0        3.972 K
svchost.exe                    928 Services                  0        28.300 K
svchost.exe                    972 Services                  0        17.400 K
svchost.exe                    996 Services                  0        36.908 K
svchost.exe                    300 Services                  0        13.548 K
svchost.exe                  1036 Services                  0        15.568 K
FBAgent.exe                  1164 Services                  0        12.560 K
atieclxx.exe                  1176 Console                    1        5.268 K
AsLdrSrv.exe                  1216 Services                  0        3.624 K
smartlogon.exe                1316 Console                    1        6.400 K
GFNEXSrv.exe                  1376 Services                  0        3.068 K
spoolsv.exe                  1576 Services                  0        11.656 K
taskhost.exe                  1596 Console                    1        7.668 K
dwm.exe                      1668 Console                    1        37.360 K
explorer.exe                  1688 Console                    1        73.256 K
HControl.exe                  1752 Console                    1        6.120 K
svchost.exe                  1780 Services                  0        19.564 K
ATKOSD.exe                    1844 Console                    1        5.508 K
taskeng.exe                  1856 Console                    1        6.432 K
BatteryLife.exe              1924 Console                    1        4.268 K
ACMON.exe                    1932 Console                    1        4.268 K
sensorsrv.exe                1940 Console                    1        4.272 K
ALU.exe                      1948 Console                    1        4.276 K
wcourier.exe                  1972 Console                    1        4.272 K
ASPG.exe                      1980 Console                    1        4.260 K
ControlDeckStartUp.exe        1988 Console                    1        3.228 K
svchost.exe                  2024 Services                  0        14.060 K
Fuel.Service.exe              1028 Services                  0        8.924 K
KBFiltr.exe                  1348 Console                    1        3.768 K
hamachi-2.exe                1340 Services                  0        9.768 K
WDC.exe                      1328 Console                    1        5.012 K
ICQ Service.exe              1236 Services                  0        6.680 K
hamachi-2-ui.exe              2128 Console                    1        7.428 K
OberonGameConsoleService.    2236 Services                  0        23.324 K
SeaPort.exe                  2368 Services                  0        10.260 K
SfCtlCom.exe                  2408 Services                  0        9.024 K
svchost.exe                  2440 Services                  0        5.232 K
UfSeAgnt.exe                  2676 Console                    1        1.380 K
svchost.exe                  2768 Services                  0        6.496 K
svchost.exe                  2972 Services                  0        14.312 K
TmProxy.exe                  2016 Services                  0        21.916 K
TMBMSRV.exe                  1072 Services                  0        9.136 K
mbamservice.exe              3332 Services                  0        48.532 K
ADSMSrv.exe                  3380 Services                  0        3.748 K
AsScrPro.exe                  3640 Console                    1        7.808 K
CLMLSvc.exe                  3724 Console                    1        7.332 K
BackupService.exe            3864 Console                    1        44.792 K
ETDCtrl.exe                  3872 Console                    1        8.132 K
AmIcoSinglun64.exe            3880 Console                    1        5.956 K
ICQ.exe                      3920 Console                    1        26.228 K
cacaoweb.exe                  3940 Console                    1        7.440 K
HControlUser.exe              3996 Console                    1        3.156 K
ATKOSD2.exe                  4008 Console                    1        4.908 K
VDECK.EXE                    4016 Console                    1        31.072 K
DMedia.exe                    4052 Console                    1        3.892 K
jusched.exe                  4068 Console                    1        4.260 K
mbamgui.exe                  4084 Console                    1        6.756 K
MOM.exe                      3440 Console                    1        6.828 K
ACEngSvr.exe                  3588 Console                    1        5.684 K
SRSPremiumPanel_64.exe        3652 Console                    1        18.096 K
CCC.exe                      4252 Console                    1        25.288 K
SearchIndexer.exe            4952 Services                  0        27.092 K
wmpnetwk.exe                  4468 Services                  0        7.408 K
svchost.exe                  2036 Services                  0        15.196 K
svchost.exe                  6040 Services                  0        44.312 K
PresentationFontCache.exe    5680 Services                  0        16.728 K
OTL.exe                      5952 Console                    1        24.816 K
iexplore.exe                  4960 Console                    1        26.636 K
iexplore.exe                  2724 Console                    1        79.016 K
GoogleToolbarUser_32.exe      4196 Console                    1        11.040 K
taskhost.exe                  5208 Services                  0        3.004 K
SearchFilterHost.exe          1640 Services                  0        6.196 K
cmd.exe                      4076 Console                    1        3.628 K
conhost.exe                  5932 Console                    1        6.136 K
SearchProtocolHost.exe        4700 Services                  0        7.896 K
tasklist.exe                  4108 Console                    1        5.136 K
WmiPrvSE.exe                  5880 Services                  0        5.900 K

 
***** Ende des Scans 28.07.2011 um 12:33:50,76 ***


Drumming 28.07.2011 21:56

Achja :
1. Firewall ist aus und kann nich eingschaltet werden (manuell auch nicht)
2. Facebook kann nich aufgerufen werden
3. MBAM zeigt wieder ne gefährlich datei an...also sozusagen ein zugriff von außen auf meinen rechner. Die Datei heißt csrss.exe. Eig is das ja ne gute Datei aber wenn die inner anderen Datei fehlt deutet die auffem Virus hin.....
brauch dringend hilfe

kira 29.07.2011 10:17

1.
Fixen mit OTL
  • Starte die OTL.exe.
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Kopiere folgendes Skript:
Code:

:OTL
IE - HKCU\..\URLSearchHook:  - Reg Error: Key error. File not found
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Hyperionics DB Toolbar) - {338B4DFE-2E2C-4338-9E41-E176D497299E} -  File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [tray_ico]  File not found
O4 - HKLM..\Run: [tray_ico1]  File not found
O4 - HKLM..\Run: [tray_ico2]  File not found
O4 - HKLM..\Run: [tray_ico3]  File not found
O4 - HKLM..\Run: [tray_ico4]  File not found
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab (SysInfo Class)
[2011/07/26 14:41:59 | 000,000,000 | ---D | C] -- C:\Windows\ufa
[2011/07/26 14:41:59 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
[2011/07/26 14:41:38 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
[2011/07/26 14:40:05 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
[2011/07/26 14:38:16 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
[2011/07/26 14:35:24 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
[2011/07/26 14:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0-lnk
[2011/07/26 14:35:22 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0
[2011/07/26 14:41:58 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
[2011/07/26 14:41:58 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
[2011/07/26 14:41:58 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
[2011/07/26 14:41:58 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
[2011/07/26 14:40:27 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
[2011/07/26 14:39:58 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA

:Files
C:\Windows\iecheck_iplist.txt
C:\Windows\btc_client_iplist.txt 
C:\Windows\iplist.txt
C:\Windows\proc_list1.log
C:\Windows\front_ip_list.txt 
C:\Windows\geoiplist

:Commands
[purity]
[emptytemp]
[resethosts]


2.
reinige dein System mit Ccleaner:
  • "Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
  • "Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
  • Starte dein System neu auf

3.
erneut einen Scan mit OTL:
  • Doppelklick auf die OTL.exe
  • Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
  • Oben findest Du ein Kästchen mit Ausgabe.
    Wähle bitte Standard-Ausgabe
  • Unter Extra-Registrierung wähle bitte Benutze SafeList.
  • Mache Häckchen bei LOP- und Purity-Prüfung.
  • Klicke nun auf Scan links oben.
  • Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
    Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
  • Poste die Logfiles in Code-Tags hier in den Thread.

4.
poste erneut - nach der vorgenommenen Reinigungsaktion:
hjtscanlist v2.0 - Dateiliste

Drumming 29.07.2011 14:01

So den OTL Fix:
Code:

All processes killed
========== OTL ==========
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{338B4DFE-2E2C-4338-9E41-E176D497299E} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.
Starting removal of ActiveX control {E6F480FC-BD44-4CBA-B74A-89AF7842937D}
C:\Windows\Downloaded Program Files\SystemRequirementsLab.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{E6F480FC-BD44-4CBA-B74A-89AF7842937D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6F480FC-BD44-4CBA-B74A-89AF7842937D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{E6F480FC-BD44-4CBA-B74A-89AF7842937D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6F480FC-BD44-4CBA-B74A-89AF7842937D}\ not found.
C:\Windows\ufa folder moved successfully.
C:\Windows\phoenix\kernels\poclbm folder moved successfully.
C:\Windows\phoenix\kernels\phatk folder moved successfully.
C:\Windows\phoenix\kernels folder moved successfully.
C:\Windows\phoenix folder moved successfully.
C:\Windows\update.2 folder moved successfully.
C:\Windows\update.5.0 folder moved successfully.
C:\Windows\av_ico folder moved successfully.
C:\Windows\update.1 folder moved successfully.
C:\Windows\update.tray-8-0-lnk folder moved successfully.
C:\Windows\update.tray-8-0 folder moved successfully.
C:\Windows\phoenix.rar moved successfully.
C:\Windows\rpcminer.rar moved successfully.
C:\Windows\unrar.exe moved successfully.
C:\Windows\ufa.rar moved successfully.
C:\Windows\loader2.exe_ok moved successfully.
C:\Windows\geoiplist.rar moved successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
========== FILES ==========
C:\Windows\iecheck_iplist.txt moved successfully.
C:\Windows\btc_client_iplist.txt moved successfully.
C:\Windows\iplist.txt moved successfully.
C:\Windows\proc_list1.log moved successfully.
C:\Windows\front_ip_list.txt moved successfully.
C:\Windows\geoiplist moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: ASUS
->Temp folder emptied: 134500014 bytes
->Temporary Internet Files folder emptied: 1326514875 bytes
->Java cache emptied: 242831 bytes
->FireFox cache emptied: 30522283 bytes
->Google Chrome cache emptied: 19851888 bytes
->Flash cache emptied: 568 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 406919683 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53388 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1,830.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.26.1 log created on 07292011_134328

Files\Folders moved on Reboot...
C:\Users\ASUS\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\ASUS\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb moved successfully.
C:\Users\ASUS\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb moved successfully.
C:\Windows\temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb moved successfully.
C:\Windows\temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb moved successfully.

