Trojaner-Board - Backdoorprogramm BDS/Cycbot.176128.56

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Backdoorprogramm BDS/Cycbot.176128.56 (https://www.trojaner-board.de/106254-backdoorprogramm-bds-cycbot-176128-56-a.html)

unten nun der file zum eset online scan. was soll ich mit den dateien in der quarantäne machen? noch mal scannen und entfernen lassen?

Code:

C:\Program Files (x86)\kisi2011.exe        Win32/MCH application        deleted - quarantined

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe        a variant of Win32/HiddenStart.A application        cleaned by deleting - quarantined

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe        a variant of Win32/HiddenStart.A application        cleaned by deleting - quarantined

C:\Users\Nico.dell-PC.000\Documents\SweetImSetup.exe        a variant of Win32/SweetIM.B application        cleaned by deleting - quarantined

C:\Windows\System32\drivers\mchccinj.sys        Win32/MCH application        cleaned by deleting - quarantined

C:\Windows\System32\wdrv\wdrvccin.bin        Win32/MCH application        cleaned by deleting - quarantined

:

hi kira,
hier die otl files.

viele grüße
jasmina

Code:

OTL logfile created on: 18.12.2011 16:36:35 - Run 9

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,90 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 44,19% Memory free

7,79 Gb Paging File | 5,53 Gb Available in Paging File | 70,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 235,24 Gb Total Space | 110,47 Gb Free Space | 46,96% Space Free | Partition Type: NTFS

Drive D: | 215,77 Gb Total Space | 206,35 Gb Free Space | 95,63% Space Free | Partition Type: NTFS

 

Computer Name: DELL-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.12.15 19:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL\OTL.exe

PRC - [2011.12.15 11:28:56 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

PRC - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

PRC - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe

PRC - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe

PRC - [2011.04.19 07:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

PRC - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

PRC - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

PRC - [2011.01.24 21:33:24 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

PRC - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

PRC - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

PRC - [2010.09.14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010.09.14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

PRC - [2010.08.20 00:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe

PRC - [2009.07.14 00:15:34 | 002,250,640 | ---- | M] (Salfeld Computer) -- C:\Windows\SysWOW64\cchservice.exe

PRC - [2009.04.16 12:23:56 | 000,479,232 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

MOD - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

MOD - [2011.05.30 09:25:32 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll

MOD - [2011.05.30 09:25:32 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll

MOD - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MOD - [2010.11.25 04:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

MOD - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2010.08.12 00:19:34 | 000,077,024 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

MOD - [2010.08.12 00:19:32 | 000,109,792 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

MOD - [2010.08.12 00:19:32 | 000,072,928 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

MOD - [2010.08.12 00:19:30 | 000,232,672 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

MOD - [2010.08.12 00:19:30 | 000,126,176 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

MOD - [2010.08.12 00:19:30 | 000,119,008 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

MOD - [2010.08.12 00:19:26 | 001,121,504 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll

MOD - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010.11.29 21:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV:64bit: - [2010.09.23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2011.12.14 20:49:17 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)

SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)

SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)

SRV - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

SRV - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

SRV - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2010.12.17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)

SRV - [2010.12.17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV - [2010.12.17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)

SRV - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010.11.25 11:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010.11.25 11:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)

SRV - [2010.09.14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010.09.14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010.08.26 02:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010.08.25 08:56:38 | 000,765,592 | ---- | M] (Salfeld Computer) [Auto | Stopped] -- C:\Windows\SysWOW64\ksupmgr.exe -- (ksupmgr)

SRV - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.11.18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.07.13 12:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.07.13 12:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.06.29 10:25:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.06.29 10:25:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.04.12 10:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.09 09:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.02.10 23:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2011.02.10 23:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2011.01.28 09:57:14 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2011.01.24 08:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)

DRV:64bit: - [2011.01.24 08:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)

DRV:64bit: - [2011.01.24 07:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)

DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.12.22 10:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)

DRV:64bit: - [2010.12.17 18:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.12.15 18:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.12.13 18:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)

DRV:64bit: - [2010.12.12 15:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)

DRV:64bit: - [2010.11.30 03:04:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2010.11.29 21:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)

DRV:64bit: - [2010.10.16 01:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.09.14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010.09.14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010.09.14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010.09.14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010.09.01 09:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010.08.20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)

DRV:64bit: - [2010.08.12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2010.07.13 03:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)

DRV:64bit: - [2010.06.11 17:14:00 | 001,799,808 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer7231_x64.sys -- (AVer7231_x64)

DRV:64bit: - [2010.03.19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010.02.27 16:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)

DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2006.11.28 21:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNMp50.sys -- (PDNMp50)

DRV - [2006.11.28 21:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNSp50.sys -- (PDNSp50)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C D9 A7 7C 86 BD CC 01  [binary data]

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50263

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 50263

FF - prefs.js..network.proxy.type: 0

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.15 11:29:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.11 09:40:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2011.12.15 11:29:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.11.11 18:53:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011.09.12 11:27:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\3cers2zs.default\extensions

[2011.11.11 09:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.10.01 08:52:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011.10.17 08:31:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011.10.29 10:21:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2011.12.15 11:29:03 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2011.11.11 09:40:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.29 10:21:40 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011.09.16 21:59:18 | 000,170,064 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[2011.09.29 02:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.09.29 02:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.09.29 02:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.09.29 02:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

 

O1 HOSTS File: ([2011.09.12 21:31:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ChicoSys] C:\Windows\SysWOW64\cc32\webtmr.exe (Salfeld Computer)

O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)

O4 - HKLM..\Run: [SMSTray] C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\.DEFAULT..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-18..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)

O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - Startup: C:\Users\Jasmina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\Nico.dell-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8601AA9-2FCA-424D-B13E-12984594DCE3}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O32 - Unable to read "AutoRun" value or value not present!

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.18 13:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.12.18 08:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2011.12.18 08:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2011.12.18 08:06:21 | 000,000,000 | ---D | C] -- C:\_OTL

[2011.12.17 09:35:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com

[2011.12.17 09:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2011.12.16 09:08:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\RealNetworks

[2011.12.15 11:50:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SoftGrid Client

[2011.12.15 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.12.15 11:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.12.15 11:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011.12.15 11:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011.12.15 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2011.12.15 11:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2011.12.15 11:29:01 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real

[2011.12.15 11:25:22 | 000,713,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:52 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\4d0d2e25

[2011.12.15 11:14:51 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011.12.15 10:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.12.15 10:39:52 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:29:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen

[2011.12.14 23:09:17 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2011.12.14 23:09:17 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2011.12.14 23:09:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2011.12.14 08:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP

[2011.12.02 16:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon

[2011.12.02 16:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

[2011.12.02 16:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU

[2011.12.02 15:45:54 | 000,000,000 | ---D | C] -- C:\Download

[2011.12.02 15:45:20 | 000,000,000 | ---D | C] -- C:\Nexon

[2011.12.02 15:45:19 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak

[2011.11.24 09:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2011.11.24 09:23:29 | 012,713,136 | ---- | C] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[2011.10.29 11:49:39 | 039,401,336 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\QuickTimeInstaller.exe

[2011.10.29 11:04:38 | 010,311,496 | ---- | C] (Opera Software ASA) -- C:\Program Files (x86)\Opera_1152_int_Setup.exe

[2011.10.29 10:10:18 | 000,910,624 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\jxpiinstall.exe

[2011.10.25 12:17:18 | 009,756,672 | ---- | C] ((c) Phoenix Technologies Ltd. ) -- C:\Program Files\L502X_A__06.exe

[2011.10.17 08:29:10 | 001,739,400 | ---- | C] (Secunia) -- C:\Program Files (x86)\PSISetup2003.exe

[2011.10.17 08:05:48 | 013,885,360 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 7.0.1.exe

[2011.09.24 17:12:36 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wlsetup-web__1_.exe

[2011.09.23 14:09:00 | 000,676,624 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer_1406666_de.exe

[2011.09.22 10:34:36 | 003,089,056 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files (x86)\install_flash_player.exe

[2011.08.28 11:11:15 | 051,975,388 | ---- | C] (Acresso Software Inc.) -- C:\Program Files (x86)\VSX4_Pro_TBYB.exe.part

[2011.08.27 11:56:04 | 001,228,384 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\PremiereElements_9_LS15.exe

[2011.08.25 17:58:21 | 006,716,353 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Sunbird_Setup_1.0_Beta_1.exe

[2011.07.18 15:59:52 | 013,522,064 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 5.0.1.exe

[2011.05.28 13:13:41 | 014,212,584 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToiPodConverter.exe

[2011.05.28 13:11:38 | 014,563,768 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToMP3Converter.exe

[2011.05.22 09:35:05 | 021,255,560 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files (x86)\SkypeSetupFull.exe

[2011.05.19 14:37:24 | 081,797,928 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\iTunes64Setup.exe

[2011.05.19 14:17:51 | 020,240,744 | ---- | C] (The GIMP Team                                               ) -- C:\Program Files (x86)\gimp-2.6.11-i686-setup.exe

[2011.05.19 14:17:11 | 019,735,256 | ---- | C] (                                                            ) -- C:\Program Files (x86)\gimp-2.6.8-x64-setup.exe

[2011.05.19 14:06:00 | 000,767,064 | ---- | C] (NCH Software) -- C:\Program Files (x86)\wpsetup4.57.exe

[2011.05.19 12:34:44 | 000,568,648 | ---- | C] (Google Inc.) -- C:\Program Files (x86)\GoogleEarthSetup.exe

[2011.05.19 12:26:57 | 009,559,320 | ---- | C] (Opera Software ASA) -- C:\Program Files (x86)\Opera_1111_int_Setup.exe

[2011.05.19 12:26:00 | 009,326,056 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Thunderbird Setup 3.1.10.exe

[2011.05.19 12:25:04 | 012,362,480 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 4.0.1.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.18 14:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.18 14:11:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.18 14:11:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.18 14:09:10 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.18 14:04:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.12.18 14:04:01 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.18 13:43:51 | 000,001,207 | ---- | M] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.12.18 08:07:06 | 000,008,019 | ---- | M] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.18 08:07:00 | 000,000,735 | ---- | M] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.17 12:09:26 | 000,001,595 | ---- | M] () -- C:\Users\Administrator\Desktop\DELL-PC - Verknüpfung.lnk

[2011.12.15 11:47:50 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.15 11:35:17 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 11:29:01 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:25:23 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:41 | 001,500,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.12.15 11:22:41 | 000,654,798 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.12.15 11:22:41 | 000,616,640 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.12.15 11:22:41 | 000,130,380 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.12.15 11:22:41 | 000,106,762 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.12.15 11:14:56 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 10:39:52 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:25:41 | 000,353,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.12.15 08:02:34 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI

[2011.12.14 21:33:43 | 000,000,348 | ---- | M] () -- C:\NET.INI

[2011.12.14 08:38:37 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011.12.02 16:25:10 | 000,001,632 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.12.02 15:45:19 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:39:41 | 000,002,209 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.24 09:23:39 | 012,713,136 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.12.18 14:05:28 | 000,001,492 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011.12.18 14:05:28 | 000,001,407 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2011.12.18 08:32:34 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.18 08:06:30 | 000,000,735 | ---- | C] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.17 12:09:26 | 000,001,595 | ---- | C] () -- C:\Users\Administrator\Desktop\DELL-PC - Verknüpfung.lnk

[2011.12.16 10:33:33 | 000,008,019 | ---- | C] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.15 11:47:50 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.15 11:35:17 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 10:41:56 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 08:02:34 | 000,000,118 | ---- | C] () -- C:\Windows\SysNative\MRT.INI

[2011.12.02 16:25:10 | 000,001,632 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.11.24 09:39:41 | 000,002,209 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.11 07:32:42 | 001,527,140 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.10.29 09:54:07 | 001,019,816 | ---- | C] () -- C:\Program Files\DELL_DELL-DIGITAL-DELIVERY_A05_R313622.exe

[2011.10.10 16:51:50 | 000,155,536 | ---- | C] () -- C:\Windows\SysWow64\dllcinx.exe

[2011.10.10 16:51:48 | 000,000,600 | ---- | C] () -- C:\Windows\SysWow64\nochook.ini

[2011.10.03 13:41:52 | 000,247,053 | ---- | C] () -- C:\Program Files (x86)\mp3DC213.exe

[2011.09.29 09:19:37 | 000,001,207 | ---- | C] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.09.29 09:18:42 | 000,000,141 | -H-- | C] () -- C:\Windows\SysWow64\ctlsw.ini

[2011.09.29 09:18:42 | 000,000,102 | ---- | C] () -- C:\Windows\SysWow64\SWCTL.DLL

[2011.09.29 08:11:44 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

[2011.09.29 08:11:43 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll

[2011.09.29 07:55:01 | 003,103,511 | ---- | C] () -- C:\Program Files (x86)\kcsetup8.exe

[2011.09.23 14:05:53 | 021,073,936 | ---- | C] () -- C:\Program Files (x86)\vlc-1.1.11-win32.exe

[2011.09.23 12:51:28 | 000,003,027 | ---- | C] () -- C:\Program Files (x86)\Français.lng