Registry entries deleted on Reboot...


Drumming 29.07.2011 14:02

OTL Log:
Code:

OTL logfile created on: 7/29/2011 2:41:52 PM - Run 4
OTL by OldTimer - Version 3.2.26.1    Folder = C:\Users\ASUS\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4.00 Gb Total Physical Memory | 2.56 Gb Available Physical Memory | 64.13% Memory free
8.00 Gb Paging File | 6.29 Gb Available in Paging File | 78.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 74.27 Gb Free Space | 63.78% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 334.57 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2011/07/28 10:18:45 | 000,398,064 | ---- | M] () -- C:\Users\ASUS\AppData\Roaming\cacaoweb\cacaoweb.exe
PRC - [2011/07/28 00:44:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
PRC - [2011/07/06 21:42:40 | 000,124,216 | ---- | M] (ICQ, LLC.) -- C:\Program Files (x86)\ICQ7.5\ICQ.exe
PRC - [2011/07/06 19:52:38 | 000,449,584 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2011/05/25 17:29:54 | 001,951,112 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2011/02/28 17:13:56 | 000,247,096 | ---- | M] () -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
PRC - [2009/12/03 09:58:29 | 003,054,136 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2009/09/25 19:24:36 | 000,174,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
PRC - [2009/09/24 23:50:02 | 000,053,888 | ---- | M] () -- C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
PRC - [2009/09/16 03:34:34 | 001,593,344 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2009/08/17 19:58:46 | 006,859,392 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
PRC - [2009/06/24 22:30:18 | 000,272,952 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe
PRC - [2009/06/19 20:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
PRC - [2009/06/19 20:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
PRC - [2009/05/19 01:59:10 | 000,428,600 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
PRC - [2009/05/19 01:58:38 | 000,305,720 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2009/04/20 21:09:30 | 000,159,744 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
PRC - [2008/12/23 03:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
PRC - [2008/08/14 07:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
PRC - [2008/07/19 05:52:16 | 000,104,936 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe
PRC - [2007/11/30 21:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
PRC - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe
 
 
========== Modules (SafeList) ==========
 
MOD - [2011/07/28 00:44:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
MOD - [2009/07/14 03:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/05/24 23:18:38 | 000,365,568 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2010/10/09 11:00:14 | 000,859,712 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV:64bit: - [2009/10/02 05:38:17 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/09/17 21:36:34 | 000,359,552 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2009/08/22 11:37:45 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV:64bit: - [2009/08/22 11:37:45 | 000,570,632 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2007/08/08 10:08:40 | 000,094,208 | ---- | M] () [Auto | Running] -- C:\Program Files\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2011/07/06 19:52:38 | 000,366,640 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2011/06/29 12:42:05 | 003,435,096 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai\netsession_win_e477fed.dll -- (Akamai)
SRV - [2011/05/25 17:29:52 | 002,275,720 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2011/02/28 17:13:56 | 000,247,096 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe -- (ICQ Service)
SRV - [2009/09/15 03:03:42 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Asus\Game Park\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/06/16 03:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/03/31 12:55:48 | 000,225,280 | ---- | M] (ASUSTek Computer Inc.) [On_Demand | Running] -- C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe -- (ADSMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2011/07/26 14:02:29 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2011/07/26 14:02:29 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2010/07/30 19:30:26 | 000,309,840 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:64bit: - [2010/07/30 19:30:20 | 000,042,576 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:64bit: - [2010/07/30 19:24:14 | 001,988,176 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009/10/05 03:33:59 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/10/02 06:11:13 | 006,182,400 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2009/08/22 11:38:33 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2009/07/20 11:29:39 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/17 08:00:11 | 000,068,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/17 08:00:11 | 000,029,240 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/09 10:11:31 | 001,222,144 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009/06/18 22:18:10 | 000,015,928 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\lullaby.sys -- (lullaby)
DRV:64bit: - [2009/06/12 13:41:55 | 000,112,128 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2009/06/10 22:38:56 | 000,000,308 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\wbem\ntfs.mof -- (Ntfs)
DRV:64bit: - [2009/06/10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/05 13:53:42 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/05/23 00:52:29 | 000,215,040 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/05/20 18:11:05 | 001,799,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV:64bit: - [2009/05/13 03:07:19 | 000,015,928 | ---- | M] (ASUS) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ATK64AMD.sys -- (MTsensor)
DRV:64bit: - [2009/05/05 16:00:27 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2009/03/18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008/12/08 17:35:52 | 000,061,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2008/05/24 03:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007/07/24 21:11:32 | 000,014,904 | ---- | M] () [Kernel | Auto | Running] -- C:\Program Files\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKCU\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\1107071805\ICQToolBar.dll (ICQ)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..network.proxy.type: 0
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.57\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
 
[2011/07/21 22:07:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions
[2011/07/27 21:36:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions
[2011/07/27 20:28:24 | 000,000,000 | ---D | M] (Hyperionics DB Toolbar) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
[2011/07/27 21:36:53 | 000,000,000 | ---D | M] (cacaoweb) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\r8bx6l3v.default\extensions\cacaoweb@cacaoweb.org
File not found (No name found) --
 
O1 HOSTS File: ([2011/07/29 13:46:27 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1      localhost
O1 - Hosts: ::1      localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg64.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (ICQToolBar) - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\1107071805\ICQToolBar.dll (ICQ)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [EeeStorageBackup] C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe (ECAREME)
O4:64bit: - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [cacaoweb] C:\Users\ASUS\AppData\Roaming\cacaoweb\cacaoweb.exe ()
O4 - HKCU..\Run: [ICQ] C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O8 - Extra context menu item: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_70C5B381380DB17F.dll (Google Inc.)
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 -  File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 -  File not found
O13 - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - Reg Error: Key error. File not found
O18:64bit: - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Reg Error: Key error. File not found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
O31 - SafeBoot: AlternateShell - services32.exe
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2011/07/29 13:43:28 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/07/28 21:37:34 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Tracing
[2011/07/28 20:24:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2011/07/28 12:57:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2011/07/28 12:57:47 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2011/07/28 12:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2011/07/28 10:50:45 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Malwarebytes
[2011/07/28 10:50:39 | 000,041,272 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/28 10:50:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/07/28 10:50:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2011/07/28 10:50:35 | 000,025,912 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/28 10:50:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2011/07/28 00:44:17 | 000,579,584 | ---- | C] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2011/07/28 00:25:19 | 049,089,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/07/27 20:58:53 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\ICQ
[2011/07/27 20:28:50 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HyperCam 2
[2011/07/27 20:28:25 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Minibar
[2011/07/27 20:28:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hyperionics DB Toolbar
[2011/07/27 20:28:11 | 000,000,000 | ---D | C] -- C:\Program Files\HyperCam 2
[2011/07/26 22:36:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\AMD
[2011/07/26 15:01:00 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2011/07/26 15:00:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2011/07/26 15:00:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center
[2011/07/26 15:00:38 | 000,046,136 | ---- | C] (Advanced Micro Devices) -- C:\Windows\SysNative\drivers\amdiox64.sys
[2011/07/26 15:00:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AMD
[2011/07/26 15:00:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2011/07/26 14:58:35 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2011/07/26 14:48:11 | 000,000,000 | ---D | C] -- C:\ATI
[2011/07/26 14:46:50 | 000,000,000 | ---D | C] -- C:\Windows\system64
[2011/07/22 14:08:46 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\cacaoweb
[2011/07/22 13:58:47 | 000,000,000 | ---D | C] -- C:\FirefoxPortable
[2011/07/21 22:07:10 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Mozilla
[2011/07/21 16:50:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\alaplaya
[2011/07/21 16:26:35 | 593,954,668 | ---- | C] (InstallShield Software Corporation) -- C:\Users\ASUS\Desktop\S4League.exe
[2011/07/21 15:32:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\ElevatedDiagnostics
[2011/07/16 14:17:25 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2011/07/16 01:45:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\.minecraft
[2011/07/06 21:43:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ICQ7.5
[2011/07/06 21:43:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ6Toolbar
[2011/07/06 21:42:59 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Mozilla
[2011/07/06 21:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\ICQ
[2011/07/06 21:42:44 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\ICQ
[2011/07/06 21:42:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ICQ7.5
[2011/07/06 17:13:11 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Fiesta
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\texturepacks
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\saves
[2011/07/01 14:17:48 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\resources
[2011/07/01 14:17:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\stats
[2011/07/01 14:17:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\bin
[2011/06/30 18:53:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2011/06/30 17:50:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard
[2011/06/30 17:45:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2011/06/30 17:45:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2011/06/29 18:10:19 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\ts3overlay
[2011/06/29 18:09:34 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\WinRAR
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 18:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2011/06/29 18:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinRAR
[2011/06/29 18:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
[2011/06/29 18:07:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client
[2011/06/29 17:55:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2011/06/29 17:55:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2011/06/29 17:54:59 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/06/29 17:54:59 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/29 17:54:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/29 17:54:59 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[2011/06/29 17:54:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2011/06/29 17:51:37 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\LogMeIn Hamachi
[2011/06/29 17:51:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2011/06/29 17:51:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2008/08/12 07:45:20 | 000,155,648 | ---- | C] (ASUS) -- C:\Program Files (x86)\Common Files\MSIactionall.dll
[1 C:\Users\ASUS\AppData\Local\*.tmp files -> C:\Users\ASUS\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2011/07/29 14:47:08 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2011/07/29 14:46:23 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/07/29 14:46:23 | 000,010,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/07/29 14:45:01 | 000,000,003 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2011/07/29 14:38:00 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/07/29 14:37:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/07/29 14:37:14 | 3220,529,152 | -HS- | M] () -- C:\hiberfil.sys
[2011/07/29 13:57:27 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/07/29 13:53:27 | 000,094,788 | ---- | M] () -- C:\Users\ASUS\Documents\cc_20110729_135317.reg
[2011/07/29 13:46:27 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2011/07/28 16:14:31 | 001,500,444 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/28 16:14:31 | 000,647,376 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2011/07/28 16:14:31 | 000,610,094 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/07/28 16:14:31 | 000,127,404 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2011/07/28 16:14:31 | 000,104,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/07/28 12:57:49 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/28 12:57:44 | 000,002,261 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/07/28 11:53:18 | 000,002,158 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2011/07/28 11:53:18 | 000,001,453 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2011/07/28 10:50:39 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/28 10:17:30 | 000,001,937 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk
[2011/07/28 10:16:42 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hîsts
[2011/07/28 00:44:20 | 000,579,584 | ---- | M] (OldTimer Tools) -- C:\Users\ASUS\Desktop\OTL.exe
[2011/07/28 00:17:04 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.bak
[2011/07/27 23:36:21 | 1175,199,286 | ---- | M] () -- C:\Users\ASUS\Documents\clip0006.avi
[2011/07/27 22:31:33 | 3802,291,915 | ---- | M] () -- C:\Users\ASUS\Documents\clip0005.avi
[2011/07/27 21:51:18 | 012,707,496 | ---- | M] () -- C:\Users\ASUS\Documents\clip0004.avi
[2011/07/27 21:50:57 | 026,040,586 | ---- | M] () -- C:\Users\ASUS\Documents\clip0003.avi
[2011/07/27 20:38:59 | 214,771,614 | ---- | M] () -- C:\Users\ASUS\Documents\clip0002.avi
[2011/07/27 20:31:43 | 041,177,758 | ---- | M] () -- C:\Users\ASUS\Documents\clip0001.avi
[2011/07/27 20:28:51 | 000,000,937 | ---- | M] () -- C:\Users\ASUS\Desktop\HyperCam 2.lnk
[2011/07/27 20:10:10 | 000,000,155 | ---- | M] () -- C:\Windows\info1
[2011/07/26 14:02:29 | 000,123,784 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avipbb.sys
[2011/07/26 14:02:29 | 000,088,288 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2011/07/22 18:32:29 | 000,001,971 | ---- | M] () -- C:\Users\ASUS\Desktop\He_Fights_all_Knight.png
[2011/07/21 22:07:11 | 000,000,000 | ---- | M] () -- C:\Windows\nsreg.dat
[2011/07/21 17:00:29 | 000,001,822 | ---- | M] () -- C:\Users\Public\Desktop\S4League.lnk
[2011/07/21 16:41:04 | 593,954,668 | ---- | M] (InstallShield Software Corporation) -- C:\Users\ASUS\Desktop\S4League.exe
[2011/07/16 13:54:11 | 000,270,142 | ---- | M] () -- C:\Users\ASUS\Minecraft.exe
[2011/07/06 19:52:42 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/07/06 19:52:42 | 000,025,912 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/07/02 15:01:11 | 000,000,000 | ---- | M] () -- C:\Users\ASUS\AppData\Local\{BFA1C75D-2684-4A9E-AFDD-FA8B59E089D2}
[2011/07/01 09:54:42 | 049,089,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MRT.exe
[2011/06/29 18:07:37 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/29 17:54:51 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll
[2011/06/29 17:54:51 | 000,157,472 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe
[2011/06/29 17:54:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe
[2011/06/29 17:54:51 | 000,145,184 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe
[1 C:\Users\ASUS\AppData\Local\*.tmp files -> C:\Users\ASUS\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2011/07/29 13:53:25 | 000,094,788 | ---- | C] () -- C:\Users\ASUS\Documents\cc_20110729_135317.reg
[2011/07/28 16:14:31 | 001,500,444 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/07/28 12:57:49 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/07/28 12:57:44 | 000,002,261 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/07/28 12:32:14 | 000,030,259 | ---- | C] () -- C:\Users\ASUS\Desktop\hjtscanlist.bat
[2011/07/28 10:50:39 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/07/27 23:29:11 | 1175,199,286 | ---- | C] () -- C:\Users\ASUS\Documents\clip0006.avi
[2011/07/27 21:51:46 | 3802,291,915 | ---- | C] () -- C:\Users\ASUS\Documents\clip0005.avi
[2011/07/27 21:51:11 | 012,707,496 | ---- | C] () -- C:\Users\ASUS\Documents\clip0004.avi
[2011/07/27 21:50:47 | 026,040,586 | ---- | C] () -- C:\Users\ASUS\Documents\clip0003.avi
[2011/07/27 20:31:53 | 214,771,614 | ---- | C] () -- C:\Users\ASUS\Documents\clip0002.avi
[2011/07/27 20:30:16 | 041,177,758 | ---- | C] () -- C:\Users\ASUS\Documents\clip0001.avi
[2011/07/27 20:28:11 | 000,000,937 | ---- | C] () -- C:\Users\ASUS\Desktop\HyperCam 2.lnk
[2011/07/26 14:40:05 | 000,000,155 | ---- | C] () -- C:\Windows\info1
[2011/07/22 18:32:29 | 000,001,971 | ---- | C] () -- C:\Users\ASUS\Desktop\He_Fights_all_Knight.png
[2011/07/21 22:07:11 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/07/21 17:00:29 | 000,001,822 | ---- | C] () -- C:\Users\Public\Desktop\S4League.lnk
[2011/07/16 13:54:07 | 000,270,142 | ---- | C] () -- C:\Users\ASUS\Minecraft.exe
[2011/07/02 15:01:11 | 000,000,000 | ---- | C] () -- C:\Users\ASUS\AppData\Local\{BFA1C75D-2684-4A9E-AFDD-FA8B59E089D2}
[2011/06/29 18:07:37 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
[2011/06/15 14:04:13 | 000,000,244 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2011/05/24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2009/12/03 09:58:33 | 000,047,672 | ---- | C] () -- C:\Windows\AsScrProlog.exe
[2009/12/03 09:58:21 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\LogonStart.dll
[2009/12/03 09:38:38 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2009/12/03 09:00:48 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2009/09/16 22:08:27 | 000,001,016 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009/08/19 10:33:09 | 000,018,944 | ---- | C] () -- C:\Windows\OOBEPlayer.exe
[2009/08/19 10:33:09 | 000,000,035 | ---- | C] () -- C:\Windows\OOBEPlayer.ini
[2009/07/29 07:20:40 | 000,000,010 | ---- | C] () -- C:\Windows\SysWow64\ABLKSR.ini
[2009/07/14 07:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/14 04:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2009/07/14 04:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2009/07/14 02:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/14 01:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2009/07/13 23:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/07/01 10:10:50 | 000,000,176 | ---- | C] () -- C:\Windows\explorer.exe.config
[2009/06/10 23:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2009/04/08 20:31:56 | 000,106,496 | ---- | C] () -- C:\Program Files (x86)\Common Files\CPInstallAction.dll
[2008/05/22 18:35:54 | 000,051,962 | ---- | C] () -- C:\Program Files (x86)\Common Files\banner.jpg
[2006/05/19 13:39:57 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
 