[2011.09.23 12:51:28 | 000,002,946 | ---- | C] () -- C:\Program Files (x86)\Español.lng

[2011.09.23 12:51:28 | 000,002,920 | ---- | C] () -- C:\Program Files (x86)\Italiano.lng

[2011.09.23 12:51:28 | 000,002,699 | ---- | C] () -- C:\Program Files (x86)\Deutsch.lng

[2011.09.23 12:51:28 | 000,002,553 | ---- | C] () -- C:\Program Files (x86)\Suomi.lng

[2011.09.23 12:40:52 | 023,773,184 | ---- | C] () -- C:\Program Files (x86)\PXCViewer98_x64.msi

[2011.09.23 12:27:47 | 001,376,768 | ---- | C] () -- C:\Program Files (x86)\7z920-x64.msi

[2011.09.16 06:44:01 | 168,166,968 | ---- | C] () -- C:\Program Files (x86)\OOo_3.3.0_Win_x86_install-wJRE_de.exe

[2011.08.28 09:55:59 | 002,466,704 | ---- | C] () -- C:\Program Files (x86)\AdobeDownloadAssistant.exe

[2011.08.27 11:27:07 | 1316,066,539 | ---- | C] () -- C:\Program Files (x86)\PremiereElements_9_LS15.7z

[2011.08.27 11:23:03 | 008,353,800 | ---- | C] () -- C:\Program Files (x86)\Adobe_Premiere_Elements_9-AkamaiDLM.exe

[2011.05.19 14:44:09 | 001,663,693 | ---- | C] () -- C:\Program Files (x86)\winrar-x64-400d.exe

[2011.05.19 14:10:20 | 014,166,016 | ---- | C] () -- C:\Program Files (x86)\wz150gev.msi

[2011.05.19 14:09:07 | 006,088,218 | ---- | C] () -- C:\Program Files (x86)\flash_player.zip

[2011.05.19 13:52:49 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011.05.19 12:39:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011.05.19 12:28:56 | 052,718,176 | ---- | C] () -- C:\Program Files (x86)\avira_antivir_personal_de.exe

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_89001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_49001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_33011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A0F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_14001461_61.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_13011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_8a.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_890F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_2B0f1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_29001461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_180F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_18071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A0F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_09001461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_08071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_060F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_07031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03131461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_8a.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_0B0f1461_ca.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_090F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,376 | ---- | C] () -- C:\Windows\11317231_03131461_aa.bin

[2011.05.15 06:48:47 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_aa.bin

[2011.05.15 06:48:11 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

[2011.05.15 06:47:21 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.05.15 06:47:19 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.05.15 06:47:17 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.01.19 12:34:42 | 003,003,392 | ---- | C] () -- C:\Program Files (x86)\openofficeorg33.msi

[2011.01.19 12:33:04 | 000,475,016 | ---- | C] () -- C:\Program Files (x86)\setup.exe

[2011.01.19 12:30:10 | 142,700,671 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab

[2011.01.19 11:15:26 | 000,000,290 | ---- | C] () -- C:\Program Files (x86)\setup.ini

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2009.04.16 12:24:14 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll

[2009.04.16 12:24:14 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll

[2009.04.16 12:24:14 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll

[2009.04.16 12:24:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Ogg.dll

 
 ========== LOP Check ==========

 

[2011.05.23 15:49:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CheckPoint

[2011.05.19 12:45:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.09.10 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Fingertapps

[2011.05.19 14:07:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound

[2011.05.19 13:04:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org

[2011.10.29 11:10:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera

[2011.12.18 08:37:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.11.18 10:33:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Temp

[2011.05.21 10:57:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp

[2011.07.15 14:23:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\57168

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\B8457

[2011.09.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011.05.23 16:30:23 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\CheckPoint

[2011.08.28 09:58:29 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011.09.10 14:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DriverFinder

[2011.10.01 08:51:21 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoft

[2011.10.01 08:51:16 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.06.30 08:10:18 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Fingertapps

[2011.06.20 07:07:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\go

[2011.12.16 12:46:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\gtk-2.0

[2011.11.07 19:23:04 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Leadertech

[2011.10.07 10:12:34 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\mp3DirectCut

[2011.06.24 07:34:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\NCH Swift Sound

[2011.05.20 17:29:32 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\OpenOffice.org

[2011.10.04 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Opera

[2011.05.31 06:51:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\ProtectDisc

[2011.09.20 10:55:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\QuickScan

[2011.07.06 19:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Temp

[2011.05.21 12:10:22 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Thunderbird

[2011.11.11 07:33:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\TP

[2011.07.17 14:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Ulead Systems

[2011.09.07 10:57:41 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Uniblue

[2011.10.09 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\57168

[2011.12.15 08:04:04 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\B8457

[2011.10.27 10:01:00 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\DVDVideoSoft

[2011.09.29 09:43:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Fingertapps

[2011.10.27 10:57:32 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\MusicNet

[2011.10.18 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\OpenOffice.org

[2011.11.07 19:36:36 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Origin

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Temp

[2011.09.29 09:59:09 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Thunderbird

[2011.12.18 14:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.04 15:25:34 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

:

Code:

OTL logfile created on: 18.12.2011 16:36:35 - Run 9

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,90 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 44,19% Memory free

7,79 Gb Paging File | 5,53 Gb Available in Paging File | 70,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 235,24 Gb Total Space | 110,47 Gb Free Space | 46,96% Space Free | Partition Type: NTFS

Drive D: | 215,77 Gb Total Space | 206,35 Gb Free Space | 95,63% Space Free | Partition Type: NTFS

 

Computer Name: DELL-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.12.15 19:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL\OTL.exe

PRC - [2011.12.15 11:28:56 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

PRC - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

PRC - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe

PRC - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe

PRC - [2011.04.19 07:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

PRC - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

PRC - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

PRC - [2011.01.24 21:33:24 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

PRC - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

PRC - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

PRC - [2010.09.14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010.09.14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

PRC - [2010.08.20 00:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe

PRC - [2009.07.14 00:15:34 | 002,250,640 | ---- | M] (Salfeld Computer) -- C:\Windows\SysWOW64\cchservice.exe

PRC - [2009.04.16 12:23:56 | 000,479,232 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

MOD - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

MOD - [2011.05.30 09:25:32 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll

MOD - [2011.05.30 09:25:32 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll

MOD - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MOD - [2010.11.25 04:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

MOD - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2010.08.12 00:19:34 | 000,077,024 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

MOD - [2010.08.12 00:19:32 | 000,109,792 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

MOD - [2010.08.12 00:19:32 | 000,072,928 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

MOD - [2010.08.12 00:19:30 | 000,232,672 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

MOD - [2010.08.12 00:19:30 | 000,126,176 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

MOD - [2010.08.12 00:19:30 | 000,119,008 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

MOD - [2010.08.12 00:19:26 | 001,121,504 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll

MOD - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010.11.29 21:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV:64bit: - [2010.09.23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2011.12.14 20:49:17 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)

SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)

SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)

SRV - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

SRV - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

SRV - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2010.12.17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)

SRV - [2010.12.17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV - [2010.12.17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)

SRV - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010.11.25 11:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010.11.25 11:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)

SRV - [2010.09.14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010.09.14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010.08.26 02:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010.08.25 08:56:38 | 000,765,592 | ---- | M] (Salfeld Computer) [Auto | Stopped] -- C:\Windows\SysWOW64\ksupmgr.exe -- (ksupmgr)

SRV - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.11.18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.07.13 12:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.07.13 12:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.06.29 10:25:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.06.29 10:25:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.04.12 10:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.09 09:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.02.10 23:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2011.02.10 23:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2011.01.28 09:57:14 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2011.01.24 08:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)

DRV:64bit: - [2011.01.24 08:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)

DRV:64bit: - [2011.01.24 07:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)

DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.12.22 10:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)

DRV:64bit: - [2010.12.17 18:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.12.15 18:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.12.13 18:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)

DRV:64bit: - [2010.12.12 15:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)

DRV:64bit: - [2010.11.30 03:04:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2010.11.29 21:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)

DRV:64bit: - [2010.10.16 01:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.09.14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010.09.14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010.09.14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010.09.14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010.09.01 09:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010.08.20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)

DRV:64bit: - [2010.08.12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2010.07.13 03:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)

DRV:64bit: - [2010.06.11 17:14:00 | 001,799,808 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer7231_x64.sys -- (AVer7231_x64)

DRV:64bit: - [2010.03.19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010.02.27 16:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)

DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2006.11.28 21:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNMp50.sys -- (PDNMp50)

DRV - [2006.11.28 21:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNSp50.sys -- (PDNSp50)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C D9 A7 7C 86 BD CC 01  [binary data]

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50263

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 50263

FF - prefs.js..network.proxy.type: 0

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.15 11:29:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.11 09:40:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2011.12.15 11:29:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.11.11 18:53:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011.09.12 11:27:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\3cers2zs.default\extensions

[2011.11.11 09:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.10.01 08:52:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011.10.17 08:31:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011.10.29 10:21:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2011.12.15 11:29:03 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2011.11.11 09:40:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.29 10:21:40 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011.09.16 21:59:18 | 000,170,064 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[2011.09.29 02:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.09.29 02:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.09.29 02:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.09.29 02:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

 

O1 HOSTS File: ([2011.09.12 21:31:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ChicoSys] C:\Windows\SysWOW64\cc32\webtmr.exe (Salfeld Computer)

O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)

O4 - HKLM..\Run: [SMSTray] C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\.DEFAULT..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-18..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)

O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - Startup: C:\Users\Jasmina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\Nico.dell-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8601AA9-2FCA-424D-B13E-12984594DCE3}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O32 - Unable to read "AutoRun" value or value not present!

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.18 13:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.12.18 08:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2011.12.18 08:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2011.12.18 08:06:21 | 000,000,000 | ---D | C] -- C:\_OTL

[2011.12.17 09:35:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com

[2011.12.17 09:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2011.12.16 09:08:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\RealNetworks

[2011.12.15 11:50:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SoftGrid Client

[2011.12.15 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.12.15 11:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.12.15 11:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011.12.15 11:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011.12.15 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2011.12.15 11:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2011.12.15 11:29:01 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real

[2011.12.15 11:25:22 | 000,713,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:52 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\4d0d2e25

[2011.12.15 11:14:51 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011.12.15 10:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.12.15 10:39:52 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:29:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen

[2011.12.14 23:09:17 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2011.12.14 23:09:17 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2011.12.14 23:09:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2011.12.14 08:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP

[2011.12.02 16:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon

[2011.12.02 16:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

[2011.12.02 16:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU

[2011.12.02 15:45:54 | 000,000,000 | ---D | C] -- C:\Download

[2011.12.02 15:45:20 | 000,000,000 | ---D | C] -- C:\Nexon

[2011.12.02 15:45:19 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak

[2011.11.24 09:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2011.11.24 09:23:29 | 012,713,136 | ---- | C] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[2011.10.29 11:49:39 | 039,401,336 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\QuickTimeInstaller.exe

[2011.10.29 11:04:38 | 010,311,496 | ---- | C] (Opera Software ASA) -- C:\Program Files (x86)\Opera_1152_int_Setup.exe

[2011.10.29 10:10:18 | 000,910,624 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\jxpiinstall.exe

[2011.10.25 12:17:18 | 009,756,672 | ---- | C] ((c) Phoenix Technologies Ltd. ) -- C:\Program Files\L502X_A__06.exe

[2011.10.17 08:29:10 | 001,739,400 | ---- | C] (Secunia) -- C:\Program Files (x86)\PSISetup2003.exe

[2011.10.17 08:05:48 | 013,885,360 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 7.0.1.exe

[2011.09.24 17:12:36 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wlsetup-web__1_.exe

[2011.09.23 14:09:00 | 000,676,624 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer_1406666_de.exe

[2011.09.22 10:34:36 | 003,089,056 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files (x86)\install_flash_player.exe

[2011.08.28 11:11:15 | 051,975,388 | ---- | C] (Acresso Software Inc.) -- C:\Program Files (x86)\VSX4_Pro_TBYB.exe.part

[2011.08.27 11:56:04 | 001,228,384 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\PremiereElements_9_LS15.exe

[2011.08.25 17:58:21 | 006,716,353 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Sunbird_Setup_1.0_Beta_1.exe

[2011.07.18 15:59:52 | 013,522,064 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 5.0.1.exe

[2011.05.28 13:13:41 | 014,212,584 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToiPodConverter.exe

[2011.05.28 13:11:38 | 014,563,768 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToMP3Converter.exe

[2011.05.22 09:35:05 | 021,255,560 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files (x86)\SkypeSetupFull.exe

[2011.05.19 14:37:24 | 081,797,928 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\iTunes64Setup.exe

[2011.05.19 14:17:51 | 020,240,744 | ---- | C] (The GIMP Team                                               ) -- C:\Program Files (x86)\gimp-2.6.11-i686-setup.exe

[2011.05.19 14:17:11 | 019,735,256 | ---- | C] (                                                            ) -- C:\Program Files (x86)\gimp-2.6.8-x64-setup.exe