========== LOP Check ==========
 
[2011/06/03 13:17:11 | 000,000,000 | -HSD | M] -- C:\Users\ASUS\AppData\Roaming\.#
[2011/07/22 11:20:47 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\.minecraft
[2011/05/19 12:02:32 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Asus WebStorage
[2011/06/14 19:16:43 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\bin
[2011/07/25 07:46:14 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\cacaoweb
[2011/06/03 13:15:34 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\GameConsole
[2011/07/29 14:39:56 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ICQ
[2011/06/14 19:16:49 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\resources
[2011/06/14 19:16:45 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\saves
[2011/06/14 19:16:50 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\stats
[2011/06/14 19:16:45 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\texturepacks
[2011/07/29 13:52:44 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\TS3Client
[2011/06/29 18:16:53 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ts3overlay
[2011/07/19 12:32:29 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >


Drumming 29.07.2011 14:05

Extra OTL log:
Code:

OTL Extras logfile created on: 7/29/2011 2:41:52 PM - Run 4
OTL by OldTimer - Version 3.2.26.1    Folder = C:\Users\ASUS\Desktop
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4.00 Gb Total Physical Memory | 2.56 Gb Available Physical Memory | 64.13% Memory free
8.00 Gb Paging File | 6.29 Gb Available in Paging File | 78.70% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 74.27 Gb Free Space | 63.78% Space Free | Partition Type: NTFS
Drive D: | 334.67 Gb Total Space | 334.57 Gb Free Space | 99.97% Space Free | Partition Type: NTFS
 
Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l File not found
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 File not found
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallOverride" = 1
"DisableThumbnailCache" = 1
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusDisableNotify" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
 
========== Authorized Applications List ==========
 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{1686C4D1-B1FD-42E8-B7A8-FB4C4DBA5BA8}" = ASUS Power4Gear Hybrid
"{3768263E-8BE8-4CEF-9463-6D36F731824B}" = Windows Live Family Safety
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{51317AF5-D39F-49EC-A4B5-87451466B837}" = AMD Fuel
"{54E192A6-AA33-1963-C96A-26AA7A3B41B4}" = ccc-utility64
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security
"{90120000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0408-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Greek) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-040D-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Hebrew) 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{90120000-002A-0413-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Dutch) 2007
"{90120000-002A-0816-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Portuguese (Portugal)) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security
"{CFF9D801-1EC4-B8F5-2CAB-4A1790C95A18}" = ATI Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}" = SRS Premium Sound Control Panel
"Asus WebStorage" = Asus WebStorage
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-x64 7.0.5.5_WHQL
"HyperCam 2" = HyperCam 2
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}" = ASUS AI Recovery
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{15F02176-0D12-4FAF-B2CD-2767C7781427}" = Google SketchUp 8
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{19A492A0-888F-44A0-9B21-D91700763F62}" = Catalyst Control Center - Branding
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216026FF}" = Java(TM) 6 Update 26
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{29042B1C-0713-4575-B7CA-5C8E7B0899D4}" = MySQL Connector/ODBC 5.1
"{299CF645-48C7-4FA1-8BCD-5CE200CF180D}" = Microsoft Search Enhancement Pack
"{30D659E4-4405-6925-CDCF-EB8CD0C80DAC}" = Catalyst Control Center Graphics Previews Common
"{3B05F2FB-745B-4012-ADF2-439F36B2E70B}" = ATKOSD2
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{48DB5914-8772-472D-B8DF-E2092BE598F6}" = Adobe Flash Player 10 ActiveX
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{566BAEC0-74CB-4ACC-9E18-8779AC974FB0}" = Windows Live Toolbar
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5ACE78D9-2859-A192-F416-1D3E93370ACA}" = Catalyst Control Center InstallProxy
"{5B65EF64-1DFA-414A-8C94-7BB726158E21}" = ControlDeck
"{60DE7978-4F13-5584-5E53-DCEE1CB115A5}" = AMD VISION Engine Control Center
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65DA2EC9-0642-47E9-AAE2-B5267AA14D75}" = Activation Assistant for the 2007 Microsoft Office suites
"{662CFD19-EA80-4EFE-A0D8-EE10EFEB3C83}" = Livestream Procaster
"{6B77A7F6-DD63-4F13-A6FF-83137A5AC354}" = ASUS CopyProtect
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6C3496DF-CC4C-4CDE-87A1-8657619EE2D6}_is1" = Game Park Console
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5
"{7C05592D-424B-46CB-B505-E0013E8E75C9}" = ATK Hotkey
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}" = Island Wars 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}" = Smileyville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115233673}" = Dream Day Wedding Married in Manhattan
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-116864777}" = Piggly
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8966D069-C05A-4B8C-9287-F52DE631A6C0}" = S4 League_EU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0015-0404-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0408-0000-0000000FF1CE}" = Microsoft Office Access MUI (Greek) 2007
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-040C-0000-0000000FF1CE}" = Microsoft Office Access MUI (French) 2007
"{90120000-0015-040D-0000-0000000FF1CE}" = Microsoft Office Access MUI (Hebrew) 2007
"{90120000-0015-0410-0000-0000000FF1CE}" = Microsoft Office Access MUI (Italian) 2007
"{90120000-0015-0413-0000-0000000FF1CE}" = Microsoft Office Access MUI (Dutch) 2007
"{90120000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2007
"{90120000-0015-0C0A-0000-0000000FF1CE}" = Microsoft Office Access MUI (Spanish) 2007
"{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0408-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Greek) 2007
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040D-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Hebrew) 2007
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0413-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Dutch) 2007
"{90120000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0408-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Greek) 2007
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040D-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Hebrew) 2007
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0413-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Dutch) 2007
"{90120000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0019-0404-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0408-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Greek) 2007
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-040C-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (French) 2007
"{90120000-0019-040D-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Hebrew) 2007
"{90120000-0019-0410-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Italian) 2007
"{90120000-0019-0413-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Dutch) 2007
"{90120000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2007
"{90120000-0019-0C0A-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Spanish) 2007
"{90120000-001A-0404-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0408-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Greek) 2007
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-040C-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (French) 2007
"{90120000-001A-040D-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Hebrew) 2007
"{90120000-001A-0410-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Italian) 2007
"{90120000-001A-0413-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Dutch) 2007
"{90120000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2007
"{90120000-001A-0C0A-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Spanish) 2007
"{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0408-0000-0000000FF1CE}" = Microsoft Office Word MUI (Greek) 2007
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040D-0000-0000000FF1CE}" = Microsoft Office Word MUI (Hebrew) 2007
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0413-0000-0000000FF1CE}" = Microsoft Office Word MUI (Dutch) 2007
"{90120000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0408-0000-0000000FF1CE}" = Microsoft Office Proof (Greek) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040D-0000-0000000FF1CE}" = Microsoft Office Proof (Hebrew) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0419-0000-0000000FF1CE}" = Microsoft Office Proof (Russian) 2007
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0408-0000-0000000FF1CE}" = Microsoft Office Proofing (Greek) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-040D-0000-0000000FF1CE}" = Microsoft Office Proofing (Hebrew) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0413-0000-0000000FF1CE}" = Microsoft Office Proofing (Dutch) 2007
"{90120000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0408-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Greek) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040D-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Hebrew) 2007
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0413-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Dutch) 2007
"{90120000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{91120000-0031-0000-0000-0000000FF1CE}" = Microsoft Office Professional Hybrid 2007
"{95120000-0120-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9D48531D-2135-49FC-BC29-ACCDA5396A76}" = ASUS MultiFrame
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AFF8C8F4-E4BB-891F-8636-5E71F946C5B6}" = Catalyst Control Center InstallProxy
"{B5BCBD49-202F-4238-8398-D83D423A48B4}" = Windows Live Anmelde-Assistent
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{D1E5870E-E3E5-4475-98A6-ADD614524ADF}" = ATK Media
"{D3D54F3E-C5C3-443D-978F-87A72E5616E8}" = ATK Generic Function Service
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EEF985E8-8B36-4230-B174-117A2381C17F}" = LogMeIn Hamachi
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}" = ASUS FancyStart
"{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{FA2092C5-7979-412D-A962-6485274AE1EE}" = ASUS Data Security Manager
"{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder
"Activation Assistant for the 2007 Microsoft Office suites" = Activation Assistant for the 2007 Microsoft Office suites
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Akamai" = Akamai NetSession Interface
"ASUS AP Bank_is1" = ASUS AP Bank
"Asus_Camera_ScreenSaver" = Asus_Camera_ScreenSaver
"Fiesta Online(EU_German)" = Fiesta Online(EU_German) 1.04.000
"Fraps" = Fraps
"Google Chrome" = Google Chrome
"Hyperionics DB Toolbar" = Hyperionics DB Toolbar
"ICQToolbar" = ICQ Toolbar
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Platform Device Manager
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{F4BF5F6B-F695-4762-AEB2-D095A4C34D89}" = Alcor Micro USB Card Reader
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.1.1800
"PROHYBRIDR" = 2007 Microsoft Office system
"Teamspeak 2 RC2_is1" = TeamSpeak 2 RC2
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.01 (32-Bit)
 
========== Last 10 Event Log Errors ==========
 
[ Application Events ]
Error - 7/16/2011 8:53:51 AM | Computer Name = ASUS-PC | Source = Application Hang | ID = 1002
Description = Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 1100    Startzeit: 01cc43a239dd52d5    Endzeit: 10    Anwendungspfad:
 C:\Program Files (x86)\Internet Explorer\iexplore.exe    Berichts-ID: 9c5c10c6-afaa-11e0-a674-e0cb4e2e159e