[2011.05.19 14:06:00 | 000,767,064 | ---- | C] (NCH Software) -- C:\Program Files (x86)\wpsetup4.57.exe

[2011.05.19 12:34:44 | 000,568,648 | ---- | C] (Google Inc.) -- C:\Program Files (x86)\GoogleEarthSetup.exe

[2011.05.19 12:26:57 | 009,559,320 | ---- | C] (Opera Software ASA) -- C:\Program Files (x86)\Opera_1111_int_Setup.exe

[2011.05.19 12:26:00 | 009,326,056 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Thunderbird Setup 3.1.10.exe

[2011.05.19 12:25:04 | 012,362,480 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 4.0.1.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.18 14:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.18 14:11:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.18 14:11:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.18 14:09:10 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.18 14:04:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.12.18 14:04:01 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.18 13:43:51 | 000,001,207 | ---- | M] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.12.18 08:07:06 | 000,008,019 | ---- | M] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.18 08:07:00 | 000,000,735 | ---- | M] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.17 12:09:26 | 000,001,595 | ---- | M] () -- C:\Users\Administrator\Desktop\DELL-PC - Verknüpfung.lnk

[2011.12.15 11:47:50 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.15 11:35:17 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 11:29:01 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:25:23 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:41 | 001,500,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.12.15 11:22:41 | 000,654,798 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.12.15 11:22:41 | 000,616,640 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.12.15 11:22:41 | 000,130,380 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.12.15 11:22:41 | 000,106,762 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.12.15 11:14:56 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 10:39:52 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:25:41 | 000,353,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.12.15 08:02:34 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI

[2011.12.14 21:33:43 | 000,000,348 | ---- | M] () -- C:\NET.INI

[2011.12.14 08:38:37 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011.12.02 16:25:10 | 000,001,632 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.12.02 15:45:19 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:39:41 | 000,002,209 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.24 09:23:39 | 012,713,136 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.12.18 14:05:28 | 000,001,492 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011.12.18 14:05:28 | 000,001,407 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2011.12.18 08:32:34 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.18 08:06:30 | 000,000,735 | ---- | C] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.17 12:09:26 | 000,001,595 | ---- | C] () -- C:\Users\Administrator\Desktop\DELL-PC - Verknüpfung.lnk

[2011.12.16 10:33:33 | 000,008,019 | ---- | C] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.15 11:47:50 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.15 11:35:17 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 10:41:56 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 08:02:34 | 000,000,118 | ---- | C] () -- C:\Windows\SysNative\MRT.INI

[2011.12.02 16:25:10 | 000,001,632 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.11.24 09:39:41 | 000,002,209 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.11 07:32:42 | 001,527,140 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.10.29 09:54:07 | 001,019,816 | ---- | C] () -- C:\Program Files\DELL_DELL-DIGITAL-DELIVERY_A05_R313622.exe

[2011.10.10 16:51:50 | 000,155,536 | ---- | C] () -- C:\Windows\SysWow64\dllcinx.exe

[2011.10.10 16:51:48 | 000,000,600 | ---- | C] () -- C:\Windows\SysWow64\nochook.ini

[2011.10.03 13:41:52 | 000,247,053 | ---- | C] () -- C:\Program Files (x86)\mp3DC213.exe

[2011.09.29 09:19:37 | 000,001,207 | ---- | C] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.09.29 09:18:42 | 000,000,141 | -H-- | C] () -- C:\Windows\SysWow64\ctlsw.ini

[2011.09.29 09:18:42 | 000,000,102 | ---- | C] () -- C:\Windows\SysWow64\SWCTL.DLL

[2011.09.29 08:11:44 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

[2011.09.29 08:11:43 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll

[2011.09.29 07:55:01 | 003,103,511 | ---- | C] () -- C:\Program Files (x86)\kcsetup8.exe

[2011.09.23 14:05:53 | 021,073,936 | ---- | C] () -- C:\Program Files (x86)\vlc-1.1.11-win32.exe

[2011.09.23 12:51:28 | 000,003,027 | ---- | C] () -- C:\Program Files (x86)\Français.lng

[2011.09.23 12:51:28 | 000,002,946 | ---- | C] () -- C:\Program Files (x86)\Español.lng

[2011.09.23 12:51:28 | 000,002,920 | ---- | C] () -- C:\Program Files (x86)\Italiano.lng

[2011.09.23 12:51:28 | 000,002,699 | ---- | C] () -- C:\Program Files (x86)\Deutsch.lng

[2011.09.23 12:51:28 | 000,002,553 | ---- | C] () -- C:\Program Files (x86)\Suomi.lng

[2011.09.23 12:40:52 | 023,773,184 | ---- | C] () -- C:\Program Files (x86)\PXCViewer98_x64.msi

[2011.09.23 12:27:47 | 001,376,768 | ---- | C] () -- C:\Program Files (x86)\7z920-x64.msi

[2011.09.16 06:44:01 | 168,166,968 | ---- | C] () -- C:\Program Files (x86)\OOo_3.3.0_Win_x86_install-wJRE_de.exe

[2011.08.28 09:55:59 | 002,466,704 | ---- | C] () -- C:\Program Files (x86)\AdobeDownloadAssistant.exe

[2011.08.27 11:27:07 | 1316,066,539 | ---- | C] () -- C:\Program Files (x86)\PremiereElements_9_LS15.7z

[2011.08.27 11:23:03 | 008,353,800 | ---- | C] () -- C:\Program Files (x86)\Adobe_Premiere_Elements_9-AkamaiDLM.exe

[2011.05.19 14:44:09 | 001,663,693 | ---- | C] () -- C:\Program Files (x86)\winrar-x64-400d.exe

[2011.05.19 14:10:20 | 014,166,016 | ---- | C] () -- C:\Program Files (x86)\wz150gev.msi

[2011.05.19 14:09:07 | 006,088,218 | ---- | C] () -- C:\Program Files (x86)\flash_player.zip

[2011.05.19 13:52:49 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011.05.19 12:39:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011.05.19 12:28:56 | 052,718,176 | ---- | C] () -- C:\Program Files (x86)\avira_antivir_personal_de.exe

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_89001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_49001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_33011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A0F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_14001461_61.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_13011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_8a.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_890F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_2B0f1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_29001461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_180F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_18071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A0F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_09001461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_08071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_060F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_07031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03131461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_8a.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_0B0f1461_ca.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_090F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,376 | ---- | C] () -- C:\Windows\11317231_03131461_aa.bin

[2011.05.15 06:48:47 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_aa.bin

[2011.05.15 06:48:11 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

[2011.05.15 06:47:21 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.05.15 06:47:19 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.05.15 06:47:17 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.01.19 12:34:42 | 003,003,392 | ---- | C] () -- C:\Program Files (x86)\openofficeorg33.msi

[2011.01.19 12:33:04 | 000,475,016 | ---- | C] () -- C:\Program Files (x86)\setup.exe

[2011.01.19 12:30:10 | 142,700,671 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab

[2011.01.19 11:15:26 | 000,000,290 | ---- | C] () -- C:\Program Files (x86)\setup.ini

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2009.04.16 12:24:14 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll

[2009.04.16 12:24:14 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll

[2009.04.16 12:24:14 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll

[2009.04.16 12:24:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Ogg.dll

 
 ========== LOP Check ==========

 

[2011.05.23 15:49:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CheckPoint

[2011.05.19 12:45:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.09.10 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Fingertapps

[2011.05.19 14:07:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound

[2011.05.19 13:04:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org

[2011.10.29 11:10:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera

[2011.12.18 08:37:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.11.18 10:33:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Temp

[2011.05.21 10:57:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp

[2011.07.15 14:23:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\57168

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\B8457

[2011.09.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011.05.23 16:30:23 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\CheckPoint

[2011.08.28 09:58:29 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011.09.10 14:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DriverFinder

[2011.10.01 08:51:21 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoft

[2011.10.01 08:51:16 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.06.30 08:10:18 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Fingertapps

[2011.06.20 07:07:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\go

[2011.12.16 12:46:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\gtk-2.0

[2011.11.07 19:23:04 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Leadertech

[2011.10.07 10:12:34 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\mp3DirectCut

[2011.06.24 07:34:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\NCH Swift Sound

[2011.05.20 17:29:32 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\OpenOffice.org

[2011.10.04 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Opera

[2011.05.31 06:51:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\ProtectDisc

[2011.09.20 10:55:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\QuickScan

[2011.07.06 19:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Temp

[2011.05.21 12:10:22 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Thunderbird

[2011.11.11 07:33:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\TP

[2011.07.17 14:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Ulead Systems

[2011.09.07 10:57:41 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Uniblue

[2011.10.09 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\57168

[2011.12.15 08:04:04 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\B8457

[2011.10.27 10:01:00 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\DVDVideoSoft

[2011.09.29 09:43:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Fingertapps

[2011.10.27 10:57:32 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\MusicNet

[2011.10.18 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\OpenOffice.org

[2011.11.07 19:36:36 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Origin

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Temp

[2011.09.29 09:59:09 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Thunderbird

[2011.12.18 14:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.04 15:25:34 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

< End of report >:

Code:

OTL logfile created on: 18.12.2011 16:36:35 - Run 9

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,90 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 44,19% Memory free

7,79 Gb Paging File | 5,53 Gb Available in Paging File | 70,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 235,24 Gb Total Space | 110,47 Gb Free Space | 46,96% Space Free | Partition Type: NTFS

Drive D: | 215,77 Gb Total Space | 206,35 Gb Free Space | 95,63% Space Free | Partition Type: NTFS

 

Computer Name: DELL-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.12.15 19:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL\OTL.exe

PRC - [2011.12.15 11:28:56 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

PRC - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

PRC - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe

PRC - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe

PRC - [2011.04.19 07:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

PRC - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

PRC - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

PRC - [2011.01.24 21:33:24 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

PRC - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

PRC - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

PRC - [2010.09.14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2010.09.14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

PRC - [2010.08.20 00:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe

PRC - [2009.07.14 00:15:34 | 002,250,640 | ---- | M] (Salfeld Computer) -- C:\Windows\SysWOW64\cchservice.exe

PRC - [2009.04.16 12:23:56 | 000,479,232 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

MOD - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

MOD - [2011.05.30 09:25:32 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll

MOD - [2011.05.30 09:25:32 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll

MOD - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MOD - [2010.11.25 04:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

MOD - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2010.08.12 00:19:34 | 000,077,024 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

MOD - [2010.08.12 00:19:32 | 000,109,792 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

MOD - [2010.08.12 00:19:32 | 000,072,928 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

MOD - [2010.08.12 00:19:30 | 000,232,672 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

MOD - [2010.08.12 00:19:30 | 000,126,176 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

MOD - [2010.08.12 00:19:30 | 000,119,008 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

MOD - [2010.08.12 00:19:26 | 001,121,504 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll

MOD - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010.11.29 21:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV:64bit: - [2010.09.23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2011.12.14 20:49:17 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)

SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)

SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)

SRV - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

SRV - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

SRV - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2010.12.17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)

SRV - [2010.12.17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV - [2010.12.17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)

SRV - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010.11.25 11:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010.11.25 11:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)

SRV - [2010.09.14 05:45:56 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2010.09.14 05:45:44 | 000,508,264 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2010.08.26 02:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010.08.25 08:56:38 | 000,765,592 | ---- | M] (Salfeld Computer) [Auto | Stopped] -- C:\Windows\SysWOW64\ksupmgr.exe -- (ksupmgr)

SRV - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.11.18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.07.13 12:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.07.13 12:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.06.29 10:25:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.06.29 10:25:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.04.12 10:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.09 09:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.02.10 23:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2011.02.10 23:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2011.01.28 09:57:14 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2011.01.24 08:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)

DRV:64bit: - [2011.01.24 08:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)

DRV:64bit: - [2011.01.24 07:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)

DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.12.22 10:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)

DRV:64bit: - [2010.12.17 18:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.12.15 18:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.12.13 18:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)

DRV:64bit: - [2010.12.12 15:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)

DRV:64bit: - [2010.11.30 03:04:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2010.11.29 21:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)

DRV:64bit: - [2010.10.16 01:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.09.14 05:45:52 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)

DRV:64bit: - [2010.09.14 05:45:50 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)

DRV:64bit: - [2010.09.14 05:45:48 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)

DRV:64bit: - [2010.09.14 05:45:44 | 000,760,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)

DRV:64bit: - [2010.09.01 09:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010.08.20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)

DRV:64bit: - [2010.08.12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2010.07.13 03:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)

DRV:64bit: - [2010.06.11 17:14:00 | 001,799,808 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer7231_x64.sys -- (AVer7231_x64)

DRV:64bit: - [2010.03.19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010.02.27 16:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)

DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2006.11.28 21:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNMp50.sys -- (PDNMp50)

DRV - [2006.11.28 21:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNSp50.sys -- (PDNSp50)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C D9 A7 7C 86 BD CC 01  [binary data]

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50263

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.startup.homepage: "www.google.de"

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 50263

FF - prefs.js..network.proxy.type: 0

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.15 11:29:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.11 09:40:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2011.12.15 11:29:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.11.11 18:53:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011.09.12 11:27:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\3cers2zs.default\extensions

[2011.11.11 09:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.10.01 08:52:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011.10.17 08:31:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011.10.29 10:21:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2011.12.15 11:29:03 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2011.11.11 09:40:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.29 10:21:40 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011.09.16 21:59:18 | 000,170,064 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[2011.09.29 02:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.09.29 02:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.09.29 02:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.09.29 02:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

 

O1 HOSTS File: ([2011.09.12 21:31:56 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ChicoSys] C:\Windows\SysWOW64\cc32\webtmr.exe (Salfeld Computer)

O4 - HKLM..\Run: [Conime] %windir%\system32\conime.exe File not found

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)

O4 - HKLM..\Run: [SMSTray] C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\.DEFAULT..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-18..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)

O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - Startup: C:\Users\Jasmina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\Nico.dell-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8601AA9-2FCA-424D-B13E-12984594DCE3}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O32 - Unable to read "AutoRun" value or value not present!