 
Error - 7/16/2011 9:07:12 AM | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Aegis64.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cf33fcb  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5be02b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c6cd2  ID des fehlerhaften
 Prozesses: 0x1c24  Startzeit der fehlerhaften Anwendung: 0x01cc43b76ffa2e4a  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 849a1e4d-afac-11e0-a674-e0cb4e2e159e
 
Error - 7/16/2011 6:56:50 PM | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Aegis64.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cf33fcb  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5be02b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c6cd2  ID des fehlerhaften
 Prozesses: 0xd44  Startzeit der fehlerhaften Anwendung: 0x01cc440752e5623f  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: e3b62082-affe-11e0-8433-e0cb4e2e159e
 
Error - 7/17/2011 6:02:33 PM | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Aegis64.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cf33fcb  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5be02b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c6cd2  ID des fehlerhaften
 Prozesses: 0xa30  Startzeit der fehlerhaften Anwendung: 0x01cc44cd3a696435  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 78db8167-b0c0-11e0-a777-e0cb4e2e159e
 
Error - 7/17/2011 6:46:57 PM | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Aegis64.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cf33fcb  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5be02b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c6cd2  ID des fehlerhaften
 Prozesses: 0xeec  Startzeit der fehlerhaften Anwendung: 0x01cc44cd5c5937a5  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: ac6ec2f7-b0c6-11e0-a777-e0cb4e2e159e
 
Error - 7/18/2011 9:22:11 AM | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Aegis64.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cf33fcb  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5be02b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c6cd2  ID des fehlerhaften
 Prozesses: 0x954  Startzeit der fehlerhaften Anwendung: 0x01cc454a12aad679  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: f13b4d0b-b140-11e0-877a-e0cb4e2e159e
 
Error - 7/18/2011 2:49:21 PM | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Aegis64.exe, Version: 0.0.0.0, Zeitstempel:
 0x4cf33fcb  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16385, Zeitstempel:
 0x4a5be02b  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000c6cd2  ID des fehlerhaften
 Prozesses: 0x262c  Startzeit der fehlerhaften Anwendung: 0x01cc4571461d6640  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\alaplaya\S4League\Aegis64.exe  Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: a5bc2728-b16e-11e0-8408-e0cb4e2e159e
 
Error - 7/18/2011 3:15:01 PM | Computer Name = ASUS-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 7/18/2011 3:18:01 PM | Computer Name = ASUS-PC | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 7/18/2011 3:20:39 PM | Computer Name = ASUS-PC | Source = System Restore | ID = 8193
Description =
 
[ System Events ]
Error - 7/28/2011 4:16:07 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Guard" wurde aufgrund folgenden Fehlers
nicht gestartet:  %%2
 
Error - 7/28/2011 4:18:02 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-2147023143.
 
Error - 7/28/2011 5:50:30 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "srvsysdriver32" wurde unerwartet beendet. Dies ist bereits
 1 Mal passiert.
 
Error - 7/28/2011 5:50:30 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "wxpdrivers" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
Error - 7/28/2011 5:50:31 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "srviecheck" wurde unerwartet beendet. Dies ist bereits 1 Mal
 passiert.
 
Error - 7/28/2011 5:50:31 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "srvbtcclient" wurde unerwartet beendet. Dies ist bereits 1
 Mal passiert.
 
Error - 7/28/2011 5:52:49 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Planer" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%2
 
Error - 7/28/2011 5:52:51 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows-Firewallautorisierungstreiber" wurde aufgrund
folgenden Fehlers nicht gestartet:  %%183
 
Error - 7/28/2011 5:52:51 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Windows-Firewall" ist vom Dienst "Windows-Firewallautorisierungstreiber"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:  %%183
 
Error - 7/28/2011 5:52:56 AM | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Avira AntiVir Guard" wurde aufgrund folgenden Fehlers
nicht gestartet:  %%2
 
 
< End of report >


Drumming 29.07.2011 14:08

Nun noch die hjtscanlist:
Code:


       
Code:

       

                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
                        º                                    º
                                    hjtscanlist v2.0             
                        º                                    º
                        $$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$

Microsoft Windows [Version 6.1.7600]
 
 
C:

  29.07.2011 13:52     C:\Windows --------- 40960  
       C:\pagefile.sys ---------   
       C:\hiberfil.sys ---------   
  29.07.2011 13:43     C:\_OTL --------- 0  
  28.07.2011 20:31     C:\Program Files (x86) --------- 20480  
  28.07.2011 20:24     C:\ProgramData --------- 8192  
  28.07.2011 12:57     C:\Program Files --------- 8192  
  28.07.2011 00:54     C:\System Volume Information --------- 4096  
  26.07.2011 14:48     C:\ATI --------- 0  
  22.07.2011 13:58     C:\FirefoxPortable --------- 4096  
  15.06.2011 23:24     C:\ProcasterInstaller.log --------- 388652  
  03.06.2011 17:09     C:\Fraps --------- 4096  
  19.05.2011 12:02     C:\asus.dat --------- 4096  
  19.05.2011 12:01     C:\$Recycle.Bin --------- 0  
  19.05.2011 11:46     C:\Users --------- 4096  
  19.05.2011 11:44     C:\Recovery --------- 0  
  03.12.2009 10:02     C:\devlist.txt --------- 13444  
  03.12.2009 10:01     C:\Finish.log --------- 9  
  03.12.2009 09:58     C:\setup.log --------- 90  
  03.12.2009 09:52     C:\inject.log.txt --------- 743079  
  03.12.2009 09:51     C:\Temp --------- 8192  
  03.12.2009 09:18     C:\SumHidd.txt --------- 170  
  03.12.2009 09:16     C:\SumOS.txt --------- 98  
  03.12.2009 09:05     C:\MSOCache --------- 0  
  02.12.2009 19:27     C:\Pass.txt --------- 146  
  10.11.2009 05:02     C:\Patch_Win7.log --------- 196  
  30.10.2009 08:40     C:\K40AB_K50AB_K40AD_K50AD_WIN7.30 --------- 19  
  30.10.2009 04:01     C:\K50ADAS.BIN --------- 1048576  
  30.10.2009 03:17     C:\K40ADAS.BIN --------- 1048576  
  27.10.2009 03:58     C:\K50ABAS.BIN --------- 1048576  
  27.10.2009 03:20     C:\K40ABAS.BIN --------- 1048576  
  16.09.2009 20:04     C:\v82.txt --------- 24  
  25.08.2009 02:10     C:\RECOVERY.DAT --------- 26  
  29.07.2009 08:03     C:\BOOTSECT.BAK --------- 8192  
  29.07.2009 08:03     C:\Boot --------- 4096  
  14.07.2009 07:08     C:\Documents and Settings --------- 0  
  14.07.2009 05:20     C:\PerfLogs --------- 0  
  14.07.2009 03:38     C:\bootmgr --------- 383562  
  02.07.2009 09:17     C:\Nero.Log --------- 37  
  15.06.2009 13:11     C:\AdobeReader.log --------- 54  
  12.06.2009 03:32     C:\OFFICE2007_L.TXT --------- 57  
----------------------------------------