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.18 13:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.12.18 08:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2011.12.18 08:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2011.12.18 08:06:21 | 000,000,000 | ---D | C] -- C:\_OTL

[2011.12.17 09:35:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com

[2011.12.17 09:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2011.12.16 09:08:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\RealNetworks

[2011.12.15 11:50:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SoftGrid Client

[2011.12.15 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.12.15 11:47:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.12.15 11:47:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011.12.15 11:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011.12.15 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2011.12.15 11:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2011.12.15 11:29:01 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real

[2011.12.15 11:25:22 | 000,713,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:52 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\4d0d2e25

[2011.12.15 11:14:51 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011.12.15 10:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.12.15 10:39:52 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:29:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen

[2011.12.14 23:09:17 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2011.12.14 23:09:17 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2011.12.14 23:09:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2011.12.14 08:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP

[2011.12.02 16:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon

[2011.12.02 16:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

[2011.12.02 16:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU

[2011.12.02 15:45:54 | 000,000,000 | ---D | C] -- C:\Download

[2011.12.02 15:45:20 | 000,000,000 | ---D | C] -- C:\Nexon

[2011.12.02 15:45:19 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak

[2011.11.24 09:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2011.11.24 09:23:29 | 012,713,136 | ---- | C] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[2011.10.29 11:49:39 | 039,401,336 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\QuickTimeInstaller.exe

[2011.10.29 11:04:38 | 010,311,496 | ---- | C] (Opera Software ASA) -- C:\Program Files (x86)\Opera_1152_int_Setup.exe

[2011.10.29 10:10:18 | 000,910,624 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\jxpiinstall.exe

[2011.10.25 12:17:18 | 009,756,672 | ---- | C] ((c) Phoenix Technologies Ltd. ) -- C:\Program Files\L502X_A__06.exe

[2011.10.17 08:29:10 | 001,739,400 | ---- | C] (Secunia) -- C:\Program Files (x86)\PSISetup2003.exe

[2011.10.17 08:05:48 | 013,885,360 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 7.0.1.exe

[2011.09.24 17:12:36 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wlsetup-web__1_.exe

[2011.09.23 14:09:00 | 000,676,624 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer_1406666_de.exe

[2011.09.22 10:34:36 | 003,089,056 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files (x86)\install_flash_player.exe

[2011.08.28 11:11:15 | 051,975,388 | ---- | C] (Acresso Software Inc.) -- C:\Program Files (x86)\VSX4_Pro_TBYB.exe.part

[2011.08.27 11:56:04 | 001,228,384 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\PremiereElements_9_LS15.exe

[2011.08.25 17:58:21 | 006,716,353 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Sunbird_Setup_1.0_Beta_1.exe

[2011.07.18 15:59:52 | 013,522,064 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 5.0.1.exe

[2011.05.28 13:13:41 | 014,212,584 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToiPodConverter.exe

[2011.05.28 13:11:38 | 014,563,768 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToMP3Converter.exe

[2011.05.22 09:35:05 | 021,255,560 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files (x86)\SkypeSetupFull.exe

[2011.05.19 14:37:24 | 081,797,928 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\iTunes64Setup.exe

[2011.05.19 14:17:51 | 020,240,744 | ---- | C] (The GIMP Team                                               ) -- C:\Program Files (x86)\gimp-2.6.11-i686-setup.exe

[2011.05.19 14:17:11 | 019,735,256 | ---- | C] (                                                            ) -- C:\Program Files (x86)\gimp-2.6.8-x64-setup.exe

[2011.05.19 14:06:00 | 000,767,064 | ---- | C] (NCH Software) -- C:\Program Files (x86)\wpsetup4.57.exe

[2011.05.19 12:34:44 | 000,568,648 | ---- | C] (Google Inc.) -- C:\Program Files (x86)\GoogleEarthSetup.exe

[2011.05.19 12:26:57 | 009,559,320 | ---- | C] (Opera Software ASA) -- C:\Program Files (x86)\Opera_1111_int_Setup.exe

[2011.05.19 12:26:00 | 009,326,056 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Thunderbird Setup 3.1.10.exe

[2011.05.19 12:25:04 | 012,362,480 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 4.0.1.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.18 14:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.18 14:11:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.18 14:11:44 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.18 14:09:10 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.18 14:04:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.12.18 14:04:01 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.18 13:43:51 | 000,001,207 | ---- | M] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.12.18 08:07:06 | 000,008,019 | ---- | M] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.18 08:07:00 | 000,000,735 | ---- | M] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.17 12:09:26 | 000,001,595 | ---- | M] () -- C:\Users\Administrator\Desktop\DELL-PC - Verknüpfung.lnk

[2011.12.15 11:47:50 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.15 11:35:17 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 11:29:01 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:25:23 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:41 | 001,500,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.12.15 11:22:41 | 000,654,798 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.12.15 11:22:41 | 000,616,640 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.12.15 11:22:41 | 000,130,380 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.12.15 11:22:41 | 000,106,762 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.12.15 11:14:56 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 10:39:52 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:25:41 | 000,353,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.12.15 08:02:34 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI

[2011.12.14 21:33:43 | 000,000,348 | ---- | M] () -- C:\NET.INI

[2011.12.14 08:38:37 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011.12.02 16:25:10 | 000,001,632 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.12.02 15:45:19 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:39:41 | 000,002,209 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.24 09:23:39 | 012,713,136 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.12.18 14:05:28 | 000,001,492 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2011.12.18 14:05:28 | 000,001,407 | ---- | C] () -- C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2011.12.18 08:32:34 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.18 08:06:30 | 000,000,735 | ---- | C] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.17 12:09:26 | 000,001,595 | ---- | C] () -- C:\Users\Administrator\Desktop\DELL-PC - Verknüpfung.lnk

[2011.12.16 10:33:33 | 000,008,019 | ---- | C] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.15 11:47:50 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.15 11:35:17 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 10:41:56 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 08:02:34 | 000,000,118 | ---- | C] () -- C:\Windows\SysNative\MRT.INI

[2011.12.02 16:25:10 | 000,001,632 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.11.24 09:39:41 | 000,002,209 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.11 07:32:42 | 001,527,140 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.10.29 09:54:07 | 001,019,816 | ---- | C] () -- C:\Program Files\DELL_DELL-DIGITAL-DELIVERY_A05_R313622.exe

[2011.10.10 16:51:50 | 000,155,536 | ---- | C] () -- C:\Windows\SysWow64\dllcinx.exe

[2011.10.10 16:51:48 | 000,000,600 | ---- | C] () -- C:\Windows\SysWow64\nochook.ini

[2011.10.03 13:41:52 | 000,247,053 | ---- | C] () -- C:\Program Files (x86)\mp3DC213.exe

[2011.09.29 09:19:37 | 000,001,207 | ---- | C] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.09.29 09:18:42 | 000,000,141 | -H-- | C] () -- C:\Windows\SysWow64\ctlsw.ini

[2011.09.29 09:18:42 | 000,000,102 | ---- | C] () -- C:\Windows\SysWow64\SWCTL.DLL

[2011.09.29 08:11:44 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

[2011.09.29 08:11:43 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll

[2011.09.29 07:55:01 | 003,103,511 | ---- | C] () -- C:\Program Files (x86)\kcsetup8.exe

[2011.09.23 14:05:53 | 021,073,936 | ---- | C] () -- C:\Program Files (x86)\vlc-1.1.11-win32.exe

[2011.09.23 12:51:28 | 000,003,027 | ---- | C] () -- C:\Program Files (x86)\Français.lng

[2011.09.23 12:51:28 | 000,002,946 | ---- | C] () -- C:\Program Files (x86)\Español.lng

[2011.09.23 12:51:28 | 000,002,920 | ---- | C] () -- C:\Program Files (x86)\Italiano.lng

[2011.09.23 12:51:28 | 000,002,699 | ---- | C] () -- C:\Program Files (x86)\Deutsch.lng

[2011.09.23 12:51:28 | 000,002,553 | ---- | C] () -- C:\Program Files (x86)\Suomi.lng

[2011.09.23 12:40:52 | 023,773,184 | ---- | C] () -- C:\Program Files (x86)\PXCViewer98_x64.msi

[2011.09.23 12:27:47 | 001,376,768 | ---- | C] () -- C:\Program Files (x86)\7z920-x64.msi

[2011.09.16 06:44:01 | 168,166,968 | ---- | C] () -- C:\Program Files (x86)\OOo_3.3.0_Win_x86_install-wJRE_de.exe

[2011.08.28 09:55:59 | 002,466,704 | ---- | C] () -- C:\Program Files (x86)\AdobeDownloadAssistant.exe

[2011.08.27 11:27:07 | 1316,066,539 | ---- | C] () -- C:\Program Files (x86)\PremiereElements_9_LS15.7z

[2011.08.27 11:23:03 | 008,353,800 | ---- | C] () -- C:\Program Files (x86)\Adobe_Premiere_Elements_9-AkamaiDLM.exe

[2011.05.19 14:44:09 | 001,663,693 | ---- | C] () -- C:\Program Files (x86)\winrar-x64-400d.exe

[2011.05.19 14:10:20 | 014,166,016 | ---- | C] () -- C:\Program Files (x86)\wz150gev.msi

[2011.05.19 14:09:07 | 006,088,218 | ---- | C] () -- C:\Program Files (x86)\flash_player.zip

[2011.05.19 13:52:49 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011.05.19 12:39:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011.05.19 12:28:56 | 052,718,176 | ---- | C] () -- C:\Program Files (x86)\avira_antivir_personal_de.exe

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_89001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_49001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_33011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A0F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_14001461_61.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_13011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_8a.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_890F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_2B0f1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_29001461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_180F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_18071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A0F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_09001461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_08071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_060F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_07031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03131461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_8a.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_0B0f1461_ca.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_090F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,376 | ---- | C] () -- C:\Windows\11317231_03131461_aa.bin

[2011.05.15 06:48:47 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_aa.bin

[2011.05.15 06:48:11 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

[2011.05.15 06:47:21 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.05.15 06:47:19 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.05.15 06:47:17 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.01.19 12:34:42 | 003,003,392 | ---- | C] () -- C:\Program Files (x86)\openofficeorg33.msi

[2011.01.19 12:33:04 | 000,475,016 | ---- | C] () -- C:\Program Files (x86)\setup.exe

[2011.01.19 12:30:10 | 142,700,671 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab

[2011.01.19 11:15:26 | 000,000,290 | ---- | C] () -- C:\Program Files (x86)\setup.ini

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2009.04.16 12:24:14 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll

[2009.04.16 12:24:14 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll

[2009.04.16 12:24:14 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll

[2009.04.16 12:24:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Ogg.dll

 
 ========== LOP Check ==========

 

[2011.05.23 15:49:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CheckPoint

[2011.05.19 12:45:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.09.10 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Fingertapps

[2011.05.19 14:07:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound

[2011.05.19 13:04:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org

[2011.10.29 11:10:08 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera

[2011.12.18 08:37:34 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.11.18 10:33:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Temp

[2011.05.21 10:57:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp

[2011.07.15 14:23:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\57168

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\B8457

[2011.09.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011.05.23 16:30:23 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\CheckPoint

[2011.08.28 09:58:29 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011.09.10 14:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DriverFinder

[2011.10.01 08:51:21 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoft

[2011.10.01 08:51:16 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.06.30 08:10:18 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Fingertapps

[2011.06.20 07:07:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\go

[2011.12.16 12:46:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\gtk-2.0

[2011.11.07 19:23:04 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Leadertech

[2011.10.07 10:12:34 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\mp3DirectCut

[2011.06.24 07:34:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\NCH Swift Sound

[2011.05.20 17:29:32 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\OpenOffice.org

[2011.10.04 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Opera

[2011.05.31 06:51:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\ProtectDisc

[2011.09.20 10:55:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\QuickScan

[2011.07.06 19:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Temp

[2011.05.21 12:10:22 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Thunderbird

[2011.11.11 07:33:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\TP

[2011.07.17 14:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Ulead Systems

[2011.09.07 10:57:41 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Uniblue

[2011.10.09 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\57168

[2011.12.15 08:04:04 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\B8457

[2011.10.27 10:01:00 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\DVDVideoSoft

[2011.09.29 09:43:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Fingertapps

[2011.10.27 10:57:32 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\MusicNet

[2011.10.18 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\OpenOffice.org

[2011.11.07 19:36:36 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Origin

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Temp

[2011.09.29 09:59:09 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Thunderbird

[2011.12.18 14:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.04 15:25:34 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

< End of report >:

Code:

OTL Extras logfile created on: 18.12.2011 16:36:35 - Run 9

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,90 Gb Total Physical Memory | 1,72 Gb Available Physical Memory | 44,19% Memory free

7,79 Gb Paging File | 5,53 Gb Available in Paging File | 70,95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 235,24 Gb Total Space | 110,47 Gb Free Space | 46,96% Space Free | Partition Type: NTFS

Drive D: | 215,77 Gb Total Space | 206,35 Gb Free Space | 95,63% Space Free | Partition Type: NTFS

 

Computer Name: DELL-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)

 

[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== System Restore Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

"DisableSR" = 1

"DisableConfig" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

"DisableSR" = 1

"DisableConfig" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center

"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer

"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst

"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 265.94

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 265.94

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 265.94

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.9

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer

"{C7B40C35-85AE-4303-9EEA-1A1EA779664D}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers

"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"CCleaner" = CCleaner

"Dell Support Center" = Dell Support Center

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"ProInst" = Intel PROSet Wireless

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinRAR archiver" = WinRAR 4.00 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{1D4EE8FE-F31C-4258-9360-5B8B8309B14B}" = Adobe Premiere Elements 9 Content

"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer

"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29

"{27107EAA-34E0-43BF-B537-7F8EF6880F5A}" = Facebook Video Calling 1.0.0.8177

"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{3443D416-9DAD-4362-BEB1-C213AD9062CD}" = Dell MusicStage

"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr

"{37AB0223-AF54-49C5-92AA-BFC9648CD323}" = Adobe Premiere Elements 9 HD Content 3

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)

"{3CBBE028-978B-4876-ABC1-EF9ED6C20C4E}" = Adobe Premiere Elements 9 Content 2

"{3EE2F527-F306-49E9-0086-662C337ADD3B}" = FUSSBALL MANAGER 07

"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50D90C59-4F5C-48BC-AFB2-38475412F0CA}" = Adobe Premiere Elements 9 Content 1

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)

"{56BA241F-580C-43D2-8403-947241AAE633}" = center

"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5F9AAF4A-B9B0-489D-AE67-73470A4714FE}" = Adobe Premiere Elements 9 HD Content 1

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7DDC3624-C631-49D1-B281-82EC3A27AA7C}" = Adobe Premiere Elements 9 Content 3

"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online

"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11

"{81DD0597-29EB-4FA0-8223-4F41362B2E72}" = NBA 2K11

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch

"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B7E01095-8BAA-456E-8AED-504C3CCADBA0}" = Nero 11

"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)

"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media

"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr

"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax

"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq

"{DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}" = Adobe Download Assistant

"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software

"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11

"{E240C78D-8F35-456A-8876-15FF6901B7E0}" = Adobe Premiere Elements 9 HD Content 2

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic

"{E9F59205-F128-49A7-9039-4BDFB60EE4A3}" = Dell Stage

"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)

"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9

"{EC7FE03D-239A-4E36-9907-0E327922D2A2}" = bpd_scan

"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr

"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter

"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help

"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples

"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic

"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)

"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR

"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Premiere Elements 9 Content" = Adobe Premiere Elements 9 Content

"Adobe Premiere Elements 9 Content 1" = Adobe Premiere Elements 9 Content 1

"Adobe Premiere Elements 9 Content 2" = Adobe Premiere Elements 9 Content 2

"Adobe Premiere Elements 9 Content 3" = Adobe Premiere Elements 9 Content 3

"Adobe Premiere Elements 9 HD Content 1" = Adobe Premiere Elements 9 HD Content 1

"Adobe Premiere Elements 9 HD Content 2" = Adobe Premiere Elements 9 HD Content 2

"Adobe Premiere Elements 9 HD Content 3" = Adobe Premiere Elements 9 HD Content 3

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Akamai" = Akamai NetSession Interface Service

"AVerMedia H339 Hybrid TV Tuner" = AVerMedia H339 Hybrid TV Tuner 2.2.64.64

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"BewerbungsGenie 7_is1" = DATA BECKER BewerbungsGenie 7

"BurningWheels" = Cobra 11 - Burning Wheels (remove only)

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant

"Combat Arms EU" = Combat Arms EU

"Dell Webcam Central" = Dell Webcam Central

"ESET Online Scanner" = ESET Online Scanner v3

"ExpressBurn" = Express Burn Disc Burning Software

"ExpressRip" = Express Rip

"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.8.815

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.8.815

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0

"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"Kindersicherung_is1" = Kindersicherung 2011

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300

"MixPad" = MixPad Audio Mixer

"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)

"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010

"Opera 11.52.1100" = Opera 11.52

"PremElem90" = Adobe Premiere Elements 9

"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11

"Secunia PSI" = Secunia PSI (2.0.0.3003)

"VLC media player" = VLC media player 1.1.11

"WavePad" = WavePad Sound Editor

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 
 ========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >:

:kloppen:sorry, den otl file habe ich mehrfach reingesetzt.

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

:OTL

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:50263

FF - prefs.js..network.proxy.http: "127.0.0.1"

FF - prefs.js..network.proxy.http_port: 50263

FF - prefs.js..network.proxy.type: 0
 

:Commands

[purity]

[emptytemp]

und füge es hier ein: http://image.hijackthis.eu/upload/hjt1-021.jpg
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

2.
reinige dein System mit CCleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

3.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

4.
TDSSKiller von Kaspersky

Lade den TDSSKiller und entpacke das Archiv auf Deinen Desktop.
Vergewissere Dich, dass die TDSSKiller.exe direkt auf dem Desktop liegt (nicht in einem Ordner auf dem Desktop).
deaktiviere vorübergehend dein AntiVirus-Programm
Starte die TDSSKiller.exe durch Doppelklick.
Nach Beendigung der Arbeit schlägt das Tool vor, das System neu zu starten.
Bestätige das ggfs. mit Y(es).
Beim Hochfahren des Systems führt der Treiber alle geplanten Operationen aus löscht sich danach.
Poste mir den Inhalt von C:\TDSSKiller<random>.txt hier in den Thread.

Hier findest Du eine ausführlichere Anleitung.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Hallo Kira,
vielen Dank für deine Antwort,
werde alles so machen, wie du gesagt hast. An den logfiles habe ich keine Änderungen vorgenommen.

Viele Grüße
Jasmina

Hallo Kira,
den otl scan habe ich durchgeführt. w-lan war aber verbunden. ist das richtig so?
Jasmina

:

Code:

All processes killed

========== OTL ==========

HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer| /E : value set successfully!

Prefs.js: "127.0.0.1" removed from network.proxy.http

Prefs.js: 50263 removed from network.proxy.http_port

Prefs.js: 0 removed from network.proxy.type

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: Administrator

->Temp folder emptied: 3956140 bytes

->Temporary Internet Files folder emptied: 39383025 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 42610391 bytes

->Flash cache emptied: 1132 bytes

 

User: All Users

 

User: AppData

->Temp folder emptied: 0 bytes

 

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Gast

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

User: Jasmina

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Jasmina 2

 

User: Nico

 

User: Nico Spiele

 

User: Nico.dell-PC

 

User: Nico.dell-PC.000

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Public

->Temp folder emptied: 0 bytes

 

User: UpdatusUser

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 66885 bytes

%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes

RecycleBin emptied: 0 bytes:

Total Files Cleaned = 82,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 12192011_173519

Files\Folders moved on Reboot...
C:\Users\Administrator\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...

Hier der nächste OTl Scan:
1. otl-text
:

Code:

OTL logfile created on: 19.12.2011 21:10:01 - Run 11

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,90 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 52,88% Memory free

7,79 Gb Paging File | 5,73 Gb Available in Paging File | 73,50% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 235,24 Gb Total Space | 110,36 Gb Free Space | 46,92% Space Free | Partition Type: NTFS

Drive D: | 215,77 Gb Total Space | 206,35 Gb Free Space | 95,63% Space Free | Partition Type: NTFS

 

Computer Name: DELL-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.12.15 19:37:19 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL\OTL.exe

PRC - [2011.12.15 11:28:56 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

PRC - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) -- C:\Program Files (x86)\Nero\Update\NASvc.exe

PRC - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe

PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

PRC - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

PRC - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe

PRC - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe

PRC - [2011.04.19 07:44:40 | 000,291,896 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

PRC - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011.03.28 15:14:56 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe

PRC - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe

PRC - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe

PRC - [2011.01.24 21:33:24 | 000,979,008 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe

PRC - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

PRC - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

PRC - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe

PRC - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE

PRC - [2010.08.20 00:06:56 | 000,487,562 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

PRC - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

PRC - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe

PRC - [2009.07.14 00:15:34 | 002,559,888 | ---- | M] (Salfeld Computer) -- C:\Windows\SysWOW64\ccsync.exe

PRC - [2009.07.14 00:15:34 | 002,250,640 | ---- | M] (Salfeld Computer) -- C:\Windows\SysWOW64\cchservice.exe

PRC - [2009.04.16 12:23:56 | 000,479,232 | ---- | M] (SAMSUNG ELECTRONICS) -- C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.06.24 21:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.06.24 21:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.05.30 09:29:22 | 001,719,144 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_secondary.exe

MOD - [2011.05.30 09:29:20 | 002,055,816 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe

MOD - [2011.05.30 09:25:32 | 007,938,048 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtGui4.dll

MOD - [2011.05.30 09:25:32 | 002,225,664 | ---- | M] () -- C:\Program Files (x86)\Dell Stage\Dell Stage\QtCore4.dll

MOD - [2010.12.17 16:25:22 | 000,686,704 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

MOD - [2010.11.25 04:44:02 | 000,375,280 | ---- | M] () -- c:\program files (x86)\common files\roxio shared\dllshared\SQLite352.dll

MOD - [2010.11.17 16:35:34 | 000,514,544 | ---- | M] () -- C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe

MOD - [2010.08.12 00:19:34 | 000,077,024 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll

MOD - [2010.08.12 00:19:32 | 000,109,792 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll

MOD - [2010.08.12 00:19:32 | 000,072,928 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll

MOD - [2010.08.12 00:19:30 | 000,232,672 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll

MOD - [2010.08.12 00:19:30 | 000,126,176 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll

MOD - [2010.08.12 00:19:30 | 000,119,008 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll

MOD - [2010.08.12 00:19:26 | 001,121,504 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll

MOD - [2010.08.12 00:19:16 | 000,781,536 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2010.11.29 21:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)

SRV:64bit: - [2010.09.23 00:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV - [2011.12.14 20:49:17 | 003,316,000 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_b427739.dll -- (Akamai)

SRV - [2011.09.23 17:37:42 | 000,641,832 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)

SRV - [2011.09.05 17:00:52 | 000,393,648 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe -- (Kodak AiO Network Discovery Service)

SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2011.06.29 10:25:28 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.04.19 07:44:40 | 000,993,848 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\PSIA.exe -- (Secunia PSI Agent)

SRV - [2011.04.19 07:44:40 | 000,399,416 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2011.03.28 15:15:04 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.01.24 21:34:06 | 000,991,296 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)

SRV - [2011.01.24 21:34:04 | 001,298,496 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)

SRV - [2011.01.24 21:33:30 | 000,901,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)

SRV - [2010.12.21 00:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2010.12.21 00:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2010.12.17 20:41:32 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)

SRV - [2010.12.17 20:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)

SRV - [2010.12.17 20:26:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)

SRV - [2010.11.30 03:04:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2010.11.29 03:31:42 | 000,378,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2010.11.25 11:34:18 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe -- (RoxWatch12)

SRV - [2010.11.25 11:33:18 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe -- (RoxMediaDB12OEM)

SRV - [2010.09.30 02:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)

SRV - [2010.08.26 02:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)

SRV - [2010.08.25 08:56:38 | 000,765,592 | ---- | M] (Salfeld Computer) [Auto | Stopped] -- C:\Windows\SysWOW64\ksupmgr.exe -- (ksupmgr)

SRV - [2010.08.21 00:53:08 | 000,689,472 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService)

SRV - [2010.05.28 15:29:26 | 002,650,112 | ---- | M] (DATA BECKER GmbH & Co KG) [Auto | Running] -- C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe -- (DBService)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.11.18 03:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.07.13 12:59:54 | 000,072,240 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVol.sys -- (NBVol)

DRV:64bit: - [2011.07.13 12:59:54 | 000,015,920 | ---- | M] (Nero AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NBVolUp.sys -- (NBVolUp)