 
C:\Windows

  29.07.2011 14:22     C:\Windows\bootstat.dat --------- 67584  
  29.07.2011 14:22     C:\Windows\WindowsUpdate.log --------- 595200  
  27.07.2011 20:10     C:\Windows\info1 --------- 155  
  26.07.2011 14:23     C:\Windows\winlog-ids.txt --------- 5  
  26.07.2011 14:23     C:\Windows\winlog-dirs.txt --------- 52  
  21.07.2011 22:07     C:\Windows\nsreg.dat --------- 0  
  15.06.2011 14:04     C:\Windows\ODBCINST.INI --------- 244  
  19.05.2011 12:04     C:\Windows\win.ini --------- 640  
  19.05.2011 11:53     C:\Windows\0”z --------- 20  
  03.12.2009 10:01     C:\Windows\AsChkDev.txt --------- 61126  
  03.12.2009 09:58     C:\Windows\AsScrProlog.exe --------- 47672  
  03.12.2009 09:58     C:\Windows\ASUS Camera ScreenSaver.exe --------- 4814371  
  03.12.2009 09:58     C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe --------- 281144  
  03.12.2009 09:58     C:\Windows\AsScrPro.exe --------- 3054136  
  03.12.2009 09:49     C:\Windows\explorer.exe --------- 2868224  
  03.12.2009 09:00     C:\Windows\ativpsrm.bin --------- 0  
  11.11.2009 11:34     C:\Windows\csup.txt --------- 10  
  02.11.2009 13:33     C:\Windows\OOBEPlayer.exe --------- 18944  
  22.09.2009 11:27     C:\Windows\OOBEPlayer.ini --------- 35  
  07.08.2009 09:31     C:\Windows\atiogl.xml --------- 18618  
  29.07.2009 20:37     C:\Windows\FullScreen.wmv --------- 26541350  
  14.07.2009 06:54     C:\Windows\WindowsShell.Manifest --------- 749  
  14.07.2009 03:39     C:\Windows\write.exe --------- 10240  
  14.07.2009 03:39     C:\Windows\splwow64.exe --------- 61952  
  14.07.2009 03:39     C:\Windows\regedit.exe --------- 427008  
  14.07.2009 03:39     C:\Windows\notepad.exe --------- 193536  
  14.07.2009 03:39     C:\Windows\hh.exe --------- 16896  
  14.07.2009 03:39     C:\Windows\HelpPane.exe --------- 733696  
  14.07.2009 03:39     C:\Windows\fveupdate.exe --------- 15360  
  14.07.2009 03:38     C:\Windows\bfsvc.exe --------- 71168  
  14.07.2009 03:16     C:\Windows\twain_32.dll --------- 51200  
  14.07.2009 03:14     C:\Windows\winhlp32.exe --------- 9728  
  14.07.2009 03:14     C:\Windows\twunk_32.exe --------- 31232  
  14.07.2009 01:06     C:\Windows\mib.bin --------- 43131  
  01.07.2009 10:10     C:\Windows\explorer.exe.config --------- 176  
  10.06.2009 23:41     C:\Windows\twunk_16.exe --------- 49680  
  10.06.2009 23:41     C:\Windows\twain.dll --------- 94784  
  10.06.2009 23:08     C:\Windows\system.ini --------- 219  
  10.06.2009 22:52     C:\Windows\WMSysPr9.prx --------- 316640  
  10.06.2009 22:36     C:\Windows\msdfmap.ini --------- 1405  
  10.06.2009 22:31     C:\Windows\Starter.xml --------- 48201  
  10.06.2009 22:30     C:\Windows\HomePremium.xml --------- 48265  
  05.12.2008 00:19     C:\Windows\WLXPGSS.SCR --------- 308584  
  11.04.2007 09:34     C:\Windows\difxapi.dll --------- 414632  
  19.05.2006 13:53     C:\Windows\snp2uvc.src --------- 13022  
  19.05.2006 13:39     C:\Windows\snp2uvc.ini --------- 15497  
  22.02.2003 06:42     C:\Windows\msvcr71.dll --------- 348160  
  15.07.2000 10:00     C:\Windows\MSVCRTD.DLL --------- 434252  
  23.06.2000 22:46     C:\Windows\WMPrfPtg.prx --------- 35916  
  23.06.2000 22:46     C:\Windows\WMPrfKor.prx --------- 22338  
  23.06.2000 22:46     C:\Windows\WMPrfJpn.prx --------- 23304  
  23.06.2000 22:46     C:\Windows\WMPrfIta.prx --------- 35680  
  23.06.2000 22:46     C:\Windows\WMPrfFra.prx --------- 37916  
  23.06.2000 22:46     C:\Windows\WMPrfEsp.prx --------- 35590  
  23.06.2000 22:46     C:\Windows\WMPrfDeu.prx --------- 33820  
  23.06.2000 22:46     C:\Windows\WMPrfCht.prx --------- 18804  
  23.06.2000 22:46     C:\Windows\WMPrfChs.prx --------- 19492  
----------------------------------------

 
C:\Windows\System

----------------------------------------

 
C:\Windows\System32

 29.07.2011 13:59     C:\Windows\system32\config --------- 49152 
 29.07.2011 13:56     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 --------- 10016 
 29.07.2011 13:56     C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 --------- 10016 
 28.07.2011 16:14     C:\Windows\system32\perfh009.dat --------- 610094 
 28.07.2011 16:14     C:\Windows\system32\perfc009.dat --------- 104412 
 28.07.2011 16:14     C:\Windows\system32\perfc007.dat --------- 127404 
 28.07.2011 16:14     C:\Windows\system32\perfh007.dat --------- 647376 
 28.07.2011 13:58     C:\Windows\system32\NDF --------- 4096 
 28.07.2011 11:53     C:\Windows\system32\AutoRunFilter.ini --------- 2158 
 28.07.2011 11:53     C:\Windows\system32\ServiceFilter.ini --------- 1453 
 28.07.2011 10:50     C:\Windows\system32\drivers --------- 65536 
 26.07.2011 23:56     C:\Windows\system32\catroot2 --------- 20480 
 26.07.2011 15:00     C:\Windows\system32\catroot --------- 4096 
 26.07.2011 15:00     C:\Windows\system32\DriverStore --------- 4096 
 22.07.2011 15:07     C:\Windows\system32\Tasks --------- 4096 
 09.07.2011 23:32     C:\Windows\system32\Service --------- 4096 
 01.07.2011 16:19     C:\Windows\system32\wdi --------- 4096 
 01.07.2011 10:31     C:\Windows\system32\MRT.exe --------- 50867144 
 20.06.2011 14:51     C:\Windows\system32\winrm --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\oobe --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\migwiz --------- 8192 
 20.06.2011 14:51     C:\Windows\system32\Boot --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\slmgr --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\sysprep --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\Setup --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\migration --------- 8192 
 20.06.2011 14:51     C:\Windows\system32\WCN --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\Dism --------- 4096 
 20.06.2011 14:51     C:\Windows\system32\MUI --------- 4096 
 20.06.2011 14:50     C:\Windows\system32\Printing_Admin_Scripts --------- 4096 
 20.06.2011 14:50     C:\Windows\system32\wbem --------- 65536 
 20.06.2011 14:50     C:\Windows\system32\es-ES --------- 307200 
 20.06.2011 14:48     C:\Windows\system32\com --------- 4096 
 20.06.2011 14:41     C:\Windows\system32\pt-PT --------- 327680 
 20.06.2011 14:39     C:\Windows\system32\en-US --------- 192512 
 20.06.2011 14:36     C:\Windows\system32\nl-NL --------- 307200 
 20.06.2011 14:35     C:\Windows\system32\it-IT --------- 307200 
 20.06.2011 14:34     C:\Windows\system32\he-IL --------- 172032 
 20.06.2011 14:33     C:\Windows\system32\el-GR --------- 327680 
 20.06.2011 14:33     C:\Windows\system32\fr-FR --------- 307200 
 20.06.2011 14:31     C:\Windows\system32\zh-TW --------- 327680 
 12.06.2011 20:51     C:\Windows\system32\LogFiles --------- 4096 
 09.06.2011 19:14     C:\Windows\system32\PerfStringBackup.INI --------- 7024528 
 28.05.2011 14:56     C:\Windows\system32\frapsv64.dll --------- 71680 
 24.05.2011 23:44     C:\Windows\system32\OVDecode64.dll --------- 61952 
 24.05.2011 23:44     C:\Windows\system32\OpenCL.dll --------- 53760 
 24.05.2011 23:44     C:\Windows\system32\amdocl64.dll --------- 16672768 
 24.05.2011 19:14     C:\Windows\system32\MpSigStub.exe --------- 270720 
 23.05.2011 12:47     C:\Windows\system32\Defrag.ini --------- 80 
 23.05.2011 12:29     C:\Windows\system32\FNTCACHE.DAT --------- 452688 
 19.05.2011 20:43     C:\Windows\system32\license.rtf --------- 52953 
 19.05.2011 11:55     C:\Windows\system32\DRVSTORE --------- 0 
 19.05.2011 11:44     C:\Windows\system32\log --------- 0 
 19.05.2011 11:44     C:\Windows\system32\Recovery --------- 0 
 24.10.2010 00:56     C:\Windows\system32\CamCodec.dll --------- 49664 
 18.03.2010 09:36     C:\Windows\system32\mfc100fra.dll --------- 64336 
 18.03.2010 09:36     C:\Windows\system32\msvcp100.dll --------- 607568 
 18.03.2010 09:36     C:\Windows\system32\msvcr100.dll --------- 827728 
 18.03.2010 09:36     C:\Windows\system32\mfcm100u.dll --------- 91472 
 18.03.2010 09:36     C:\Windows\system32\mfcm100.dll --------- 91472 
 18.03.2010 09:36     C:\Windows\system32\mfc100u.dll --------- 5522768 
 18.03.2010 09:36     C:\Windows\system32\vcomp100.dll --------- 57168 
 18.03.2010 09:36     C:\Windows\system32\atl100.dll --------- 158536 
 18.03.2010 09:36     C:\Windows\system32\mfc100.dll --------- 5493576 
 18.03.2010 09:36     C:\Windows\system32\mfc100chs.dll --------- 36176 
 18.03.2010 09:36     C:\Windows\system32\mfc100cht.dll --------- 36176 
 18.03.2010 09:36     C:\Windows\system32\mfc100deu.dll --------- 64336 
 18.03.2010 09:36     C:\Windows\system32\mfc100enu.dll --------- 55120 
 18.03.2010 09:36     C:\Windows\system32\mfc100esn.dll --------- 63824 
 18.03.2010 09:36     C:\Windows\system32\mfc100rus.dll --------- 60752 
 18.03.2010 09:36     C:\Windows\system32\mfc100kor.dll --------- 43344 
 18.03.2010 09:36     C:\Windows\system32\mfc100ita.dll --------- 62288 
 18.03.2010 09:36     C:\Windows\system32\mfc100jpn.dll --------- 43856 
 03.12.2009 09:51     C:\Windows\system32\SRSLabs --------- 0 
 03.12.2009 09:51     C:\Windows\system32\msv1_0.dll --------- 311808 
 03.12.2009 09:51     C:\Windows\system32\msasn1.dll --------- 46592 
 03.12.2009 09:50     C:\Windows\system32\mshtml.dll --------- 9272320 
 03.12.2009 09:50     C:\Windows\system32\msfeedsbs.dll --------- 82944 
 03.12.2009 09:49     C:\Windows\system32\wmploc.DLL --------- 12625920 
 03.12.2009 09:49     C:\Windows\system32\wmp.dll --------- 14629376 
 03.12.2009 09:49     C:\Windows\system32\fontsub.dll --------- 100864 
 03.12.2009 09:49     C:\Windows\system32\atmfd.dll --------- 366080 
 03.12.2009 09:49     C:\Windows\system32\CertEnroll.dll --------- 1975296 
 03.12.2009 09:49     C:\Windows\system32\t2embed.dll --------- 148480 
 03.12.2009 09:45     C:\Windows\system32\OEM --------- 0 
 03.12.2009 09:05     C:\Windows\system32\restore --------- 0 
 02.10.2009 05:39     C:\Windows\system32\ATIDEMGX.dll --------- 446464 
 02.10.2009 05:38     C:\Windows\system32\atieclxx.exe --------- 439296 
 02.10.2009 05:38     C:\Windows\system32\atiesrxx.exe --------- 202752 
 02.10.2009 05:36     C:\Windows\system32\atitmm64.dll --------- 120320 
 02.10.2009 05:36     C:\Windows\system32\atipdl64.dll --------- 421376 
 02.10.2009 05:36     C:\Windows\system32\atimuixx.dll --------- 12288 
 02.10.2009 05:36     C:\Windows\system32\atiedu64.dll --------- 59392 
 02.10.2009 05:24     C:\Windows\system32\atidxx64.dll --------- 3599360 
 02.10.2009 05:17     C:\Windows\system32\atio6axx.dll --------- 16681984 
 02.10.2009 05:10     C:\Windows\system32\atiumd64.dll --------- 4649472 
 02.10.2009 05:02     C:\Windows\system32\atiumd6a.dll --------- 2519040 
 02.10.2009 05:00     C:\Windows\system32\atiumd6a.cap --------- 333904 
 02.10.2009 04:40     C:\Windows\system32\atimpc64.dll --------- 53248 
 02.10.2009 04:40     C:\Windows\system32\amdpcom64.dll --------- 53248 
----------------------------------------