DRV:64bit: - [2011.06.29 10:25:28 | 000,123,784 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.06.29 10:25:28 | 000,088,288 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.06.10 05:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.04.12 10:45:50 | 000,018,432 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPub4DE3.sys -- (HPub4DE3) USB Mouse Low Filter Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.09 09:44:44 | 000,025,088 | ---- | M] (TPMX Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HPMo4DE3.sys -- (HPMo4DE3) Mouse Suite Driver_4DE3 (WDF Version)

DRV:64bit: - [2011.02.10 23:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2011.02.10 23:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2011.01.28 09:57:14 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2011.01.24 08:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)

DRV:64bit: - [2011.01.24 08:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)

DRV:64bit: - [2011.01.24 07:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)

DRV:64bit: - [2011.01.13 02:51:44 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.12.22 10:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)

DRV:64bit: - [2010.12.17 18:06:32 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.12.15 18:02:04 | 000,174,168 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.12.13 18:34:14 | 000,027,760 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelern.sys -- (Acceler)

DRV:64bit: - [2010.12.12 15:18:36 | 000,121,960 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvstusb.sys -- (NvStUSB)

DRV:64bit: - [2010.11.30 03:04:00 | 000,025,576 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)

DRV:64bit: - [2010.11.29 21:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64) Intel(R)

DRV:64bit: - [2010.10.16 01:28:18 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)

DRV:64bit: - [2010.09.01 09:30:58 | 000,017,976 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf.sys -- (PSI)

DRV:64bit: - [2010.08.20 10:05:12 | 000,021,616 | ---- | M] (ST Microelectronics) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stdcfltn.sys -- (stdcfltn)

DRV:64bit: - [2010.08.12 16:51:30 | 000,175,168 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)

DRV:64bit: - [2010.07.13 03:38:06 | 000,029,288 | ---- | M] (Quanta Computer) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qicflt.sys -- (qicflt)

DRV:64bit: - [2010.06.11 17:14:00 | 001,799,808 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AVer7231_x64.sys -- (AVer7231_x64)

DRV:64bit: - [2010.03.19 09:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2010.02.27 16:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)

DRV:64bit: - [2010.02.24 11:20:40 | 000,191,616 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\acedrv11.sys -- (acedrv11)

DRV:64bit: - [2009.08.13 21:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2006.11.01 18:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2006.11.28 21:46:24 | 000,028,224 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNMp50.sys -- (PDNMp50)

DRV - [2006.11.28 21:46:22 | 000,027,072 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\PDNSp50.sys -- (PDNSp50)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 3C D9 A7 7C 86 BD CC 01  [binary data]

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-3230886925-126132133-2629391164-500\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.defaultthis.engineName: ""

FF - prefs.js..browser.search.defaulturl: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..browser.startup.homepage: "www.google.de"

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_1_102.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll File not found

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)

FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011.12.15 11:29:03 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.11 09:40:26 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Components: C:\Program Files (x86)\Mozilla Sunbird\components [2011.12.15 11:29:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Sunbird 1.0b1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Sunbird\plugins [2011.12.15 11:29:12 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011.11.11 18:53:38 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

 

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions

[2011.05.19 12:42:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2011.09.12 11:27:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Administrator\AppData\Roaming\mozilla\Firefox\Profiles\3cers2zs.default\extensions

[2011.11.11 09:40:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.10.01 08:52:30 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

[2011.10.17 08:31:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA}

[2011.10.29 10:21:44 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2011.12.15 11:29:03 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT

[2011.11.11 09:40:26 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.29 10:21:40 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011.09.16 21:59:18 | 000,170,064 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[2011.09.29 02:24:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.09.29 02:24:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.09.29 02:24:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.09.29 02:24:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

 

O1 HOSTS File: ([2011.12.19 09:36:14 | 000,438,446 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 15105 more lines...

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

O4:64bit: - HKLM..\Run: [DellStage] C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe ()

O4:64bit: - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\SysNative\spool\drivers\x64\3\EKIJ5000MUI.exe (Eastman Kodak Company)

O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [NVHotkey] C:\Windows\SysNative\nvHotkey.dll (NVIDIA Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [ChicoSys] C:\Windows\SysWOW64\cc32\webtmr.exe (Salfeld Computer)

O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.)

O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)

O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()

O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe File not found

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [NBAgent] C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe (Nero AG)

O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)

O4 - HKLM..\Run: [SMSTray] C:\Program Files (x86)\Samsung\EmoDio\SMSTray.exe (SAMSUNG ELECTRONICS)

O4 - HKLM..\Run: [TkBellExe] C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)

O4 - HKU\.DEFAULT..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-18..\Run: [CCWinTray] C:\Windows\tray\wintmr.exe (Salfeld Computer)

O4 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKLM..\RunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe (Softthinks)

O4 - HKU\.DEFAULT..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - HKU\S-1-5-18..\RunOnce: [KodakHomeCenter] C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe (Eastman Kodak Company)

O4 - Startup: C:\Users\Jasmina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\Nico.dell-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: RestrictRun = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableClock = 0

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKU\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C8601AA9-2FCA-424D-B13E-12984594DCE3}: DhcpNameServer = 192.168.1.1

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) -C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O32 - Unable to read "AutoRun" value or value not present!

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.19 13:21:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.12.19 13:21:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011.12.19 13:21:18 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Users\Administrator\Desktop\mbam-setup-1.51.2.1300.exe

[2011.12.19 10:13:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[2011.12.19 10:13:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight

[2011.12.19 10:12:24 | 013,072,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\Silverlight_x64.exe

[2011.12.19 10:10:37 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011.12.19 10:10:37 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011.12.19 10:10:37 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011.12.19 10:10:37 | 000,434,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011.12.19 10:10:37 | 000,367,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011.12.19 10:10:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011.12.19 10:10:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011.12.19 10:10:37 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011.12.19 10:10:37 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011.12.19 10:10:37 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011.12.19 10:10:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011.12.19 10:10:37 | 000,130,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011.12.19 10:10:37 | 000,118,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011.12.19 10:10:37 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011.12.19 10:10:37 | 000,086,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011.12.19 10:10:37 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011.12.19 10:10:37 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011.12.19 10:10:37 | 000,074,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011.12.19 10:10:37 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011.12.19 10:10:37 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011.12.19 10:10:37 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011.12.19 10:10:37 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011.12.19 10:10:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011.12.19 10:10:37 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011.12.19 10:10:37 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011.12.19 10:10:37 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011.12.19 10:10:37 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011.12.19 10:10:36 | 003,695,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011.12.19 10:10:36 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011.12.19 10:10:36 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011.12.19 10:10:36 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011.12.19 10:10:36 | 000,697,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011.12.19 10:10:36 | 000,603,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011.12.19 10:10:36 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011.12.19 10:10:36 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011.12.19 10:10:36 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011.12.19 10:10:36 | 000,282,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011.12.19 10:10:36 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011.12.19 10:10:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011.12.19 10:10:36 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011.12.19 10:10:36 | 000,227,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011.12.19 10:10:36 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011.12.19 10:10:36 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011.12.19 10:10:36 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011.12.19 10:10:36 | 000,165,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011.12.19 10:10:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011.12.19 10:10:36 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011.12.19 10:10:36 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011.12.19 10:10:36 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011.12.19 10:10:36 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011.12.19 10:10:36 | 000,145,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011.12.19 10:10:36 | 000,135,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011.12.19 10:10:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011.12.19 10:10:36 | 000,114,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011.12.19 10:10:36 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011.12.19 10:10:36 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011.12.19 10:10:36 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011.12.19 10:10:36 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011.12.19 10:10:36 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011.12.19 10:10:36 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011.12.19 10:10:36 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011.12.19 10:10:36 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011.12.19 10:10:36 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011.12.19 10:10:36 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011.12.19 10:10:36 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011.12.19 10:10:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011.12.19 10:10:36 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011.12.19 10:10:36 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011.12.19 10:10:36 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011.12.19 10:10:36 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011.12.19 09:00:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011.12.19 09:00:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011.12.18 13:56:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2011.12.18 08:32:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2011.12.18 08:32:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2011.12.18 08:06:21 | 000,000,000 | ---D | C] -- C:\_OTL

[2011.12.17 09:35:49 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SUPERAntiSpyware.com

[2011.12.17 09:35:34 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2011.12.16 09:08:32 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\RealNetworks

[2011.12.15 11:50:27 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Local\SoftGrid Client

[2011.12.15 11:50:25 | 000,000,000 | ---D | C] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.12.15 11:35:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2011.12.15 11:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2011.12.15 11:34:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2011.12.15 11:29:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared

[2011.12.15 11:29:01 | 000,198,832 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | C] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:28:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Real

[2011.12.15 11:25:22 | 000,713,472 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:52 | 000,000,000 | -HSD | C] -- C:\Users\Administrator\AppData\Local\4d0d2e25

[2011.12.15 11:14:51 | 009,852,544 | ---- | C] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

[2011.12.15 10:41:55 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.12.15 10:39:52 | 003,552,208 | ---- | C] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:29:11 | 000,000,000 | ---D | C] -- C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen

[2011.12.14 23:09:17 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\EncDec.dll

[2011.12.14 23:09:17 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\EncDec.dll

[2011.12.14 23:09:15 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll

[2011.12.14 08:33:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LP

[2011.12.02 16:28:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon

[2011.12.02 16:25:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon

[2011.12.02 16:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonEU

[2011.12.02 15:45:54 | 000,000,000 | ---D | C] -- C:\Download

[2011.12.02 15:45:20 | 000,000,000 | ---D | C] -- C:\Nexon

[2011.12.02 15:45:19 | 000,446,464 | ---- | C] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:38:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodak

[2011.11.24 09:36:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool

[2011.11.24 09:23:29 | 012,713,136 | ---- | C] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[2011.10.29 11:49:39 | 039,401,336 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\QuickTimeInstaller.exe

[2011.10.29 10:10:18 | 000,910,624 | ---- | C] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\jxpiinstall.exe

[2011.10.25 12:17:18 | 009,756,672 | ---- | C] ((c) Phoenix Technologies Ltd. ) -- C:\Program Files\L502X_A__06.exe

[2011.10.17 08:29:10 | 001,739,400 | ---- | C] (Secunia) -- C:\Program Files (x86)\PSISetup2003.exe

[2011.10.17 08:05:48 | 013,885,360 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 7.0.1.exe

[2011.09.24 17:12:36 | 001,291,624 | ---- | C] (Microsoft Corporation) -- C:\Program Files\wlsetup-web__1_.exe

[2011.09.23 14:09:00 | 000,676,624 | ---- | C] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer_1406666_de.exe

[2011.09.22 10:34:36 | 003,089,056 | ---- | C] (Adobe Systems, Inc.) -- C:\Program Files (x86)\install_flash_player.exe

[2011.08.28 11:11:15 | 051,975,388 | ---- | C] (Acresso Software Inc.) -- C:\Program Files (x86)\VSX4_Pro_TBYB.exe.part

[2011.08.27 11:56:04 | 001,228,384 | ---- | C] (Adobe Systems Incorporated) -- C:\Program Files (x86)\PremiereElements_9_LS15.exe

[2011.08.25 17:58:21 | 006,716,353 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Sunbird_Setup_1.0_Beta_1.exe

[2011.07.18 15:59:52 | 013,522,064 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 5.0.1.exe

[2011.05.28 13:13:41 | 014,212,584 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToiPodConverter.exe

[2011.05.28 13:11:38 | 014,563,768 | ---- | C] (DVDVideoSoft Ltd.                                           ) -- C:\Program Files (x86)\FreeYouTubeToMP3Converter.exe

[2011.05.22 09:35:05 | 021,255,560 | ---- | C] (Skype Technologies S.A.) -- C:\Program Files (x86)\SkypeSetupFull.exe

[2011.05.19 14:37:24 | 081,797,928 | ---- | C] (Apple Inc.) -- C:\Program Files (x86)\iTunes64Setup.exe

[2011.05.19 14:17:51 | 020,240,744 | ---- | C] (The GIMP Team                                               ) -- C:\Program Files (x86)\gimp-2.6.11-i686-setup.exe

[2011.05.19 14:17:11 | 019,735,256 | ---- | C] (                                                            ) -- C:\Program Files (x86)\gimp-2.6.8-x64-setup.exe

[2011.05.19 14:06:00 | 000,767,064 | ---- | C] (NCH Software) -- C:\Program Files (x86)\wpsetup4.57.exe

[2011.05.19 12:34:44 | 000,568,648 | ---- | C] (Google Inc.) -- C:\Program Files (x86)\GoogleEarthSetup.exe

[2011.05.19 12:26:00 | 009,326,056 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Thunderbird Setup 3.1.10.exe

[2011.05.19 12:25:04 | 012,362,480 | ---- | C] (Mozilla) -- C:\Program Files (x86)\Firefox Setup 4.0.1.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.19 21:09:56 | 000,001,207 | ---- | M] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.12.19 21:07:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2011.12.19 21:07:30 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.19 20:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.19 18:17:37 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.19 18:17:37 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.19 18:13:46 | 000,000,759 | ---- | M] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.19 18:07:40 | 000,007,922 | ---- | M] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.19 13:21:58 | 000,001,162 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.19 13:21:19 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Users\Administrator\Desktop\mbam-setup-1.51.2.1300.exe