 
C:\Windows\Prefetch

 23.05.2011 13:35     C:\Windows\Prefetch\AgGlFgAppHistory.db --------- 338851 
 23.05.2011 13:35     C:\Windows\Prefetch\AgGlFaultHistory.db --------- 357203 
 23.05.2011 13:35     C:\Windows\Prefetch\AgGlGlobalHistory.db --------- 1297268 
 23.05.2011 13:35     C:\Windows\Prefetch\AgRobust.db --------- 66384 
 23.05.2011 13:35     C:\Windows\Prefetch\PfSvPerfStats.bin --------- 584 
 23.05.2011 13:05     C:\Windows\Prefetch\ReadyBoot --------- 0 
 19.05.2011 11:47     C:\Windows\Prefetch\AgAppLaunch.db --------- 334168 
----------------------------------------

 
C:\Windows\Tasks

 29.07.2011 13:57     C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job --------- 1106 
 29.07.2011 13:48     C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job --------- 1102 
 29.07.2011 13:47     C:\Windows\Tasks\SA.DAT --------- 6 
 19.07.2011 12:32     C:\Windows\Tasks\SCHEDLGU.TXT --------- 32632 
----------------------------------------

 
C:\Windows\Temp

 29.07.2011 14:10     C:\Windows\Temp\fwtsqmfile01.sqm --------- 608 
 29.07.2011 13:57     C:\Windows\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb --------- 3596 
 29.07.2011 13:49     C:\Windows\Temp\lpksetup-20110729-134918-0.log --------- 2650 
 29.07.2011 13:49     C:\Windows\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb --------- 3596 
 29.07.2011 13:46     C:\Windows\Temp\fwtsqmfile00.sqm --------- 608 
----------------------------------------

 
C:\Users\ASUS\AppData\Local\Temp

 29.07.2011 13:54     C:\Users\ASUS\AppData\Local\Temp\jusched.log --------- 767 
 29.07.2011 13:51     C:\Users\ASUS\AppData\Local\Temp\~DF7662ED510D4E7F3D.TMP --------- 16384 
 29.07.2011 13:50     C:\Users\ASUS\AppData\Local\Temp\StructuredQuery.log --------- 707 
 29.07.2011 13:50     C:\Users\ASUS\AppData\Local\Temp\~DFDA51C10D0C92AE39.TMP --------- 16384 
 29.07.2011 13:50     C:\Users\ASUS\AppData\Local\Temp\Low --------- 0 
 29.07.2011 13:49     C:\Users\ASUS\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D12}.tlb --------- 3596 
 29.07.2011 13:49     C:\Users\ASUS\AppData\Local\Temp\FXSAPIDebugLogFile.txt --------- 0 
 29.07.2011 13:48     C:\Users\ASUS\AppData\Local\Temp\{E9C1E0AC-C9B2-4c85-94DE-9C1518918D02}.tlb --------- 3596 
----------------------------------------

 
C:\Program Files

 28.07.2011 12:57     C:\Program Files\CCleaner --------- 0 
 27.07.2011 20:28     C:\Program Files\HyperCam 2 --------- 4096 
 26.07.2011 15:00     C:\Program Files\ATI Technologies --------- 0 
 20.06.2011 14:53     C:\Program Files\Windows Mail --------- 4096 
 20.06.2011 14:53     C:\Program Files\Windows Sidebar --------- 4096 
 20.06.2011 14:53     C:\Program Files\Internet Explorer --------- 4096 
 20.06.2011 14:53     C:\Program Files\Windows Media Player --------- 4096 
 20.06.2011 14:53     C:\Program Files\Windows Journal --------- 4096 
 20.06.2011 14:53     C:\Program Files\Windows Photo Viewer --------- 4096 
 20.06.2011 14:53     C:\Program Files\Windows Defender --------- 4096 
 20.06.2011 14:32     C:\Program Files\DVD Maker --------- 4096 
 12.06.2011 12:11     C:\Program Files\Google --------- 0 
 19.05.2011 11:55     C:\Program Files\Windows Live --------- 0 
 03.12.2009 09:58     C:\Program Files\ASUS --------- 0 
 03.12.2009 09:56     C:\Program Files\P4G --------- 4096 
 03.12.2009 09:53     C:\Program Files\Elantech --------- 4096 
 03.12.2009 09:52     C:\Program Files\SRS Labs --------- 0 
 03.12.2009 09:51     C:\Program Files\DIFX --------- 0 
 03.12.2009 09:51     C:\Program Files\ATKGFNEX --------- 4096 
 03.12.2009 09:47     C:\Program Files\ATI --------- 0 
 03.12.2009 09:46     C:\Program Files\Trend Micro --------- 0 
 03.12.2009 09:11     C:\Program Files\Microsoft Office --------- 0 
 14.07.2009 09:45     C:\Program Files\Microsoft Games --------- 4096 
 14.07.2009 07:32     C:\Program Files\Windows Portable Devices --------- 0 
 14.07.2009 07:32     C:\Program Files\MSBuild --------- 0 
 14.07.2009 07:32     C:\Program Files\Reference Assemblies --------- 0 
 14.07.2009 07:32     C:\Program Files\Windows NT --------- 0 
 14.07.2009 07:09     C:\Program Files\Uninstall Information --------- 0 
 14.07.2009 06:54     C:\Program Files\desktop.ini --------- 174 
 14.07.2009 05:20     C:\Program Files\Common Files --------- 4096 
----------------------------------------

 
C:\ProgramData\..

ASUS   
Public   
Default   
Default User   
All Users   
desktop.ini   
----------------------------------------

 
C:\Windows\system32\drivers\etc\hosts

127.0.0.1       localhost
::1       localhost

----------------------------------------

 

Abbildname                     PID Sitzungsname       Sitz.-Nr. Speichernutzung
========================= ======== ================ =========== ===============
System Idle Process              0 Services                   0            24 K
System                           4 Services                   0           996 K
smss.exe                       252 Services                   0         1.032 K
csrss.exe                      340 Services                   0         6.160 K
csrss.exe                      420 Console                    1        14.988 K
wininit.exe                    428 Services                   0         6.060 K
services.exe                   480 Services                   0        10.960 K
winlogon.exe                   512 Console                    1         6.884 K
lsass.exe                      548 Services                   0        12.544 K
lsm.exe                        560 Services                   0         4.276 K
svchost.exe                    664 Services                   0         9.064 K
svchost.exe                    776 Services                   0         9.132 K
atiesrxx.exe                   868 Services                   0         3.972 K
svchost.exe                    920 Services                   0        29.552 K
svchost.exe                    964 Services                   0        18.084 K
svchost.exe                    988 Services                   0        38.000 K
svchost.exe                    296 Services                   0        14.076 K
svchost.exe                    268 Services                   0        15.740 K
FBAgent.exe                   1148 Services                   0        12.704 K
AsLdrSrv.exe                  1188 Services                   0         3.660 K
atieclxx.exe                  1216 Console                    1         5.400 K
GFNEXSrv.exe                  1380 Services                   0         3.088 K
spoolsv.exe                   1540 Services                   0        11.748 K
taskhost.exe                  1600 Console                    1         9.632 K
dwm.exe                       1648 Console                    1        38.588 K
explorer.exe                  1668 Console                    1        70.476 K
HControl.exe                  1744 Console                    1         6.376 K
svchost.exe                   1772 Services                   0        20.996 K
ATKOSD.exe                    1836 Console                    1         5.528 K
taskeng.exe                   1848 Console                    1         6.268 K
BatteryLife.exe               1924 Console                    1         4.252 K
sensorsrv.exe                 1932 Console                    1         4.256 K
ACMON.exe                     1940 Console                    1         5.552 K
ALU.exe                       1948 Console                    1         4.272 K
wcourier.exe                  1960 Console                    1         4.260 K
ASPG.exe                      1968 Console                    1         4.272 K
ControlDeckStartUp.exe        1992 Console                    1         3.240 K
svchost.exe                   2012 Services                   0        14.636 K
Fuel.Service.exe              2032 Services                   0         9.140 K
hamachi-2.exe                 1232 Services                   0         9.940 K
KBFiltr.exe                   1348 Console                    1         3.780 K
WDC.exe                       1352 Console                    1         5.000 K
ICQ Service.exe               1792 Services                   0         6.684 K
hamachi-2-ui.exe              2064 Console                    1         7.548 K
OberonGameConsoleService.     2176 Services                   0        23.332 K
SeaPort.exe                   2300 Services                   0        10.212 K
SfCtlCom.exe                  2340 Services                   0        11.900 K
svchost.exe                   2372 Services                   0         5.424 K
UfSeAgnt.exe                  2616 Console                    1         1.540 K
svchost.exe                   2716 Services                   0         6.340 K
svchost.exe                   2920 Services                   0        14.572 K
TmProxy.exe                   2700 Services                   0        21.044 K
ADSMSrv.exe                   3248 Services                   0         3.816 K
SearchIndexer.exe             3356 Services                   0        29.324 K
AsScrPro.exe                  3524 Console                    1         7.844 K
CLMLSvc.exe                   3604 Console                    1         7.392 K
BackupService.exe             3816 Console                    1        44.796 K
ETDCtrl.exe                   3824 Console                    1         8.236 K
AmIcoSinglun64.exe            3832 Console                    1         6.036 K
ICQ.exe                       3868 Console                    1        40.220 K
cacaoweb.exe                  3892 Console                    1         8.012 K
HControlUser.exe              4012 Console                    1         3.164 K
ATKOSD2.exe                   4020 Console                    1        10.448 K
VDECK.EXE                     4028 Console                    1        31.092 K
DMedia.exe                    4036 Console                    1         3.912 K
jusched.exe                   4052 Console                    1         4.248 K
mbamgui.exe                   4088 Console                    1         7.264 K
SRSPremiumPanel_64.exe         316 Console                    1        18.220 K
MOM.exe                        324 Console                    1         4.664 K
ACEngSvr.exe                  3132 Console                    1         6.272 K
CCC.exe                       2904 Console                    1        10.012 K
wmpnetwk.exe                  4464 Services                   0        13.192 K
svchost.exe                   4508 Services                   0        15.364 K
iexplore.exe                  3172 Console                    1        23.312 K
iexplore.exe                  5164 Console                    1        47.448 K
GoogleToolbarUser_32.exe      5428 Console                    1        11.224 K
mbamservice.exe               5620 Services                   0        35.696 K
svchost.exe                   4736 Services                   0        26.580 K
TMBMSRV.exe                   5872 Services                   0         9.008 K
PresentationFontCache.exe     6228 Services                   0        16.512 K
notepad.exe                   3120 Console                    1         6.048 K
audiodg.exe                   1888 Services                   0        16.484 K
SearchProtocolHost.exe        5548 Services                   0         7.980 K
SearchFilterHost.exe          1516 Services                   0         6.188 K
cmd.exe                       6036 Console                    1         3.560 K
conhost.exe                   5952 Console                    1         6.284 K
tasklist.exe                  5716 Console                    1         5.164 K
WmiPrvSE.exe                   816 Services                   0         5.896 K

 
***** Ende des Scans 29.07.2011 um 14:24:30,60 ***



Schuldigung für die vielen Beiträge, wenn es zu lang dauert einen Beitrag zu schreiben (wegen zu vielen Zeichen) kommt Error.

Drumming 29.07.2011 14:10

Außerdem möcht ich mich an dieser Stelle Bedanken.
Gute Arbeit.
Dankeschoen

kira 30.07.2011 08:32

1.
Ich denke, geht durch einfaches Löschen:
Zitat:

C:\Windows\info1
C:\Windows\winlog-ids.txt
C:\Windows\winlog-dirs.txt
Danach gleich den Papierkorb leeren!

2.
** Update Malwarebytes Anti-Malware, lass es nochmal anhand der folgenden Anleitung laufen:
  • per Doppelklick starten.
  • gleich mal die Datenbanken zu aktualisieren - online updaten
  • Vollständiger Suchlauf wählen (überall Haken setzen)
  • wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
  • alle Funde bis auf - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
  • Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"
eine bebilderte Anleitung findest Du hier: Anleitung

3.
  • lade Dir SUPERAntiSpyware FREE Edition herunter.
  • installiere das Programm und update online.
  • starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
  • setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
  • anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
  • auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
  • um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
  • drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

4.
- "Link:-> ESET Online Scanner
>>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

-> Führe dann einen Komplett-Systemcheck mit Eset/Nod32 durch

- folgendes bitte anhaken > "Remove found threads" und "Scan archives"
- die Scanergebnis als *.txt Dateien speichern)
- meistens "C:\Programme\Eset\EsetOnlineScanner\log.txt"

Vor dem Scan Einstellungen im Internet Explorer:
- "Extras→ Internetoptionen→ Sicherheit":
- alles auf Standardstufe stellen
- Active X erlauben
- um den Scan zu starten: wenn du danach gefragt wirst (den Text in der Informationsleiste ) - ActiveX-Steuerelement installieren lassen

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Drumming 30.07.2011 17:17

So habe die Dateien gelöscht.

Code:

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Datenbank Version: 7324

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

30.07.2011 13:06:31
mbam-log-2011-07-30 (13-06-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Durchsuchte Objekte: 300606
Laufzeit: 51 Minute(n), 43 Sekunde(n)

Infizierte Speicherprozesse: 0
Infizierte Speichermodule: 0
Infizierte Registrierungsschlüssel: 0
Infizierte Registrierungswerte: 0
Infizierte Dateiobjekte der Registrierung: 0
Infizierte Verzeichnisse: 0
Infizierte Dateien: 0

Infizierte Speicherprozesse:
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel:
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte:
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung:
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse:
(Keine bösartigen Objekte gefunden)

Infizierte Dateien:
(Keine bösartigen Objekte gefunden)

Bei SUPERAntiSpyware Free Edition habe ich kein Protokoll bekommen:dummguck:

Dann noch der Eset Log:
Code:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e5968c5260b46042ac199fd1ee612b0a
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-30 12:35:14
# local_time=2011-07-30 02:35:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode=513 16777085 100 97 10492 61099975 0 0
# compatibility_mode=1792 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 343094 63659126 0 0
# compatibility_mode=8192 67108863 100 0 149 149 0 0
# scanned=569
# found=0
# cleaned=0
# scan_time=37
esets_scanner_update returned -1 esets_gle=53251
# version=7
# iexplore.exe=8.00.7600.16385 (win7_rtm.090713-1255)
# OnlineScanner.ocx=1.0.0.6528
# api_version=3.0.2
# EOSSerial=e5968c5260b46042ac199fd1ee612b0a
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2011-07-30 02:26:06
# local_time=2011-07-30 04:26:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode=513 16777085 100 97 10648 61100131 0 0
# compatibility_mode=1792 16777215 100 0 0 0 0 0
# compatibility_mode=5893 16776573 100 94 343250 63659282 0 0
# compatibility_mode=8192 67108863 100 0 305 305 0 0
# scanned=153472
# found=3
# cleaned=3
# scan_time=6534
C:\Windows\system64\consrv.dll        Win64/Agent.AC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)        00000000000000000000000000000000        C
C:\Windows\system64\drivers\etc\hosts.bak        Win32/Qhost Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)        00000000000000000000000000000000        C
C:\_OTL\MovedFiles\07292011_134328\C_Windows\System32\drivers\etc\hosts        Win32/Qhost Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)        00000000000000000000000000000000        C



Alle Zeitangaben in WEZ +1. Es ist jetzt 21:43 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129