[2011.12.19 10:19:27 | 000,654,346 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2011.12.19 10:19:27 | 000,616,188 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2011.12.19 10:19:27 | 000,130,186 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2011.12.19 10:19:27 | 000,106,568 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2011.12.19 10:12:25 | 013,072,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\Silverlight_x64.exe

[2011.12.19 10:10:37 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat

[2011.12.19 10:10:37 | 001,427,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2011.12.19 10:10:37 | 000,716,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2011.12.19 10:10:37 | 000,434,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll

[2011.12.19 10:10:37 | 000,367,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec

[2011.12.19 10:10:37 | 000,231,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2011.12.19 10:10:37 | 000,176,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2011.12.19 10:10:37 | 000,162,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll

[2011.12.19 10:10:37 | 000,152,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe

[2011.12.19 10:10:37 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe

[2011.12.19 10:10:37 | 000,142,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2011.12.19 10:10:37 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakeng.dll

[2011.12.19 10:10:37 | 000,118,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll

[2011.12.19 10:10:37 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll

[2011.12.19 10:10:37 | 000,086,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll

[2011.12.19 10:10:37 | 000,078,848 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll

[2011.12.19 10:10:37 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe

[2011.12.19 10:10:37 | 000,074,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll

[2011.12.19 10:10:37 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ie4uinit.exe

[2011.12.19 10:10:37 | 000,072,822 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2011.12.19 10:10:37 | 000,072,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2011.12.19 10:10:37 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll

[2011.12.19 10:10:37 | 000,063,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx

[2011.12.19 10:10:37 | 000,054,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll

[2011.12.19 10:10:37 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll

[2011.12.19 10:10:37 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll

[2011.12.19 10:10:37 | 000,023,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll

[2011.12.19 10:10:37 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe

[2011.12.19 10:10:36 | 003,695,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat

[2011.12.19 10:10:36 | 002,309,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2011.12.19 10:10:36 | 001,493,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2011.12.19 10:10:36 | 000,818,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2011.12.19 10:10:36 | 000,697,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2011.12.19 10:10:36 | 000,603,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2011.12.19 10:10:36 | 000,534,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll

[2011.12.19 10:10:36 | 000,452,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll

[2011.12.19 10:10:36 | 000,448,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec

[2011.12.19 10:10:36 | 000,282,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll

[2011.12.19 10:10:36 | 000,267,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieaksie.dll

[2011.12.19 10:10:36 | 000,248,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2011.12.19 10:10:36 | 000,237,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2011.12.19 10:10:36 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieaksie.dll

[2011.12.19 10:10:36 | 000,222,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll

[2011.12.19 10:10:36 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll

[2011.12.19 10:10:36 | 000,173,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2011.12.19 10:10:36 | 000,165,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe

[2011.12.19 10:10:36 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieakui.dll

[2011.12.19 10:10:36 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakui.dll

[2011.12.19 10:10:36 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe

[2011.12.19 10:10:36 | 000,160,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieakeng.dll

[2011.12.19 10:10:36 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll

[2011.12.19 10:10:36 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll

[2011.12.19 10:10:36 | 000,135,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll

[2011.12.19 10:10:36 | 000,123,392 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll

[2011.12.19 10:10:36 | 000,114,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\admparse.dll

[2011.12.19 10:10:36 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll

[2011.12.19 10:10:36 | 000,103,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll

[2011.12.19 10:10:36 | 000,101,888 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\admparse.dll

[2011.12.19 10:10:36 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2011.12.19 10:10:36 | 000,091,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe

[2011.12.19 10:10:36 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe

[2011.12.19 10:10:36 | 000,085,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll

[2011.12.19 10:10:36 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll

[2011.12.19 10:10:36 | 000,076,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx

[2011.12.19 10:10:36 | 000,072,822 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2011.12.19 10:10:36 | 000,065,024 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll

[2011.12.19 10:10:36 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll

[2011.12.19 10:10:36 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll

[2011.12.19 10:10:36 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll

[2011.12.19 10:10:36 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll

[2011.12.19 10:10:36 | 000,012,288 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe

[2011.12.19 10:10:36 | 000,010,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe

[2011.12.19 09:36:14 | 000,438,446 | R--- | M] () -- C:\Windows\SysNative\drivers\etc\hosts

[2011.12.18 14:09:10 | 000,001,963 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.15 11:35:17 | 000,001,836 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 11:29:01 | 000,198,832 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\rmoc3260.dll

[2011.12.15 11:28:57 | 000,006,656 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5016.dll

[2011.12.15 11:28:57 | 000,005,632 | ---- | M] (RealNetworks, Inc.) -- C:\Windows\SysWow64\pndx5032.dll

[2011.12.15 11:28:56 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll

[2011.12.15 11:25:23 | 000,713,472 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\RealPlayer.exe

[2011.12.15 11:22:41 | 001,500,062 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2011.12.15 11:14:56 | 009,852,544 | ---- | M] (Malwarebytes Corporation                                    ) -- C:\Program Files (x86)\mbam-setup-1.51.2.1300.exe

[2011.12.15 10:41:56 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 10:39:52 | 003,552,208 | ---- | M] (Piriform Ltd) -- C:\Program Files (x86)\ccsetup313.exe

[2011.12.15 08:25:41 | 000,353,408 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2011.12.15 08:02:34 | 000,000,118 | ---- | M] () -- C:\Windows\SysNative\MRT.INI

[2011.12.14 21:33:43 | 000,000,348 | ---- | M] () -- C:\NET.INI

[2011.12.14 08:38:37 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2011.12.02 16:25:10 | 000,001,632 | ---- | M] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | M] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.12.02 15:45:19 | 000,446,464 | ---- | M] (NEXON Inc.) -- C:\Windows\NEXON_EU_DownloaderUpdater.exe

[2011.11.24 09:39:41 | 000,002,209 | ---- | M] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.24 09:23:39 | 012,713,136 | ---- | M] (Eastman Kodak Company) -- C:\Program Files (x86)\aio_install.exe

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.12.19 18:07:40 | 000,000,759 | ---- | C] () -- C:\Windows\SysWow64\ccsync.err

[2011.12.19 13:21:58 | 000,001,162 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk

[2011.12.19 10:10:37 | 000,072,822 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2011.12.19 10:10:36 | 000,072,822 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2011.12.18 08:32:34 | 000,001,963 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.16 10:33:33 | 000,007,922 | ---- | C] () -- C:\Windows\SysWow64\cchservice.err

[2011.12.15 11:35:17 | 000,001,836 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2011.12.15 10:41:56 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2011.12.15 08:02:34 | 000,000,118 | ---- | C] () -- C:\Windows\SysNative\MRT.INI

[2011.12.02 16:25:10 | 000,001,632 | ---- | C] () -- C:\Users\Public\Desktop\Combat Arms EU.lnk

[2011.12.02 15:45:20 | 000,000,235 | ---- | C] () -- C:\Windows\SysWow64\nxEuUninstall.bat

[2011.11.24 09:39:41 | 000,002,209 | ---- | C] () -- C:\Users\Public\Desktop\KODAK AiO Home Center.lnk

[2011.11.11 07:32:42 | 001,527,140 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.10.29 09:54:07 | 001,019,816 | ---- | C] () -- C:\Program Files\DELL_DELL-DIGITAL-DELIVERY_A05_R313622.exe

[2011.10.10 16:51:50 | 000,155,536 | ---- | C] () -- C:\Windows\SysWow64\dllcinx.exe

[2011.10.10 16:51:48 | 000,000,600 | ---- | C] () -- C:\Windows\SysWow64\nochook.ini

[2011.10.03 13:41:52 | 000,247,053 | ---- | C] () -- C:\Program Files (x86)\mp3DC213.exe

[2011.09.29 09:19:37 | 000,001,207 | ---- | C] () -- C:\Windows\SysWow64\excltmp~.dat

[2011.09.29 09:18:42 | 000,000,141 | -H-- | C] () -- C:\Windows\SysWow64\ctlsw.ini

[2011.09.29 09:18:42 | 000,000,102 | ---- | C] () -- C:\Windows\SysWow64\SWCTL.DLL

[2011.09.29 08:11:44 | 000,124,416 | ---- | C] () -- C:\Windows\SysWow64\dXCtrls.dll

[2011.09.29 08:11:43 | 000,544,256 | ---- | C] () -- C:\Windows\SysWow64\janGraphics.dll

[2011.09.29 07:55:01 | 003,103,511 | ---- | C] () -- C:\Program Files (x86)\kcsetup8.exe

[2011.09.23 14:05:53 | 021,073,936 | ---- | C] () -- C:\Program Files (x86)\vlc-1.1.11-win32.exe

[2011.09.23 12:51:28 | 000,003,027 | ---- | C] () -- C:\Program Files (x86)\Français.lng

[2011.09.23 12:51:28 | 000,002,946 | ---- | C] () -- C:\Program Files (x86)\Español.lng

[2011.09.23 12:51:28 | 000,002,920 | ---- | C] () -- C:\Program Files (x86)\Italiano.lng

[2011.09.23 12:51:28 | 000,002,699 | ---- | C] () -- C:\Program Files (x86)\Deutsch.lng

[2011.09.23 12:51:28 | 000,002,553 | ---- | C] () -- C:\Program Files (x86)\Suomi.lng

[2011.09.23 12:40:52 | 023,773,184 | ---- | C] () -- C:\Program Files (x86)\PXCViewer98_x64.msi

[2011.09.23 12:27:47 | 001,376,768 | ---- | C] () -- C:\Program Files (x86)\7z920-x64.msi

[2011.09.16 06:44:01 | 168,166,968 | ---- | C] () -- C:\Program Files (x86)\OOo_3.3.0_Win_x86_install-wJRE_de.exe

[2011.08.28 09:55:59 | 002,466,704 | ---- | C] () -- C:\Program Files (x86)\AdobeDownloadAssistant.exe

[2011.08.27 11:27:07 | 1316,066,539 | ---- | C] () -- C:\Program Files (x86)\PremiereElements_9_LS15.7z

[2011.08.27 11:23:03 | 008,353,800 | ---- | C] () -- C:\Program Files (x86)\Adobe_Premiere_Elements_9-AkamaiDLM.exe

[2011.05.19 14:44:09 | 001,663,693 | ---- | C] () -- C:\Program Files (x86)\winrar-x64-400d.exe

[2011.05.19 14:10:20 | 014,166,016 | ---- | C] () -- C:\Program Files (x86)\wz150gev.msi

[2011.05.19 14:09:07 | 006,088,218 | ---- | C] () -- C:\Program Files (x86)\flash_player.zip

[2011.05.19 13:52:49 | 000,000,056 | ---- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011.05.19 12:39:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011.05.19 12:28:56 | 052,718,176 | ---- | C] () -- C:\Program Files (x86)\avira_antivir_personal_de.exe

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_89001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_49001461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_33011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2B071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A0F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_2A071461_8a.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_14001461_61.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_13011461_aa.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_110F1461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_A3031461_8a.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_ca.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_aa.bin

[2011.05.15 06:48:49 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_83231461_8a.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_890F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_2B0f1461_ca.bin

[2011.05.15 06:48:49 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_29001461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_180F1461_ca.bin

[2011.05.15 06:48:49 | 000,000,412 | ---- | C] () -- C:\Windows\11317231_18071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_11071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0B071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A0F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A031461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_0A011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_09001461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_08071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_060F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_06071461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_03011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_02011461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_010F1461_8a.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_aa.bin

[2011.05.15 06:48:48 | 000,000,502 | ---- | C] () -- C:\Windows\11317231_01071461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_07031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03231461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03131461_8a.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_03031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_ca.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_aa.bin

[2011.05.15 06:48:48 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_02031461_8a.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_0B0f1461_ca.bin

[2011.05.15 06:48:48 | 000,000,434 | ---- | C] () -- C:\Windows\11317231_090F1461_ca.bin

[2011.05.15 06:48:48 | 000,000,376 | ---- | C] () -- C:\Windows\11317231_03131461_aa.bin

[2011.05.15 06:48:47 | 000,000,461 | ---- | C] () -- C:\Windows\11317231_00000000_aa.bin

[2011.05.15 06:48:11 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll

[2011.05.15 06:47:21 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.05.15 06:47:19 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.05.15 06:47:17 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.01.19 12:34:42 | 003,003,392 | ---- | C] () -- C:\Program Files (x86)\openofficeorg33.msi

[2011.01.19 12:33:04 | 000,475,016 | ---- | C] () -- C:\Program Files (x86)\setup.exe

[2011.01.19 12:30:10 | 142,700,671 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab

[2011.01.19 11:15:26 | 000,000,290 | ---- | C] () -- C:\Program Files (x86)\setup.ini

[2009.07.14 06:38:36 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

[2009.04.16 12:24:14 | 000,921,600 | ---- | C] () -- C:\Windows\SysWow64\vorbisenc.dll

[2009.04.16 12:24:14 | 000,237,568 | ---- | C] () -- C:\Windows\SysWow64\OggDS.dll

[2009.04.16 12:24:14 | 000,188,416 | ---- | C] () -- C:\Windows\SysWow64\vorbis.dll

[2009.04.16 12:24:14 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\Ogg.dll

 
 ========== LOP Check ==========

 

[2011.05.23 15:49:56 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\CheckPoint

[2011.05.19 12:45:49 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.09.10 15:33:36 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Fingertapps

[2011.05.19 14:07:13 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\NCH Swift Sound

[2011.05.19 13:04:35 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\OpenOffice.org

[2011.12.19 10:01:11 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Opera

[2011.12.19 10:19:17 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\SoftGrid Client

[2011.11.18 10:33:58 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Temp

[2011.05.21 10:57:03 | 000,000,000 | ---D | M] -- C:\Users\Administrator\AppData\Roaming\Thunderbird

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Temp

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Temp

[2011.07.15 14:23:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\57168

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\B8457

[2011.09.01 18:51:14 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2011.05.23 16:30:23 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\CheckPoint

[2011.08.28 09:58:29 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011.09.10 14:11:11 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DriverFinder

[2011.10.01 08:51:21 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoft

[2011.10.01 08:51:16 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.06.30 08:10:18 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Fingertapps

[2011.06.20 07:07:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\go

[2011.12.16 12:46:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\gtk-2.0

[2011.11.07 19:23:04 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Leadertech

[2011.10.07 10:12:34 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\mp3DirectCut

[2011.06.24 07:34:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\NCH Swift Sound

[2011.05.20 17:29:32 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\OpenOffice.org

[2011.10.04 20:00:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Opera

[2011.05.31 06:51:05 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\ProtectDisc

[2011.09.20 10:55:01 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\QuickScan

[2011.07.06 19:23:10 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Temp

[2011.05.21 12:10:22 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Thunderbird

[2011.11.11 07:33:12 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\TP

[2011.07.17 14:24:06 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Ulead Systems

[2011.09.07 10:57:41 | 000,000,000 | ---D | M] -- C:\Users\Jasmina\AppData\Roaming\Uniblue

[2011.10.09 13:43:13 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\2K Sports

[2011.12.15 21:45:19 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\57168

[2011.12.15 08:04:04 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\B8457

[2011.10.27 10:01:00 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\DVDVideoSoft

[2011.09.29 09:43:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Fingertapps

[2011.10.27 10:57:32 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\MusicNet

[2011.10.18 19:17:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\OpenOffice.org

[2011.11.07 19:36:36 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Origin

[2011.09.13 07:51:26 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Temp

[2011.09.29 09:59:09 | 000,000,000 | ---D | M] -- C:\Users\Nico.dell-PC.000\AppData\Roaming\Thunderbird

[2011.12.19 20:28:00 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3230886925-126132133-2629391164-1025UA.job

[2011.12.04 15:25:34 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

< End of report >

:

2. otl-Extras
:

Code:

OTL Extras logfile created on: 19.12.2011 21:10:01 - Run 11

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Administrator\Desktop\Anti-Virus Maßnahmen\OTL

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,90 Gb Total Physical Memory | 2,06 Gb Available Physical Memory | 52,88% Memory free

7,79 Gb Paging File | 5,73 Gb Available in Paging File | 73,50% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 235,24 Gb Total Space | 110,36 Gb Free Space | 46,92% Space Free | Partition Type: NTFS

Drive D: | 215,77 Gb Total Space | 206,35 Gb Free Space | 95,63% Space Free | Partition Type: NTFS

 

Computer Name: DELL-PC | User Name: Administrator | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- Reg Error: Key error. File not found

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- Reg Error: Key error. File not found

 

[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Key error.

htmlfile [opennew] -- Reg Error: Key error.

htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome

https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome

inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- Reg Error: Key error.

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [open] -- Reg Error: Key error.

htmlfile [opennew] -- Reg Error: Key error.

http [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome

https [open] -- "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" -nohome

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- Reg Error: Key error.

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== System Restore Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

"DisableSR" = 1

"DisableConfig" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]

"DisableSR" = 1

"DisableConfig" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 
 ========== Firewall Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

"C:\Nexon\NEXON_EU_Downloader\NEXON_EU_Downloader_Engine.exe" = [String data over 1000 bytes]

"C:\Nexon\Combat Arms EU\CombatArms.exe" = C:\Nexon\Combat Arms EU\CombatArms.exe:*Enabled:CombatArms.exe -- (Nexon)

"C:\Nexon\Combat Arms EU\Engine.exe" = C:\Nexon\Combat Arms EU\Engine.exe:*Enabled:Engine.exe -- (Nexon)

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center

"{0645A454-AD44-4F0D-99CF-6B762735AD1F}" = aioprnt

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)

"{27EF8E7F-88D1-4ec5-ADE2-7E447FDF114E}" = Kodak AIO Printer

"{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}" = Intel(R) PROSet/Wireless WiFi-Software

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst

"{9ED333F8-3E6C-4A38-BAFA-728454121CDA}" = PDF-XChange Viewer

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 265.94

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 265.94

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 265.94

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.9

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Überwachungstool für die Intel® Turbo-Boost-Technik 2.0

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{BE930E38-7BB3-45B6-85B2-5251F374F844}" = 64 Bit HP CIO Components Installer

"{C7B40C35-85AE-4303-9EEA-1A1EA779664D}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology

"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D600D357-5CB9-4DE9-8FD4-14E208BD1970}" = Nero Backup Drivers

"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin 64-bit

"CCleaner" = CCleaner

"Dell Support Center" = Dell Support Center

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"ProInst" = Intel PROSet Wireless

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinGimp-2.0_is1" = GIMP 2.6.8

"WinRAR archiver" = WinRAR 4.00 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{01E9B2FF-DAF4-4529-9CC9-2101625517C7}" = nero.prerequisites.msi

"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11

"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11

"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup

"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11

"{1D4EE8FE-F31C-4258-9360-5B8B8309B14B}" = Adobe Premiere Elements 9 Content

"{1D7CE340-70C3-4848-BCCF-215950328A4C}" = Facebook Video Calling 1.0.0.8953

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{25175695-4B20-4298-9F34-C2C57CD277B3}" = Elements STI Installer

"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29

"{27107EAA-34E0-43BF-B537-7F8EF6880F5A}" = Facebook Video Calling 1.0.0.8177

"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager

"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1

"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic

"{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"{3250260C-7A95-4632-893B-89657EB5545B}" = PhotoShowExpress

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support

"{3443D416-9DAD-4362-BEB1-C213AD9062CD}" = Dell MusicStage

"{376348C2-E372-48BC-A138-E896757BD86A}" = aioscnnr

"{37AB0223-AF54-49C5-92AA-BFC9648CD323}" = Adobe Premiere Elements 9 HD Content 3

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)

"{3CBBE028-978B-4876-ABC1-EF9ED6C20C4E}" = Adobe Premiere Elements 9 Content 2

"{3EE2F527-F306-49E9-0086-662C337ADD3B}" = FUSSBALL MANAGER 07

"{3FEA6CD1-EA13-4CE7-A74E-A74A4A0A7B5C}" = FIFA 11

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{433EACD8-4747-4A6A-826A-FFA9F39B0D40}" = Elements 9 Organizer

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{50D90C59-4F5C-48BC-AFB2-38475412F0CA}" = Adobe Premiere Elements 9 Content 1

"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)

"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)

"{56BA241F-580C-43D2-8403-947241AAE633}" = center

"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{5F9AAF4A-B9B0-489D-AE67-73470A4714FE}" = Adobe Premiere Elements 9 HD Content 1

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update

"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3

"{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}" = Roxio Creator Starter

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{7746BFAA-2B5D-4FFD-A0E8-4558F4668105}" = Roxio Burn

"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime

"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide

"{7DDC3624-C631-49D1-B281-82EC3A27AA7C}" = Adobe Premiere Elements 9 Content 3

"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online

"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11

"{81DD0597-29EB-4FA0-8223-4F41362B2E72}" = NBA 2K11

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{87434D51-51DB-4109-B68F-A829ECDCF380}" = AccelerometerP11

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Sonic CinePlayer Decoder Pack

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B1846721-A8E6-46C7-83B6-0DCF7ADB4267}" = Nero Burning ROM 11

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B7E01095-8BAA-456E-8AED-504C3CCADBA0}" = Nero 11

"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)

"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media

"{BE94C681-68E2-4561-8ABC-8D2E799168B4}" = essentials

"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11

"{BFBCF96F-7361-486A-965C-54B17AC35421}" = ocr

"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax

"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)

"{DA5BDB2A-12F0-4343-8351-21AAEB293990}" = PreReq

"{DC0C5A78-6DBF-3444-0120-0FE8F0134FCD}" = Adobe Download Assistant

"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0F274B7-592B-4669-8FB8-8D9825A09858}" = KODAK All-in-One Software

"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11

"{E240C78D-8F35-456A-8876-15FF6901B7E0}" = Adobe Premiere Elements 9 HD Content 2

"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series

"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic

"{E9F59205-F128-49A7-9039-4BDFB60EE4A3}" = Dell Stage

"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)

"{EB9955F8-467C-47FC-90F8-12CD5DF684C3}" = Adobe Premiere Elements 9

"{EC7FE03D-239A-4E36-9907-0E327922D2A2}" = bpd_scan

"{EF53BFAB-4C10-40DB-A82D-9B07111715C6}" = aioscnnr

"{EF56258E-0326-48C5-A86C-3BAC26FC15DF}" = Roxio Creator Starter

"{F06B5C4C-8D2E-4B24-9D43-7A45EEC6C878}" = Roxio Creator Starter

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F302F4F0-588D-6501-1ACF-BE3FDCC9135D}" = Adobe Community Help

"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples

"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic

"{F69FB940-5031-4FE8-AFAD-085802D0BF63}" = Nero Recode 11

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)

"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR

"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Premiere Elements 9 Content" = Adobe Premiere Elements 9 Content

"Adobe Premiere Elements 9 Content 1" = Adobe Premiere Elements 9 Content 1

"Adobe Premiere Elements 9 Content 2" = Adobe Premiere Elements 9 Content 2

"Adobe Premiere Elements 9 Content 3" = Adobe Premiere Elements 9 Content 3

"Adobe Premiere Elements 9 HD Content 1" = Adobe Premiere Elements 9 HD Content 1

"Adobe Premiere Elements 9 HD Content 2" = Adobe Premiere Elements 9 HD Content 2

"Adobe Premiere Elements 9 HD Content 3" = Adobe Premiere Elements 9 HD Content 3

"Advanced Audio FX Engine" = Advanced Audio FX Engine

"Akamai" = Akamai NetSession Interface Service

"AVerMedia H339 Hybrid TV Tuner" = AVerMedia H339 Hybrid TV Tuner 2.2.64.64

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"BewerbungsGenie 7_is1" = DATA BECKER BewerbungsGenie 7

"BurningWheels" = Cobra 11 - Burning Wheels (remove only)

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help

"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant

"Combat Arms EU" = Combat Arms EU

"Dell Webcam Central" = Dell Webcam Central

"ESET Online Scanner" = ESET Online Scanner v3

"ExpressBurn" = Express Burn Disc Burning Software

"ExpressRip" = Express Rip

"Free YouTube to iPod Converter_is1" = Free YouTube to iPod Converter version 3.10.8.815

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.8.815

"InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}" = SmartSound Quicktracks 5

"InstallShield_{6748E773-5DA0-4D19-8AA5-273B4133A09B}" = SmartSound Quicktracks for Premiere Elements 9.0

"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data

"InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = EmoDio

"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"Kindersicherung_is1" = Kindersicherung 2011

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300

"MixPad" = MixPad Audio Mixer

"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)

"Mozilla Thunderbird (8.0)" = Mozilla Thunderbird (8.0)

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"PremElem90" = Adobe Premiere Elements 9

"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11

"Secunia PSI" = Secunia PSI (2.0.0.3003)

"VLC media player" = VLC media player 1.1.11

"WavePad" = WavePad Sound Editor

"Windows Media Encoder 9" = Windows Media Encoder 9 Series

"WinLiveSuite" = Windows Live Essentials

 
 ========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-3230886925-126132133-2629391164-500\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 
 ========== Last 10 Event Log Errors ==========

 

Error reading Event Logs: The Event Service is not operating properly or the Event Logs are corrupt!

 

< End of report >

:

hatte ich das schon geschrieben? - avira und windows update laufen wieder.

beste grüße
jasmina

Hallo Kira,
TDSSKiller hat keine Funde gehabt.
Ich habe noch mal mit Malewarbytes gescannt und der hat dann scheinbar noch was gefunden. Den logfile poste ich hier. Ansonsten kann ich die Windows Firewall nicht aktivieren.

Viele Grüße
Jasmina

:

Code:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org
 

Datenbank Version: 8401
 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421
 

20.12.2011 10:21:53

mbam-log-2011-12-20 (10-21-53).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Durchsuchte Objekte: 477500

Laufzeit: 1 Stunde(n), 15 Minute(n), 22 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 1

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore\DisableConfig (Windows.Tool.Disabled) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden):