Trojaner-Board - Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy (https://www.trojaner-board.de/106760-windows-live-mail-verschickt-irgendwelche-adressen-haufenweise-spam-mail-addy.html)

Windows Live Mail verschickt an irgendwelche Adressen haufenweise Spam über meine Mail-Addy

Moin zusammen,

ich habe mir schon oft Tipps aus diesem Forum rausgesucht aber nun stehe ich auf dem Schlauch...

Ich habe das Problem, das mein Mailprogramm "Windows Live Mail" Spam versendet. Könnt Ihr mir helfen dieses Schädling, der das verursacht zu entfernen?

Das eine oder andere Programm habe ich schon probiert.. habe aber Schwierigkeiten 1. die LOGS auszuwerten und 2. dann die entsprechenden Gegenmaßnahmen zu leisten.

Bin über jede Hilfe außerordentlich dankbar.
LG
Ch4uv1e

Hallo und Herzlich Willkommen! :)

Bevor wir unsere Zusammenarbeit beginnen, [Bitte Vollständig lesen]:

Zitat:

"Fernbehandlungen/Fernhilfe" und die damit verbundenen Haftungsrisken:
- da die Fehlerprüfung und Handlung werden über große Entfernungen durchgeführt, besteht keine Haftung unsererseits für die daraus entstehenden Folgen.
- also, jede Haftung für die daraus entstandene Schäden wird ausgeschlossen, ANWEISUNGEN UND DEREN BEFOLGUNG, ERFOLGT AUF DEINE EIGENE VERANTWORTUNG!
Charakteristische Merkmale/Profilinformationen:
- aus der verwendeten Loglisten oder Logdateien - wie z.B. deinen Realnamen, Seriennummer in Programm etc)- kannst Du herauslöschen oder durch [X] ersetzen
Die Systemprüfung und Bereinigung:
- kann einige Zeit in Anspruch nehmen (je nach Art der Infektion), kann aber sogar so stark kompromittiert sein, so dass eine wirkungsvolle technische Säuberung ist nicht mehr möglich bzw Du es neu installieren musst
Ich empfehle Dir die Anweisungen erst einmal komplett durchzulesen, bevor du es anwendest, weil wenn du etwas falsch machst, kann es wirklich gefährlich werden. Wenn du meinen Anweisungen Schritt für Schritt folgst, kann eigentlich nichts schief gehen.
Innerhalb der Betreuungszeit:
- ohne Abspräche bitte nicht auf eigene Faust handeln!- bei Problemen nachfragen.
Die Reihenfolge:
- genau so wie beschrieben bitte einhalten, nicht selbst die Reihenfolge wählen!
GECRACKTE SOFTWARE werden hier nicht geduldet!!!!
Ansonsten unsere Forumsregeln:
- Bitte erst lesen, dann posten!-> Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten?

Alle Logfile mit einem vBCode Tag eingefügen, das bietet hier eine gute Übersicht, erleichtert mir die Arbeit! Falls das Logfile zu groß, teile es in mehrere Teile auf.

Sobald Du diesen Einführungstext gelesen hast, kannst Du beginnen:)

Zitat:

► Falls es Meldung/Bericht von deinem Antivirenprogramm oder andere Schutzprogramme gibt, bitte posten! Was gefunden und vor allem wo...
► Beschreibe, welche Versuche du unternommen hast, um das Problem zu lösen (die schon vorhandenen Ergebnisse auch posten)

► Erster Teil des 3-teiligen Verfahren, werden wir dein System auf Viren untersuchen, bzw nach einem anderen Verursacher suchen:
Für Vista und Win7:
Wichtig: Alle Befehle bitte als Administrator ausführen! rechte Maustaste auf die Eingabeaufforderung und "als Administrator ausführen" auswählen
Auf der angewählten Anwendung einen Rechtsklick (rechte Maustaste) und "Als Administrator ausführen" wählen!

1.
Lade Dir Malwarebytes Anti-Malware von→ malwarebytes.org

Installieren und per Doppelklick starten.
Deutsch einstellen und gleich mal die Datenbanken zu aktualisieren - online updaten
"Komplett Scan durchführen" wählen (überall Haken setzen)
wenn der Scanvorgang beendet ist, klicke auf "Zeige Resultate"
Alle Funde - falls MBAM meldet in C:\System Volume Information - den Haken bitte entfernen - markieren und auf "Löschen" - "Ausgewähltes entfernen") klicken.
Poste das Ergebnis hier in den Thread - den Bericht findest Du unter "Scan-Berichte"

eine bebilderte Anleitung findest Du hier: Anleitung

2.
Systemscan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt - OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

3.
Ich würde gerne noch all deine installierten Programme sehen:
Lade dir das Tool CCleaner herunter
→ Download
installieren (Software-Lizenzvereinbarung lesen, falls angeboten wird "Füge CCleaner Yahoo! Toolbar hinzu" abwählen)→ starten→ Sprache → Deutsch auswählen
dann klick auf "Extra (um die installierten Programme auch anzuzeigen)→ weiter auf "Als Textdatei speichern..."
wird eine Textdatei (*.txt) erstellt, kopiere dazu den Inhalt und füge ihn da ein

Zitat:

Damit dein Thread übersichtlicher und schön lesbar bleibt, am besten nutze den Code-Tags für deinen Post:
→ vor dein Log schreibst Du (also am Anfang des Logfiles):[code]
hier kommt dein Logfile rein - z.B OTL-Logfile o. sonstiges
→ dahinter - also am Ende der Logdatei: [/code]

** Möglichst nicht ins internet gehen, kein Online-Banking, File-sharing, Chatprogramme usw

gruß
kira

Vielen Dank für die Hilfe!!!
Habe bis jetzt Malwarebytes Anti-Malware benützt.
Hier das Ergebnis:

Code:

Malwarebytes' Anti-Malware 1.51.2.1300

www.malwarebytes.org
 

Datenbank Version: 911122306
 

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421
 

23.12.2011 18:39:11

mbam-log-2011-12-23 (18-39-11).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|)

Durchsuchte Objekte: 499246

Laufzeit: 1 Stunde(n), 44 Minute(n), 13 Sekunde(n)
 

Infizierte Speicherprozesse: 0

Infizierte Speichermodule: 0

Infizierte Registrierungsschlüssel: 0

Infizierte Registrierungswerte: 0

Infizierte Dateiobjekte der Registrierung: 0

Infizierte Verzeichnisse: 0

Infizierte Dateien: 0
 

Infizierte Speicherprozesse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel:

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung:

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse:

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien:

(Keine bösartigen Objekte gefunden)

Werde nun OLT probiere.
LG

Hier die OLt.txt

Code:

OTL logfile created on: 23.12.2011 18:55:21 - Run 2

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\UserXY\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,93 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 35,21% Memory free

7,87 Gb Paging File | 4,89 Gb Available in Paging File | 62,13% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 420,33 Gb Total Space | 172,72 Gb Free Space | 41,09% Space Free | Partition Type: NTFS

Drive D: | 30,48 Gb Total Space | 28,23 Gb Free Space | 92,62% Space Free | Partition Type: NTFS

 

Computer Name: UserXY-PC | User Name: UserXY | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\UserXY\Desktop\OTL.exe (OldTimer Tools)

PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

PRC - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

PRC - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()

PRC - C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)

PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)

PRC - C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

PRC - C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe ()

PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

PRC - C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe (Lenovo)

PRC - C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)

PRC - C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)

 

 
 ========== Modules (No Company Name) ==========

 

MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avutil-51.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avformat-53.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avcodec-53.dll ()

MOD - C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Management\1049a76b3de293df726d380932215c91\System.Management.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6f2de1cb69aef1946760a70f355a3075\System.ServiceProcess.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\f5659a792c1f6832d9a45c1509d03497\System.Transactions.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Data\f8196c3588c2229e84516af4b6a0ee60\System.Data.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Security\ccba14fc93de40f4f53d401f07b9bcb8\System.Security.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll ()

MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll ()

MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()

MOD - C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()

MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe ()

MOD - C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll ()

MOD - C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()

MOD - C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()

MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll ()

MOD - C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll ()

MOD - C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe ()

MOD - C:\Windows\SysWOW64\msjetoledb40.dll ()

MOD - C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)

SRV:64bit: - (Slidebar Notifier Service) -- C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe (Lenovo)

SRV:64bit: - (Lenovo ReadyComm ConnSvc) -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe (Lenovo Group Limited)

SRV:64bit: - (Lenovo ReadyComm AppSvc) -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe (Lenovo Group Limited)

SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (btwdins) -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe (Broadcom Corporation.)

SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira GmbH)

SRV - (IGRS) -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe (Lenovo Group Limited)

SRV - (ReadyComm.DirectRouter) -- C:\windows\SysWow64\IgrsSvcs.exe (Microsoft Corporation)

SRV - (PS_MDP) -- C:\windows\SysWow64\IgrsSvcs.exe (Microsoft Corporation)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira GmbH)

SRV - (SBSDWSCService) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)

SRV - (VMCService) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone)

SRV - (ServiceLayer) -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe (Nokia.)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)

DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)

DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)

DRV:64bit: - (atksgt) -- C:\Windows\SysNative\drivers\atksgt.sys ()

DRV:64bit: - (lirsgt) -- C:\Windows\SysNative\drivers\lirsgt.sys ()

DRV:64bit: - (huawei_enumerator) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (ew_hwusbdev) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)

DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)

DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)

DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)

DRV:64bit: - (vm332avs) -- C:\Windows\SysNative\drivers\vm332avs.sys (Vimicro Corporation)

DRV:64bit: - (RTHDMIAzAudService) -- C:\Windows\SysNative\drivers\RtHDMIVX.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation)

DRV:64bit: - (ss_bbus) SAMSUNG USB Mobile Device (WDM) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI)

DRV:64bit: - (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation)

DRV:64bit: - (JMCR) -- C:\Windows\SysNative\drivers\jmcr.sys (JMicron Technology Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)

DRV:64bit: - (LHDmgr) -- C:\Windows\SysNative\drivers\LhdX64.sys (Lenovo.)

DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)

DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)

DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)

DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)

DRV:64bit: - (ACPIVPC) -- C:\Windows\SysNative\drivers\AcpiVpc.sys (Lenovo Corporation)

DRV:64bit: - (k57nd60a) Broadcom NetLink (TM) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (wsvd) -- C:\Windows\SysNative\drivers\wsvd.sys (CyberLink)

DRV:64bit: - (ATIAVPCI) -- C:\Windows\SysNative\drivers\atinavrr.sys (ATI Technologies Inc.)

DRV:64bit: - (wdmirror) -- C:\Windows\SysNative\drivers\WDMirror.sys (Lenovo)

DRV:64bit: - (Bridge0) -- C:\Windows\SysNative\drivers\WDBridge.sys (Lenovo)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (netw5v64) Intel(R) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)

DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)

DRV:64bit: - (pccsmcfd) -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys (Nokia)

DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com/ [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo.msn.com

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://de-de.facebook.com/

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "hxxp://www.einsatz.bundeswehr.de/portal/a/einsatzbw/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLN_SJdw0xB8lB2EGu-pFw0aCUVH1fj_zcVH1v_QD9gtyIckdHRUUAFEVdhA!!/delta/base64xml/L3dJdyEvd0ZNQUFzQUMvNElVRS82XzFMX0VTMQ!!"

FF - prefs.js..keyword.URL: "hxxp://search.sweetim.com/search.asp?src=2&q="

FF - prefs.js..network.proxy.type: 0

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.05.10 13:04:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.05.10 13:04:06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.05.10 13:04:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.10 18:28:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2011.05.20 22:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Extensions

[2011.11.09 22:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions

[2011.11.09 22:27:45 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}

[2011.10.05 21:18:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.12.21 19:34:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}

[2011.11.10 18:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011.05.21 16:44:53 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

File not found (No name found) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

File not found (No name found) -- C:\USERS\BJÃ¶RN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{A5475360-A7EA-437B-9A79-29208F476940}.XPI

File not found (No name found) -- C:\USERS\BJÃ¶RN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}

[2011.11.10 18:28:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.02 10:08:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.10.02 10:08:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.10.02 10:08:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.10.02 10:08:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.02 10:08:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.10.02 10:08:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: PriceGong = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.5.0_0\

CHR - Extension: YouTube = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\

CHR - Extension: Google-Suche = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\

CHR - Extension: Google Mail = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

 

O1 HOSTS File: ([2011.12.23 00:01:11 | 000,439,956 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 127.0.0.1        123fporn.info

O1 - Hosts: 15125 more lines...

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll (PriceGong)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated)

O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKLM..\Run: [Ferret Gaming Mouse] C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe ()

O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo)

O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware (reboot)] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)

O4 - HKLM..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe (Lenovo)

O4 - HKLM..\Run: [NPSStartup]  File not found

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)

O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [MediaGet2] C:\Users\UserXY\AppData\Local\MediaGet2\mediaget.exe --minimized File not found

O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)

O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - Startup: C:\Users\UserXY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31151D60-D04C-4C60-AC9C-5CE4955C99C4}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BA91CBA-DC8C-43FF-9C36-49994A0F6F56}: NameServer = 193.189.244.225 193.189.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82CADA82-B818-4FE4-B28F-3CDA6D559DA7}: NameServer = 193.189.244.225 193.189.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B5605E6-C357-478E-9252-0BC3D7DF10CD}: NameServer = 193.189.244.225 193.189.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7276388-C15C-4634-B5AE-C23E6D14E15E}: NameServer = 193.189.244.225 193.189.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0EE1716-A8A0-4357-995A-AC2B02165EF4}: DhcpNameServer = 192.168.178.1

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell - "" = AutoRun

O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell - "" = AutoRun

O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a

O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\G\Shell - "" = AutoRun

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.23 13:05:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\Malwarebytes

[2011.12.23 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.12.23 13:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.12.23 13:04:35 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2011.12.23 13:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011.12.23 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F0F9E42B-D95B-4E4B-BA4E-4987735B32FE}

[2011.12.22 21:17:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E761172F-4A41-4248-9381-30A816C3EDCF}

[2011.12.22 21:17:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DE4A941F-C868-4DD6-B85A-FD7280DF3FB2}

[2011.12.22 07:10:43 | 000,000,000 | -HSD | C] -- C:\windows\SysNative\%APPDATA%

[2011.12.21 22:54:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe

[2011.12.21 22:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Virus MSN

[2011.12.21 22:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AxBx

[2011.12.21 20:28:24 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{23820886-A6F5-4B53-B0E6-A283BF248B94}

[2011.12.21 20:28:06 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{58F3DF79-C147-4721-BA61-623A52F6F513}

[2011.12.21 19:01:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy

[2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011.12.21 18:51:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011.12.21 18:51:28 | 000,074,880 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys

[2011.12.21 18:51:28 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\windows\SysWow64\drivers\ssmdrv.sys

[2011.12.21 18:51:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2011.12.21 18:51:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2011.12.21 07:28:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CEB77FAC-EE8E-4437-A963-E3BEF9002E86}

[2011.12.21 07:28:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBB24A00-D4F9-445E-8071-7C0091E08119}

[2011.12.21 06:34:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5E8DB4A2-19F5-4F3F-BE7F-ECAA46A6BBA3}

[2011.12.20 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EC66862A-2DF5-490F-9508-5AEEAC431E21}

[2011.12.20 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{697BB127-4524-4453-AB01-275367CA3951}

[2011.12.20 18:33:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{41B42598-67BF-4517-919A-73358311B963}

[2011.12.20 06:32:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{54C49EB5-0534-4A39-8050-23E75C07E051}

[2011.12.20 06:32:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D7CA888B-E28B-4AE2-BFFF-C6B5A8416F25}

[2011.12.20 06:31:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{1D5BE593-FF20-4559-A367-F955538BA7A1}

[2011.12.19 18:31:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C0BB5707-38ED-4C52-84CE-51748F9F25D0}

[2011.12.19 18:30:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4C406F28-C620-407D-9319-A689B740C5E4}

[2011.12.19 18:30:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7817153-F764-4A96-A721-6FADCBEF8169}

[2011.12.19 06:29:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B2131290-3AE3-4142-AFF5-A43F71CC52D9}

[2011.12.19 06:27:38 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F9453BA-8A62-41C1-B88F-81AF254418E7}

[2011.12.18 11:45:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93ABE7DE-35BF-4EF7-9E20-FC1940FB9B24}

[2011.12.18 11:45:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3F5C1D84-500F-44DC-AEF1-7B5C26B74827}

[2011.12.18 11:45:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E2CA1C26-4E1A-4E5C-A7CD-352365EC5145}

[2011.12.18 11:44:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{807A31A5-76AB-4F78-A333-3367D7D5021D}

[2011.12.17 23:45:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305DA6BA-C871-4E75-B63C-1E2A22683FBB}

[2011.12.17 23:44:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6A554F19-A490-463C-8C20-9D0048D39F3D}

[2011.12.17 11:17:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05A9C5E3-EE3E-4B4A-94F7-4E2DB2F6FA69}

[2011.12.17 11:16:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{19DB6FA2-1699-4B0E-A56F-C16BFB239EE5}

[2011.12.17 11:15:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{21F762EB-F5F2-4C88-89A4-C15C6FAEC545}

[2011.12.16 12:02:04 | 000,000,000 | ---D | C] -- C:\34dbc5b24e8377ada30ef2a4a1

[2011.12.16 11:59:10 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2011.12.16 11:59:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2011.12.16 11:59:07 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll

[2011.12.16 11:59:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll

[2011.12.16 11:59:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2011.12.16 11:59:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2011.12.16 11:59:02 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2011.12.16 11:59:01 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2011.12.16 11:59:01 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2011.12.16 11:59:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2011.12.16 11:58:59 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2011.12.16 11:46:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\Lehrgang Plön 2011

[2011.12.16 11:46:31 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\2011 12 15 HS12

[2011.12.16 06:25:03 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5C13D8F7-4F45-4244-8D1B-6C077F0F89C0}

[2011.12.15 23:10:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll

[2011.12.15 23:10:44 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll

[2011.12.15 23:10:43 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll

[2011.12.15 17:42:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{970AA118-FC0B-445B-B464-AA5B2EB42BE3}

[2011.12.13 22:39:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EE0B5AD9-33D6-4130-8B1F-AF190BC67732}

[2011.12.13 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{88D8C8BC-FD1B-40F1-A81C-B1FFFF200EC0}

[2011.12.13 22:38:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CACFBB0E-87C6-49F1-82EE-577645099B4A}

[2011.12.13 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6AF9EC01-09AD-4412-BBD5-2FDE8EE7A028}

[2011.12.13 10:37:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{31722CC3-4C73-4AA1-9526-B2FD1BF9EA92}

[2011.12.13 10:37:09 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{97474F36-0DE5-445D-A7D7-436AC47745B0}

[2011.12.12 22:36:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0E593BE1-CABE-4429-B207-BD944441BA1D}

[2011.12.12 22:36:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{113B489D-6A9A-4359-A5D5-5646D07099FC}

[2011.12.12 22:35:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{13D31F98-0CD1-44C2-8772-E43EA81B99E8}

[2011.12.12 19:09:53 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\MF Fragenkatalog

[2011.12.12 16:30:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\Bw

[2011.12.12 10:35:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5AABA16F-A2EB-41E0-91D3-EA69DA35EFEA}

[2011.12.12 10:34:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74A83997-9CE3-40B2-9881-B5DB808D96F2}

[2011.12.11 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74BD2357-8232-4C8B-BF0E-D9D48C282298}

[2011.12.11 08:25:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{BAB85B9E-8E61-4C8E-B696-ECF926D35427}

[2011.12.10 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C3BFF58D-9D89-4A9B-9EF4-8BC52C042533}

[2011.12.10 20:24:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6E5FD438-4B12-4F5C-A6A5-A4D0806AF4E4}

[2011.12.10 20:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F810C697-14B5-47B4-8DA2-FBFE26159E90}

[2011.12.10 11:23:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F9D64CC6-D057-47BF-B634-6E25D361A12C}

[2011.12.10 11:19:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305BBCB9-598F-4A3C-987D-4CA19205AF39}

[2011.12.09 06:19:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0FC2882B-FDFA-4F75-8EAE-FD08C2B0308D}

[2011.12.08 18:18:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{491EFE69-1C81-4800-BFEA-7ACC72E6FD37}

[2011.12.08 06:17:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F1098C5-6BC3-4702-8F42-576FB6F5D929}

[2011.12.07 18:16:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0EA8698C-DD91-46A2-B961-1122783E121E}

[2011.12.07 18:16:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E07A583F-30F9-4590-B9A4-BB647CE512C6}

[2011.12.07 06:39:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars

[2011.12.07 06:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars

[2011.12.07 06:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars

[2011.12.07 06:15:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9EE2AD73-4899-4594-83C2-660A46C4B24D}

[2011.12.07 06:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars.NET

[2011.12.07 06:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET

[2011.12.06 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2AC2E61A-8864-47AA-8987-827074C124EE}

[2011.12.06 18:18:56 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C7D362AE-8706-49B8-8EB0-10C772C88EFA}

[2011.12.06 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{85ECF006-D851-402E-BF00-1F3C36543F66}

[2011.12.06 06:17:59 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{865A431B-ED15-48E2-A596-3B2FE317CC99}

[2011.12.06 06:17:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2676B89B-4E29-4343-99A6-3C72B7146D28}

[2011.12.06 06:17:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBA9598D-A0A6-4114-B8F3-2EC895C38E8C}

[2011.12.05 18:16:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DD852F19-28B5-4A75-B1EF-46CCC9528C33}

[2011.12.05 18:15:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B93CD67A-A7A9-4593-BDBE-0FE89665D5FB}

[2011.12.05 18:15:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C44382B1-CE69-4830-8F75-E329B19210FE}

[2011.12.05 13:34:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\WSO Kuipel

[2011.12.05 06:18:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C18C5B99-81F6-41D3-8524-7098AA903B05}

[2011.12.05 06:15:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{60521F1E-8875-4202-BB39-5E396956AAC5}

[2011.12.04 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F847F304-0115-4DA5-AAEB-3D4FE2A5B8F0}

[2011.12.04 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93A035A6-6C33-44C6-951D-CA21195C8711}

[2011.12.04 13:18:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2A62B45E-C20C-4BC8-ADAE-14C86F08AF86}

[2011.12.04 13:18:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6DC57428-F417-41E7-97CA-8FCEE0C9FBDC}

[2011.12.03 15:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2011.12.03 15:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2011.12.03 11:12:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{40814D1B-AF76-4E88-88C4-652B229BAD67}

[2011.12.03 11:11:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{287CAAE8-EFA7-4D6F-8843-90934BE26E14}

[2011.12.03 11:07:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7CCBB42-0054-4ADE-B2E5-BC88BF3EED72}

[2011.12.02 17:39:14 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D3CEB3C2-486C-4DB2-A6B2-6AD4E951536B}

[2011.12.02 17:38:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{51BA23A8-0542-4EEB-AA67-A16114A18E1D}

[2011.12.02 12:14:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A9787D1-8646-45AF-A34D-676526BB1CEE}

[2011.12.02 06:41:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4793DBCB-66A8-4FB0-B07B-D9580B955078}

[2011.12.01 18:40:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{073684C9-669F-441E-91CF-9C6F0EC160E2}

[2011.12.01 18:40:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{560D7B62-CB23-498B-A449-5E312FA063A9}

[2011.12.01 18:39:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{551C8537-084C-4940-A72C-4D5E793A477A}

[2011.12.01 18:39:36 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{058CCC41-4A4E-43D8-8A40-246C18BE1B46}

[2011.12.01 06:38:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E1D6E61E-19D7-4160-98D7-B363AC86FE24}

[2011.12.01 06:38:46 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9A608524-F609-4FC9-B009-D3D08B635FCD}

[2011.12.01 06:38:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4CAE9F50-BF07-4177-BFFD-0B14A7AF6C4E}

[2011.11.30 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4EB76B30-BA11-4D00-91DD-111950A7362F}

[2011.11.30 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{32C1EABC-BD75-4CFF-81B7-B35E34032172}

[2011.11.30 18:37:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{098F093B-D328-4C6F-A24A-B070339875C5}

[2011.11.30 14:59:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\Desktop\Fragenkatalog

[2011.11.30 06:36:27 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{06EB71A9-9AD0-43F0-BFCE-8556CD5BD646}

[2011.11.30 06:35:01 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{510135DB-2FA0-4D2D-A9A9-E2D59D5CF3FA}

[2011.11.29 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A364C7A-B7D8-4BDD-902D-8EC4095948D6}

[2011.11.29 05:41:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{AA088DCA-72AC-4DD5-879A-BB2B11845959}

[2011.11.29 05:28:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3CEBDD1D-3563-494F-870F-0A375A3474FC}

[2011.11.28 12:07:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{73FE2BCA-E1B0-4CF7-B065-0382560973DE}

[2011.11.28 12:06:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E3BE7BB0-FA64-4891-8668-B5EE519D4575}

[2011.11.28 12:06:23 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3FC2D951-AD94-49C1-87F3-6F183F38C1D1}

[2011.11.28 12:06:02 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9F121627-F028-4593-A91B-D2B582616B4E}

[2011.11.28 00:05:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{A82A9321-AB02-4633-85FB-6AFEC96C0A1F}

[2011.11.28 00:04:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05D885C5-39C2-4071-BC4C-34D9C985F235}

[2011.11.27 23:06:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3B2832DD-C063-462B-B08A-91059C8115EE}

[2011.11.27 10:02:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2F3C11DA-A800-421F-B788-200D352AA354}

[2011.11.27 10:02:33 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6206C6DE-F5D9-4330-9371-98052D88A512}

[2011.11.27 10:02:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{650C1E02-7A27-4702-8D68-1E73BE44673A}

[2011.11.27 10:02:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{401740B1-B4D1-4089-83F8-82DA06FF7FFE}

[2011.11.26 16:02:33 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9A96B614-5A0F-4DD6-9804-822AAA5E6F69}

[2011.11.26 16:01:56 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C7B0A24E-5FF8-43F0-B470-3B6641975071}

[2011.11.26 16:01:42 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6D54C6D4-55DC-4759-A135-2E145F0ABC63}

[2011.11.25 06:13:16 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{A1E90A5C-0EED-4404-9C9D-1A2E45D54674}

[2011.11.25 06:11:09 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{82EFFA90-8CA0-4C82-B839-74434A98B4D2}

[2011.11.24 17:55:21 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{7D3CE9C5-869F-466E-B5D7-AC3E7239F6D0}

[2011.11.24 17:54:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D2172C03-4393-491D-B142-06B2B750679D}

[2011.11.24 17:36:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B4F8A086-0D81-49B6-B6C6-11FE35C152E9}

[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.23 18:11:06 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.12.23 11:18:19 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat

[2011.12.23 00:01:11 | 000,439,956 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts

[2011.12.22 23:28:47 | 000,439,956 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20111223-000111.backup

[2011.12.22 22:03:57 | 000,074,880 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys

[2011.12.22 21:24:36 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.22 21:24:36 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.22 21:17:00 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.12.22 21:15:54 | 3168,190,464 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.21 22:50:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe

[2011.12.21 22:47:53 | 000,001,056 | ---- | M] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk

[2011.12.21 20:32:23 | 000,439,956 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts.20111222-232847.backup

[2011.12.21 18:51:31 | 000,002,030 | ---- | M] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011.12.20 17:13:26 | 001,498,742 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2011.12.20 17:13:26 | 000,654,400 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2011.12.20 17:13:26 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2011.12.20 17:13:26 | 000,130,240 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2011.12.20 17:13:26 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2011.12.17 11:13:35 | 000,453,560 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2011.12.07 06:38:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.lnk

[2011.12.04 13:36:03 | 569,953,398 | ---- | M] () -- C:\windows\MEMORY.DMP

[2011.12.01 20:26:36 | 000,717,397 | ---- | M] () -- C:\Users\UserXY\Desktop\dsa btsm t2.pdf

[2011.12.01 15:58:44 | 000,696,305 | ---- | M] () -- C:\Users\UserXY\Desktop\DSA_Prüfblock(1).pdf

[2011.12.01 06:46:02 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt

[2011.11.30 15:05:15 | 020,279,163 | ---- | M] () -- C:\Users\UserXY\Desktop\Fragenkatalog.rar

[2011.11.28 20:52:15 | 000,001,443 | ---- | M] () -- C:\Users\UserXY\Desktop\Notenberechung UL2.lnk

[2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe

[2011.11.28 16:04:22 | 000,012,956 | ---- | M] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 2.odt

[2011.11.25 11:43:09 | 000,013,363 | ---- | M] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 1.odt

[1 C:\windows\SysWow64\*.tmp files -> C:\windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2011.12.21 22:47:53 | 000,001,056 | ---- | C] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk

[2011.12.21 18:51:31 | 000,002,030 | ---- | C] () -- C:\Users\Public\Desktop\Avira AntiVir Control Center.lnk

[2011.12.07 06:38:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.lnk

[2011.12.05 16:06:29 | 867,147,252 | ---- | C] () -- C:\Users\UserXY\Desktop\Full Metal Jacket.avi

[2011.12.02 20:15:27 | 000,012,800 | ---- | C] () -- C:\Users\UserXY\Desktop\Betreuung Jolanta Laschewski.odt

[2011.12.01 17:05:52 | 000,717,397 | ---- | C] () -- C:\Users\UserXY\Desktop\dsa btsm t2.pdf

[2011.12.01 16:00:50 | 000,696,305 | ---- | C] () -- C:\Users\UserXY\Desktop\DSA_Prüfblock(1).pdf

[2011.11.30 15:05:08 | 020,279,163 | ---- | C] () -- C:\Users\UserXY\Desktop\Fragenkatalog.rar

[2011.11.28 20:52:15 | 000,001,443 | ---- | C] () -- C:\Users\UserXY\Desktop\Notenberechung UL2.lnk

[2011.11.28 16:03:33 | 000,012,956 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 2.odt

[2011.11.25 08:50:17 | 000,013,363 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\Leistungsabzeichen BtsmLhrg2 - 1.odt

[2011.11.25 08:43:29 | 000,015,769 | ---- | C] () -- C:\Users\UserXY\Desktop\Gesuch Offzlaufbahn.odt

[2011.10.06 19:30:32 | 000,004,608 | ---- | C] () -- C:\Users\UserXY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.07.02 19:42:26 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011.07.01 08:06:48 | 001,526,948 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011.05.21 16:46:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.05.21 09:33:59 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml

[2011.05.10 13:09:25 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll

[2011.05.10 12:54:12 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll

[2011.05.10 12:54:12 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll

[2011.05.10 12:54:05 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll

[2011.05.10 12:36:01 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

[2010.08.09 09:28:09 | 000,002,857 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

[2010.07.06 02:54:55 | 000,001,341 | ---- | C] () -- C:\windows\vm332Rmv.ini

[2009.07.14 06:38:36 | 000,067,584 | ---- | C] () -- C:\windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin

[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin

[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin

[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\windows\SysWow64\physxcudart_20.dll

[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelFrench.dll

[2008.06.23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

[2008.05.23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml

[2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys
 

< End of report >

Extra.txt

Code:

OTL Extras logfile created on: 23.12.2011 18:55:21 - Run 2

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\Björn\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,93 Gb Total Physical Memory | 1,39 Gb Available Physical Memory | 35,21% Memory free

7,87 Gb Paging File | 4,89 Gb Available in Paging File | 62,13% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 420,33 Gb Total Space | 172,72 Gb Free Space | 41,09% Space Free | Partition Type: NTFS

Drive D: | 30,48 Gb Total Space | 28,23 Gb Free Space | 92,62% Space Free | Partition Type: NTFS

 

Computer Name: PC-Name | User Name: Björn | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 1

 
 ========== Authorized Applications List ==========

 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{2C88B925-0033-2866-2091-60FBA46FCE2F}" = ATI Catalyst Install Manager

"{39BED0C8-6EC1-EE1E-E6B3-DF98B47C8F34}" = ccc-utility64

"{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = Lenovo Bluetooth with Enhanced Data Rate Software

"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{CF29845C-705E-4450-A3FF-1D4754455AB9}" = Hybrid TV

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"0A4175B489A1B4A6E07E11B063A6263480C51D71" = Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)

"3BA80AB4C7E9F8497C115C844953A3D4BEB84D21" = Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)

"BC15EA930074932BB2C4B4493C9FD4EA95087D1A" = Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)

"DF9F23E360B18E10871A49C3BC1AEDA269B8E0E2" = Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA  (07/16/2009 6.14.10.373)

"DFEA59689C004DFD0378309F3A583EA32D78A1B3" = Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416)

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinRAR archiver" = WinRAR 4.01 (64-Bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0180EA2E-5C9D-FBDD-547E-07CE7479AA7D}" = CCC Help Thai

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{0513EE35-E0FB-4166-B663-BD1AE3A803DE}" = Anno 1404

"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CE226F3-EB27-4ECD-BBF5-F088716779FD}" = Energy Management

"{0F744AF2-FF1B-C6A5-832D-C3FF984EAA48}" = CCC Help Greek

"{17542DBF-E17C-4562-BC4D-FA3EF3076C45}" = Lenovo ReadyComm 5

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX

"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1F822778-E050-51A9-02E6-848347F4A7C8}" = CCC Help English

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{20426F3A-85B2-4955-D76B-D81EBE92AA92}" = Catalyst Control Center Localization All

"{2099FED4-7E46-9048-DBE2-EBAAE86B46C0}" = CCC Help Turkish

"{23A8CBF1-BB33-1F65-6444-7BC38A25B2D2}" = ccc-core-static

"{25AC9DDB-6EEF-82FB-237D-7F47E3A32894}" = CCC Help Italian

"{26604C7E-A313-4D12-867F-7C6E7820BE4C}" = JMicron Flash Media Controller Driver

"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 26

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"{29E62586-8B65-B6EC-E2EF-42CBFD52D4DD}" = CCC Help Danish

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2D805381-CFD3-FEE4-D0ED-03A7763226E7}" = CCC Help Korean

"{33262E08-96D8-8ADC-5F0B-893DE5FA5B72}" = CCC Help Spanish

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{37C1B7DA-C81B-D088-AAF1-A2D7CF0126DC}" = Catalyst Control Center InstallProxy

"{39E4B5E9-74D2-A4DF-1647-36C972EE7F64}" = CCC Help French

"{3D84CAA7-76E9-44D1-4C55-FDC72F25EFAC}" = CCC Help Swedish

"{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}" = ANNO 1404

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1" = S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go

"{415030B8-3E8B-462A-8C03-41D95AA3AB3B}" = Medal of Honor (TM)

"{420D0798-DE9C-7A70-CD13-ABDDD41DB69A}" = CCC Help German

"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3

"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI

"{5657E1BE-3E82-298B-8C2C-48878A01D47B}" = CCC Help Dutch

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5885739F-97FF-4907-AC74-065515FFAFF0}" = Catalyst Control Center - Branding

"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{73FB1408-630F-94FF-0B33-3CE203A0012E}" = CCC Help Chinese Traditional

"{750DB974-A6E3-2A08-57BC-4B67DC0BEF00}" = CCC Help Portuguese

"{7578ADEA-D65F-4C89-A249-B1C88B6FFC20}" = ICQ7.5

"{759C9701-3966-2AF8-6366-088D91EAC342}" = CCC Help Russian

"{76C66170-C538-4E77-B54D-48E136B5B533}" = Lenovo ReadyComm 5.0 Service

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{77C4850C-3592-4A2F-B652-ACB77A1EF77C}" = Bing Bar Platform

"{7D3DEF5C-ADAF-EE77-0FBD-339A31C9B73D}" = CCC Help Chinese Standard

"{7E84FAC8-C518-40F9-9807-7455301D6D25}" = SamsungConnectivityCableDriver

"{8029B4A6-9C8A-6D6C-9C77-C5AAEFBED72F}" = CCC Help Hungarian

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{8991E763-21F5-4DEA-A938-5D9D77DCB488}" = Broadcom 802.11 Wireless Driver

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8C06EE31-AE51-4589-B53F-1406F6BBA229}" = F.E.A.R. Ultimate Shooter Edition - F.E.A.R. 2

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007

"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007

"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007

"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007

"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007

"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007

"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007

"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007

"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{322296D4-1EAE-4030-9FBC-D2787EB25FA2}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)

"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007

"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007

"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{26454C26-D259-4543-AA60-3189E09C5F76}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007

"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007

"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{9BD40163-B95D-4B07-8991-0AB775B6D88B}" = Microsoft Office 2007 Service Pack 2 (SP2)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-00AF-0407-0000-0000000FF1CE}" = Microsoft PowerPoint Viewer

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9A67A910-120B-7D87-5FE7-0CA84FB76C09}" = CCC Help Polish

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A07B2C21-863B-47AB-AE7E-20BB00BD7D33}" = ANNO 1404 - Venedig

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AC599724-5755-48C1-ABE7-ABB857652930}" = PC Connectivity Solution

"{AC76BA86-7AD7-1031-7B44-A92000000001}" = Adobe Reader 9.2 - Deutsch

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0333}" = Lenovo EasyCamera

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"{B249E44B-8F72-E14D-6560-40E070C1C70E}" = CCC Help Czech

"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CC9779B1-1A22-5400-B919-7A518F882038}" = CCC Help Japanese

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater

"{D7C51D0A-9E0F-4B95-3F57-ECEFEBE14E3B}" = CCC Help Norwegian

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DEC7AA43-D354-8FD8-5336-69CD4C1E4A06}" = Catalyst Control Center Graphics Previews Vista

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA1FB2F3-93C4-9CB7-C3D3-CF82228FE259}" = CCC Help Finnish

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin

"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus

"Azureus" = Azureus

"Clean Virus MSN_is1" = Clean Virus MSN

"Counter-Strike 1.6" = Counter-Strike 1.6

"DAEMON Tools Lite" = DAEMON Tools Lite

"ENTERPRISE" = Microsoft Office Enterprise 2007

"Ferret Gaming Mouse" = Ferret Gaming Mouse driver

"FileZilla" = FileZilla (remove only)

"Free YouTube Download_is1" = Free YouTube Download version 3.0.13.815

"Google Chrome" = Google Chrome

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{2955FADE-ADED-44AD-A853-D1EAEA7ACAD5}" = Lenovo MuteSync

"InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}" = Lenovo OneKey Recovery

"InstallShield_{B2164CCB-C002-4B80-8550-7535D80DF237}" = Lenovo DirectShare

"InstallShield_{D4B060B9-AD4A-4152-9D99-28B93C615AFE}" = Onekey Theater

"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio

"IrfanView" = IrfanView (remove only)

"Lenovo Games Console" = Lenovo Games Console

"Lenovo SlideNav2" = Lenovo SlideNav

"Lenovo SplitScreen" = Lenovo SplitScreen

"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware Version 1.51.2.1300

"Mobile Partner" = Mobile Partner

"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)

"Pidgin" = Pidgin

"PokerStars" = PokerStars

"PokerStars.net" = PokerStars.net

"PriceGong" = PriceGong 2.5.1

"VeriFace" = VeriFace

"VLC media player" = VLC media player 1.1.10

"WinLiveSuite" = Windows Live Essentials

 
 ========== Last 10 Event Log Errors ==========

 

[ Application Events ]

Error - 16.12.2011 13:04:22 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = GetLoggedOnUser

 

Error - 16.12.2011 13:04:24 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = GetLoggedOnUser

 

Error - 16.12.2011 13:04:30 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = GetLoggedOnUser

 

Error - 17.12.2011 06:09:48 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = GetLoggedOnUser

 

Error - 17.12.2011 06:09:51 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = GetLoggedOnUser

 

Error - 17.12.2011 06:09:53 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = GetLoggedOnUser

 

Error - 17.12.2011 06:13:54 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = conflictManagerTypeValue

 

Error - 17.12.2011 07:14:44 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = GetLoggedOnUser

 

Error - 17.12.2011 08:03:57 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = conflictManagerTypeValue

 

Error - 17.12.2011 15:20:45 | Computer Name = PC-Name | Source = VMCService | ID = 0

Description = conflictManagerTypeValue

 

[ Media Center Events ]

Error - 11.12.2011 01:53:11 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 06:53:11 - Fehler beim Herstellen der Internetverbindung.  06:53:11 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 11.12.2011 01:53:24 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 06:53:17 - Fehler beim Herstellen der Internetverbindung.  06:53:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 15.12.2011 12:42:14 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 17:42:13 - Fehler beim Herstellen der Internetverbindung.  17:42:14 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 15.12.2011 12:42:38 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 17:42:19 - Fehler beim Herstellen der Internetverbindung.  17:42:19 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 17.12.2011 08:06:31 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 13:06:31 - Fehler beim Herstellen der Internetverbindung.  13:06:31 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 17.12.2011 08:07:09 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 13:06:40 - Fehler beim Herstellen der Internetverbindung.  13:06:40 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.12.2011 01:03:40 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 06:03:40 - Fehler beim Herstellen der Internetverbindung.  06:03:40 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.12.2011 01:04:01 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 06:03:45 - Fehler beim Herstellen der Internetverbindung.  06:03:45 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 21.12.2011 17:20:35 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 22:20:35 - Fehler beim Herstellen der Internetverbindung.  22:20:35 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 21.12.2011 17:21:34 | Computer Name = PC-Name | Source = MCUpdate | ID = 0

Description = 22:20:41 - Fehler beim Herstellen der Internetverbindung.  22:20:41 

-     Serververbindung konnte nicht hergestellt werden..  

 

[ OSession Events ]

Error - 31.10.2011 13:32:20 | Computer Name = PC-Name | Source = Microsoft Office 12 Sessions | ID = 7001

Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application 

Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session 

lasted 38985 seconds with 3900 seconds of active time.  This session ended with 

a crash.

 

[ System Events ]

Error - 11.09.2011 03:48:20 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:48:27 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:48:33 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:48:39 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:48:45 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:48:53 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:48:59 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:49:05 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:49:11 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

Error - 11.09.2011 03:49:18 | Computer Name = PC-Name | Source = cdrom | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\CdRom0.

 

 

< End of report >

CCCleaner

Code:

Adobe Flash Player 10 Plugin        Adobe Systems Incorporated        26.07.2011        6,00MB        10.3.181.34

Adobe Reader 9.2 - Deutsch        Adobe Systems Incorporated        24.05.2011        239MB        9.2.0

ANNO 1404        Ubisoft        19.10.2011                1.02.0000

ANNO 1404 - Venedig        Ubisoft        19.10.2011                2.0.5008.0

ATI Catalyst Install Manager        ATI Technologies, Inc.        09.05.2011        22,3MB        3.0.782.0

Avira AntiVir Personal - Free Antivirus        Avira GmbH        20.12.2011                

Bing Bar        Microsoft Corporation        09.05.2011                6.0.2282.0

Broadcom 802.11 Wireless Driver                09.05.2011                1.0.0.0

Broadcom Gigabit NetLink Controller        Broadcom Corporation        09.05.2011        0,36MB        12.52.01

CCleaner        Piriform        22.12.2011                3.14

Counter-Strike 1.6                21.09.2011                

CyberLink YouCam        CyberLink Corp.        09.05.2011        134,0MB        3.0.2603

DAEMON Tools Lite        DT Soft Ltd        19.11.2011                4.45.1.0236

Energy Management        Lenovo        09.05.2011                5.4.1.6

F.E.A.R. Ultimate Shooter Edition - F.E.A.R. 2        WB Games        27.05.2011                1.00.0000

Ferret Gaming Mouse driver                28.05.2011                

FileZilla (remove only)                21.05.2011                

Google Chrome        Google Inc.        02.12.2011                16.0.912.63

Google Earth        Google        02.12.2011        92,7MB        6.1.0.5001

Hybrid TV        Lenovo        20.08.2011        9,82MB        6.14.10373

ICQ7.5        ICQ        19.05.2011                7.5

Intel(R) Control Center        Intel Corporation        10.05.2011                1.2.1.1007

Intel(R) Management Engine Components        Intel Corporation        10.05.2011                6.0.0.1179

Intel(R) Rapid Storage Technology        Intel Corporation        10.05.2011                9.6.0.1014

IrfanView (remove only)        Irfan Skiljan        08.11.2011        1,50MB        4.30

Java(TM) 6 Update 26        Oracle        20.05.2011        97,1MB        6.0.260

JMicron Flash Media Controller Driver        JMicron Technology Corp.        09.05.2011                1.0.41.2

Lenovo Bluetooth with Enhanced Data Rate Software        Broadcom Corporation        09.05.2011        144,4MB        6.2.1.1200

Lenovo DirectShare        ArcSoft        09.05.2011        37,9MB        1.0.1.38

Lenovo EasyCamera        Lenovo EasyCamera        09.05.2011                1.10.0510.01

Lenovo Games Console        Oberon Media Inc.        09.05.2011                0.38.389.2

Lenovo MuteSync        Lenovo        09.05.2011        0,38MB        1.0.0.2

Lenovo OneKey Recovery        CyberLink Corp.        09.05.2011                7.0.1230

Lenovo ReadyComm 5        Lenovo        09.05.2011                5.1.1.22

Lenovo SlideNav        Lenovo        09.05.2011                2.0.1230.0003

Lenovo SplitScreen        Lenovo        09.05.2011                1.00.1823.0001

Malwarebytes' Anti-Malware Version 1.51.2.1300        Malwarebytes Corporation        22.12.2011        13,8MB        1.51.2.1300

Medal of Honor (TM)        Electronic Arts        06.06.2011        7.549MB        1.0.0.0

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        21.05.2011        38,8MB        4.0.30319

Microsoft Office Enterprise 2007        Microsoft Corporation        22.10.2011                12.0.6425.1000

Microsoft Office File Validation Add-In        Microsoft Corporation        16.11.2011        7,95MB        14.0.5130.5003

Microsoft PowerPoint Viewer        Microsoft Corporation        15.12.2011        196,0MB        14.0.6029.1000

Microsoft Silverlight        Microsoft Corporation        13.10.2011        79,7MB        4.0.60831.0

Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        09.05.2011        1,70MB        3.1.0000

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053        Microsoft Corporation        20.05.2011        0,25MB        8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        20.05.2011        0,25MB        8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        18.06.2011        0,29MB        8.0.61001

Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        09.05.2011        0,69MB        8.0.61000

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        09.05.2011        0,77MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        18.06.2011        0,77MB        9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        06.06.2011        0,24MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        20.12.2011        0,22MB        9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        19.05.2011        0,58MB        9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        18.06.2011        0,59MB        9.0.30729.6161

Mobile Partner        Huawei Technologies Co.,Ltd        03.10.2011                16.002.03.02.705

Mozilla Firefox 8.0 (x86 de)        Mozilla        09.11.2011        36,0MB        8.0

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        10.09.2011        1,28MB        4.20.9870.0

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        10.09.2011        1,33MB        4.20.9876.0

NVIDIA PhysX        NVIDIA Corporation        06.06.2011        119,9MB        9.09.0203

OneKey Recovery        CyberLink Corp.        10.05.2011                7.0.1230

Onekey Theater        Lenovo        09.05.2011        1,63MB        2.0.2.6

OpenOffice.org 3.3        OpenOffice.org        20.05.2011        415MB        3.3.9567

PC Connectivity Solution        Nokia        08.09.2011        15,0MB        8.15.0.0

Pidgin                23.05.2011                2.7.11

PlayReady PC Runtime amd64        Microsoft Corporation        20.05.2011        2,06MB        1.3.0

PokerStars        PokerStars        06.12.2011                

PokerStars.net        PokerStars.net        06.12.2011                

Power2Go        CyberLink Corp.        09.05.2011                5.6.0.4809d4

PriceGong 2.5.1        PriceGong        08.11.2011                2.5.1

Realtek HDMI Audio Driver for ATI        Realtek Semiconductor Corp.        09.05.2011                6.0.1.6121

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        09.05.2011                6.0.1.6278

S.T.A.L.K.E.R. - Call Of Pripyat [v1.6.01]        bitComposer Games        24.05.2011                1.6.01

Samsung Mobile phone USB driver Drive Software                08.09.2011                

Samsung New PC Studio        Samsung Electronics Co., Ltd.        08.09.2011        297MB        1.00.0000

SAMSUNG USB Driver for Mobile Phones        SAMSUNG Electronics Co., Ltd.        08.09.2011        35,5MB        1.3.650.0

SamsungConnectivityCableDriver        Samsung        08.09.2011        0,72MB        6.83.6.2.1

Skype Toolbars        Skype Technologies S.A.        20.05.2011        6,95MB        5.3.7280

Skype™ 5.3        Skype Technologies S.A.        20.05.2011        22,6MB        5.3.111

Spybot - Search & Destroy        Safer Networking Limited        20.12.2011                1.6.2

Synaptics Pointing Device Driver        Synaptics Incorporated        09.05.2011        46,4MB        15.0.19.1

VeriFace        Lenovo        09.05.2011                3.6.0.1211

VLC media player 1.1.10        VideoLAN        18.06.2011                1.1.10

Vodafone Mobile Connect Lite        Vodafone        03.10.2011        23,7MB        9.3.3.10523

Windows Driver Package - Broadcom Bluetooth  (01/06/2010 6.2.0.9416)        Broadcom        09.05.2011                01/06/2010 6.2.0.9416

Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)        Broadcom        09.05.2011                07/28/2009 6.2.0.9800

Windows Driver Package - YUAN High-Tech Development Co., Ltd (ATIAVPCI) MEDIA  (07/16/2009 6.14.10.373)        YUAN High-Tech Development Co., Ltd        09.05.2011                07/16/2009 6.14.10.373

Windows Live Essentials        Microsoft Corporation        19.10.2011                15.4.3538.0513

Windows Live Mesh ActiveX Control for Remote Connections        Microsoft Corporation        09.05.2011        5,57MB        15.4.5722.2

Windows Live Mesh ActiveX control for remote connections        Microsoft Corporation        09.05.2011        5,58MB        15.4.5722.2

Windows-Treiberpaket - Lenovo (ACPIVPC) System  (10/19/2009 5.4.0.1)        Lenovo        09.05.2011                10/19/2009 5.4.0.1

Windows-Treiberpaket - Nokia pccsmcfd  (10/12/2007 6.85.4.0)        Nokia        08.09.2011                10/12/2007 6.85.4.0

WinRAR 4.01 (64-Bit)        win.rar GmbH        10.09.2011                4.01.0

Zitat:

Zitat von Ch4uv1e (Beitrag 740217)

Das eine oder andere Programm habe ich schon probiert..

Zitat:

Spybot

- würde ich nicht mehr empfehlen, da erfüllt nicht die neue Schutzanforderungen und Lösungen Schutz vor Malware bzw gegenüber ganz neuen Herausforderungen arbeitet nicht zufriedenstellend
meiner Meinung nach bietet nicht mehr ausreichenden Schutz gegen "moderne Malwarearten"...
► Falls Du doch es behalten möchtest:
Stelle bitte den TeaTimer ab:
Gehe bei Spybot-S&D in den Erweiterten Modus und wähle dort Werkzeuge -> Resident.
Deaktiviere hier den "Resident TeaTimer aktiv".
(Tea Timer versucht positive änderungen auch zu blockieren) - soll für immer deaktiviert bleiben!

2.
Deine Javaversion ist nicht aktuell!
→ Downloade nun die Offline-Version von Java Version 6 Update 30 von Oracle herunter
Achte darauf, eventuell angebotene Toolbars abwählen (den Haken bei der Toolbar entfernen)!

3.
Adobe Reader aktualisieren :
- Bei Installation aufpassen/mitlesen!: Wenn irgendeine Software, Toolbar etc angeboten wird, bitte abwählen! - (z.B "McAfee Security Scan Plus")
Adobe Reader
Oder: Adobe starten-> gehe auf "Hilfe"-> "Nach Update suchen..."

4.
reinige dein System mit CCleaner:

"Cleaner"→ "Analysieren"→ Klick auf den Button "Start CCleaner"
"Registry""Fehler suchen"→ "Fehler beheben"→ "Alle beheben"
Starte dein System neu auf

Zitat:

Achtung wichtig!:
Falls Du selber im Logfile Änderungen vorgenommen hast, musst Du durch die Originalbezeichnung ersetzen und so in Script einfügen! sonst funktioniert nicht!
(Benutzerordner, dein Name oder sonstige Änderungen durch X, Stern oder andere Namen ersetzt)

Fixen mit OTL

Starte die OTL.exe.
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Kopiere folgendes Skript:

Code:

:OTL

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.lenovo.com/ [binary data]

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://lenovo.msn.com

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://de-de.facebook.com/

FF - prefs.js..keyword.URL: "http://search.sweetim.com/search.asp?src=2&q="

FF - prefs.js..sweetim.toolbar.previous.keyword.URL: ""

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

[2011.10.02 10:08:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.10.02 10:08:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

O2 - BHO: (Shopping Assistant Plugin) - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll (PriceGong)

O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (@C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll (Microsoft Corporation)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\Shell\AutoRun\command - "" = H:\AutoRun.exe

O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\Shell\AutoRun\command - "" = G:\AutoRun.exe

O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell - "" = AutoRun

O33 - MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = H:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell - "" = AutoRun

O33 - MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell - "" = AutoRun

O33 - MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\Shell\AutoRun\command - "" = E:\AutoRun.exe

O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell - "" = AutoRun

O33 - MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\Shell\AutoRun\command - "" = H:\LaunchU3.exe -a

O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell - "" = AutoRun

O33 - MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\E\Shell - "" = AutoRun

O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\G\Shell - "" = AutoRun

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
 

:Commands

[purity]

[emptytemp]

und füge es hier ein: http://image.hijackthis.eu/upload/hjt1-021.jpg
Schließe alle Programme.
Klicke auf den Fix Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
OTL verlangt einen Neustart. Bitte zulassen.
Nach dem Neustart findest Du ein Textdokument.
Kopiere den Inhalt hier in Deinen Thread.

lade Dir SUPERAntiSpyware FREE Edition herunter.
installiere das Programm und update online.
starte SUPERAntiSpyware und klicke auf "Ihren Computer durchsuchen"
setze ein Häkchen bei "Kompletter Scan" und klicke auf "Weiter"
anschließend alle gefundenen Schadprogramme werden aufgelistet, bei alle Funde Häkchen setzen und mit "OK" bestätigen
auf "Weiter" klicken dann "OK" und auf "Fertig stellen"
um die Ergebnisse anzuzeigen: auf "Präferenzen" dann auf den "Statistiken und Protokolle" klicken
drücke auf "Protokoll anzeigen" - anschließend diesen Bericht bitte speichern und hier posten

7.
Auch auf USB-Sticks, selbstgebrannten Datenträgern, externen Festplatten und anderen Datenträgern können Viren transportiert werden. Man muss daher durch regelmäßige Prüfungen auf Schäden, die durch Malware ("Worm.Win32.Autorun") verursacht worden sein können, überwacht werden. Hierfür sind ser gut geegnet und empfohlen, die auf dem Speichermedium gesicherten Daten, mit Hilfe des kostenlosen Online Scanners zu prüfen.
Schließe jetzt alle externe Datenträgeran (USB Sticks etc) Deinen Rechner an, dabei die Hochstell-Taste [Shift-Taste] gedrückt halten, damit die Autorun-Funktion nicht ausgeführt wird. (So verhindest Du die Ausführung der AUTORUN-Funktion) - Man kann die AUTORUN-Funktion aber auch generell abschalten.►Anleitung

8.
-> Führe dann einen Komplett-Systemcheck mit Eset Online Scanner (NOD32)Kostenlose Online Scanner durch
Achtung!: >>Du sollst nicht die Antivirus-Sicherheitssoftware installieren, sondern dein System nur online scannen<<

9.
erneut einen Scan mit OTL:

Doppelklick auf die OTL.exe
Vista und Windows 7 User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen.
Oben findest Du ein Kästchen mit Ausgabe.
Wähle bitte Standard-Ausgabe
Unter Extra-Registrierung wähle bitte Benutze SafeList.
Mache Häckchen bei LOP- und Purity-Prüfung.
Klicke nun auf Scan links oben.
Wenn der Scan beendet wurde werden zwei Logfiles erstellt.
Du findest die Logfiles auf Deinem Desktop => OTL.txt und Extras.txt
Poste die Logfiles in Code-Tags hier in den Thread.

10.
MBR mit aswMBR von Avast prüfen

Lade aswMBR.exe von Avast herunter und speichere das Tool auf deinem Desktop (nicht woanders hin).
XP Benutzer: Doppelklick auf die aswMBR.exe, um das Tool zu starten.
Vista und Windows 7 Benutzer: Rechtsklick auf die aswMBR.exe und Als Administrator starten wählen.
Es wird sich ein Eingabe-Fenster mit einigen Angaben öffnen.

Klicke Scan, um den Suchlauf zu starten.

Wenn der Scan beendet ist, was mit Scan finished sucessfull! gemeldet wird, klicke Save log, um das Logfile zu speichern.
Poste mir den Inhalt von aswASW.log vom Desktop hier in den Thread.

► berichte erneut über den Zustand des Computers. Ob noch Probleme auftreten, wenn ja, welche?

Hier die txt nach dem fixen!

Vielen Dank schon mal und frohe Weihnachten ;)

Code:

All processes killed

========== OTL ==========

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Secondary Start Pages| /E : value set successfully!

HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!

Prefs.js: "hxxp://search.sweetim.com/search.asp?src=2&q=" removed from keyword.URL

Prefs.js: "" removed from sweetim.toolbar.previous.keyword.URL

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ not found.

File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ not found.

File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.

File C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml not found.

File C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml not found.

File C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found.

File C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1631550F-191D-4826-B069-D9439253D926}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1631550F-191D-4826-B069-D9439253D926}\ not found.

File C:\Program Files (x86)\PriceGong\2.5.1\PriceGongIE.dll not found.

Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}\ not found.

File C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found.

64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f}\ not found.

File C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll not found.

Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked not found.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9852d6-ee8d-11e0-8080-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985343-ee8d-11e0-8080-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d985358-ee8d-11e0-8080-60eb69d0933c}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d98536c-ee8d-11e0-8080-60eb69d0933c}\ not found.

File G:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853ab-ee8d-11e0-8080-60eb69d0933c}\ not found.

File G:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853b7-ee8d-11e0-8080-60eb69d0933c}\ not found.

File G:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c3-ee8d-11e0-8080-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1d9853c8-ee8d-11e0-8080-60eb69d0933c}\ not found.

File H:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2834ba17-f555-11e0-8e27-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d3f-83bf-11e0-b499-ec55f9df0176}\ not found.

File G:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3e1e4d57-83bf-11e0-b499-ec55f9df0176}\ not found.

File H:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4099789e-837e-11e0-8bd4-ec55f9df0176}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{409978a3-837e-11e0-8bd4-ec55f9df0176}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{483cf6f6-890a-11e0-8fce-ec55f9df0176}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fa-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e5703fc-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6e570484-ecd5-11e0-b1c9-60eb69d0933c}\ not found.

File G:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c743a-eeae-11e0-9b3a-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7446-eeae-11e0-9b3a-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7452-eeae-11e0-9b3a-60eb69d0933c}\ not found.

File G:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{793c7468-eeae-11e0-9b3a-001e101f1f81}\ not found.

File G:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40da-ee9b-11e0-95a0-001e101f1838}\ not found.

File H:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40de-ee9b-11e0-95a0-001e101f1838}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40e6-ee9b-11e0-95a0-001e101f1838}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40ea-ee9b-11e0-95a0-001e101f1838}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f5-ee9b-11e0-95a0-001e101f1838}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa40f9-ee9b-11e0-95a0-001e101f1838}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99aa4110-ee9b-11e0-95a0-001e101f1838}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9dd1837c-8ada-11e0-8a53-60eb69d0933c}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c635f5-1ec4-11e1-b182-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{c6c63601-1ec4-11e1-b182-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{db14a23b-896a-11e0-a30f-ec55f9df0176}\ not found.

File E:\AutoRun.exe not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{dc04f61b-c128-11e0-8878-001e101fe70e}\ not found.

File H:\LaunchU3.exe -a not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746129-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f474612e-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

File G:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746131-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4746137-ee8a-11e0-a3f6-60eb69d0933c}\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.

File E:\setup_vmc_lite.exe /checkApplicationPresence not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.

File G:\AutoRun.exe not found.

========== COMMANDS ==========

 

[EMPTYTEMP]

 

User: All Users

 

User: XYUser

->Temp folder emptied: 0 bytes

->Java cache emptied: 0 bytes

->FireFox cache emptied: 0 bytes

->Google Chrome cache emptied: 0 bytes

->Flash cache emptied: 0 bytes

 

User: Default

->Temp folder emptied: 0 bytes

 

User: Default User

->Temp folder emptied: 0 bytes

 

User: Mcx1-XYUser-PC

->Temp folder emptied: 0 bytes

 

User: Public

 

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 0 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 0 bytes

RecycleBin emptied: 0 bytes

 

Total Files Cleaned = 0,00 mb

 

 

OTL by OldTimer - Version 3.2.31.0 log created on 12252011_123429
 

Files\Folders moved on Reboot...

File\Folder C:\Users\XYUser\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
 

Registry entries deleted on Reboot...

Code:

SUPERAntiSpyware Scan Log

hxxp://www.superantispyware.com
 

Generated 12/25/2011 at 03:09 PM
 

Application Version : 5.0.1142
 

Core Rules Database Version : 8087

Trace Rules Database Version: 5899
 

Scan type       : Complete Scan

Total Scan Time : 01:38:38
 

Operating System Information

Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)

UAC On - Limited User
 

Memory items scanned      : 738

Memory threats detected   : 0

Registry items scanned    : 72838

Registry threats detected : 0

File items scanned        : 122959

File threats detected     : 53
 

Adware.Tracking Cookie

        www.googleadservices.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        www.etracker.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        eas.apm.emediate.eu [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.yieldmanager.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adxvalue.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adxvalue.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adtech.de [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .bs.serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad.zanox.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy12 [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy12 [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy12 [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        wwwxyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .sexad.net [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ads.crakmedia.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        xyxyxy[ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .exoclick.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ww251.smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .doubleclick.net [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .zanox.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .smartadserver.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad3.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .apmebf.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .mediaplex.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        ad2.adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .adfarm1.adition.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .serving-sys.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]

        .tracking.quisma.com [ C:\USERS\USERXY\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 

Trojan.Agent/Gen-SoftonicDownloader

        C:\USERS\USERXY\DOWNLOADS\SOFTONICDOWNLOADER_FUER_FREE-YOUTUBE-DOWNLOAD.EXE

kann man die OLT.txt vom 23.12 aus dem Thread löschen? Die brauchen wir ja nicht mehr oder?

rauslöschen kann ich das leider nicht mehr

- hast Du noch nicht alle vorherigen Schritte erledigt!

Schritt 9 OLT.txt

Code:

OTL logfile created on: 26.12.2011 16:07:26 - Run 4

OTL by OldTimer - Version 3.2.31.0     Folder = C:\Users\UserXY\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: xxx| Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,93 Gb Total Physical Memory | 1,67 Gb Available Physical Memory | 42,41% Memory free

7,87 Gb Paging File | 4,97 Gb Available in Paging File | 63,16% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 420,33 Gb Total Space | 198,09 Gb Free Space | 47,13% Space Free | Partition Type: NTFS

Drive D: | 30,48 Gb Total Space | 28,23 Gb Free Space | 92,62% Space Free | Partition Type: NTFS

 

Computer Name: UserXY-PC | User Name: UserXY | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2011.12.21 22:50:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe

PRC - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2011.12.15 14:59:37 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2011.12.07 12:16:29 | 001,047,096 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

PRC - [2011.11.10 10:17:04 | 003,514,176 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

PRC - [2011.08.31 17:00:48 | 000,449,608 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

PRC - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

PRC - [2011.05.10 12:54:22 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

PRC - [2011.05.10 12:54:10 | 003,122,528 | ---- | M] (Lenovo) -- C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe

PRC - [2011.01.17 17:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

PRC - [2011.01.17 17:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

PRC - [2010.07.04 18:13:56 | 000,095,576 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe

PRC - [2010.06.14 08:28:12 | 001,310,720 | ---- | M] () -- C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe

PRC - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe

PRC - [2010.03.03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe

PRC - [2010.02.03 23:48:12 | 000,167,008 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe

PRC - [2010.01.24 11:47:46 | 001,021,888 | ---- | M] (Lenovo) -- C:\Programme\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe

PRC - [2010.01.19 03:44:40 | 000,536,576 | ---- | M] (Vimicro) -- C:\Program Files (x86)\USB Camera2\VM332_STI.EXE

PRC - [2009.11.04 22:45:46 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2009.11.04 22:45:44 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2008.07.04 11:52:18 | 000,014,336 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2011.12.07 12:16:28 | 000,411,192 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppgooglenaclpluginchrome.dll

MOD - [2011.12.07 12:16:27 | 003,767,864 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll

MOD - [2011.12.07 12:14:56 | 000,122,952 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avutil-51.dll

MOD - [2011.12.07 12:14:55 | 000,222,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avformat-53.dll

MOD - [2011.12.07 12:14:53 | 001,746,504 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\avcodec-53.dll

MOD - [2011.12.07 08:22:33 | 008,593,056 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll

MOD - [2011.10.13 01:00:04 | 000,452,608 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\3c8f9ba115087754b5b1d8394fc818ba\IAStorUtil.ni.dll

MOD - [2011.10.13 00:00:46 | 011,819,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\8e7909ef6b5f953d49244c6b9f5f5100\System.Web.ni.dll

MOD - [2011.10.13 00:00:35 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b2622080e047040fa044dd21a04ff10d\System.Runtime.Remoting.ni.dll

MOD - [2011.10.12 23:59:52 | 012,433,408 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6e592e424a204aafeadbe22b6b31b9db\System.Windows.Forms.ni.dll

MOD - [2011.10.12 23:59:43 | 001,587,200 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\3b2cfd85528a27eb71dc41d8067359a1\System.Drawing.ni.dll

MOD - [2011.10.12 23:59:22 | 003,347,968 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\d7a64c28cf0c90e6c48af4f7d6f9ed41\WindowsBase.ni.dll

MOD - [2011.10.12 23:59:12 | 005,453,312 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\130ad4d9719e566ca933ac7158a04203\System.Xml.ni.dll

MOD - [2011.10.12 23:59:06 | 000,971,264 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\2d5bcbeb9475ef62189f605bcca1cec6\System.Configuration.ni.dll

MOD - [2011.10.12 23:59:04 | 007,963,648 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\abab08afa60a6f06bdde0fcc9649c379\System.ni.dll

MOD - [2011.10.12 23:58:54 | 011,490,304 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\a1a82db68b3badc7c27ea1f6579d22c5\mscorlib.ni.dll

MOD - [2011.05.20 23:47:09 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll

MOD - [2011.05.10 19:47:26 | 000,032,768 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll

MOD - [2011.05.10 12:54:22 | 000,100,256 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeySupport.exe

MOD - [2011.05.10 12:54:10 | 000,492,896 | ---- | M] () -- C:\Program Files (x86)\Lenovo\VeriFace\ChooseLang.dll

MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

MOD - [2010.10.18 15:49:24 | 000,133,024 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\WindowsApiHookDll32.dll

MOD - [2010.10.18 15:46:22 | 000,161,696 | ---- | M] () -- C:\Program Files (x86)\Lenovo\Onekey Theater\ActiveDetect32.dll

MOD - [2010.06.14 08:28:12 | 001,310,720 | ---- | M] () -- C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV:64bit: - [2011.08.12 00:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)

SRV:64bit: - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2010.06.29 15:38:34 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)

SRV:64bit: - [2009.12.30 07:27:00 | 000,069,568 | ---- | M] (Lenovo) [Auto | Running] -- C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe -- (Slidebar Notifier Service)

SRV:64bit: - [2009.11.17 16:00:54 | 000,575,304 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe -- (Lenovo ReadyComm ConnSvc)

SRV:64bit: - [2009.08.14 15:22:48 | 000,509,192 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files\Lenovo\ReadyComm\AppSvc.exe -- (Lenovo ReadyComm AppSvc)

SRV - [2011.12.15 14:59:48 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011.12.15 14:59:38 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.08.31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)

SRV - [2010.01.12 17:15:24 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\Lenovo\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2009.11.04 22:45:46 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)

SRV - [2009.11.04 22:45:44 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)

SRV - [2009.07.15 06:27:26 | 000,038,152 | ---- | M] (Lenovo Group Limited) [On_Demand | Stopped] -- C:\Program Files (x86)\Lenovo\ReadyComm\common\IGRS.exe -- (IGRS)

SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\windows\SysWow64\IgrsSvcs.exe -- (ReadyComm.DirectRouter)

SRV - [2009.07.14 02:14:41 | 000,020,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysWow64\IgrsSvcs.exe -- (PS_MDP)

SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.07.04 11:52:18 | 000,014,336 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)

SRV - [2008.04.07 08:17:30 | 000,430,592 | ---- | M] (Nokia.) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011.12.15 14:59:59 | 000,130,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)

DRV:64bit: - [2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2011.11.21 16:31:15 | 000,279,616 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2011.08.31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2011.05.24 17:15:43 | 000,314,016 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)

DRV:64bit: - [2011.05.24 17:15:43 | 000,043,680 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)

DRV:64bit: - [2011.04.18 14:43:26 | 000,085,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)

DRV:64bit: - [2011.04.18 14:43:22 | 000,117,248 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys -- (ew_hwusbdev)

DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.20 10:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2010.06.29 16:09:58 | 007,195,648 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)

DRV:64bit: - [2010.06.29 14:48:34 | 000,265,728 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)

DRV:64bit: - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)

DRV:64bit: - [2010.06.02 07:35:42 | 000,229,456 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vm332avs.sys -- (vm332avs)

DRV:64bit: - [2010.05.24 13:07:58 | 000,253,728 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)

DRV:64bit: - [2010.05.11 18:06:18 | 000,246,224 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)

DRV:64bit: - [2010.05.11 18:06:18 | 000,117,504 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)

DRV:64bit: - [2010.05.11 18:06:18 | 000,114,304 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)

DRV:64bit: - [2010.05.03 12:19:40 | 000,317,488 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2010.04.27 03:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)

DRV:64bit: - [2010.04.27 03:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus) SAMSUNG USB Mobile Device (WDM)

DRV:64bit: - [2010.04.27 03:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl) SAMSUNG USB Mobile Modem (Filter)

DRV:64bit: - [2010.03.26 08:03:20 | 000,160,880 | ---- | M] (JMicron Technology Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\jmcr.sys -- (JMCR)

DRV:64bit: - [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010.02.02 16:52:02 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)

DRV:64bit: - [2010.01.15 19:08:34 | 000,039,008 | ---- | M] (Lenovo.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\LhdX64.sys -- (LHDmgr)

DRV:64bit: - [2010.01.15 01:51:20 | 000,021,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)

DRV:64bit: - [2010.01.15 01:51:14 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)

DRV:64bit: - [2010.01.15 01:51:10 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)

DRV:64bit: - [2009.12.14 09:03:50 | 000,053,800 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)

DRV:64bit: - [2009.10.19 01:40:50 | 000,028,176 | ---- | M] (Lenovo Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AcpiVpc.sys -- (ACPIVPC)

DRV:64bit: - [2009.10.16 04:32:24 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) Broadcom NetLink (TM)

DRV:64bit: - [2009.09.17 21:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)

DRV:64bit: - [2009.07.21 15:20:06 | 000,121,840 | ---- | M] (CyberLink) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wsvd.sys -- (wsvd)

DRV:64bit: - [2009.07.16 18:31:24 | 001,383,680 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atinavrr.sys -- (ATIAVPCI)

DRV:64bit: - [2009.07.16 12:55:34 | 000,011,280 | ---- | M] (Lenovo) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDMirror.sys -- (wdmirror)

DRV:64bit: - [2009.07.16 04:38:20 | 000,079,376 | ---- | M] (Lenovo) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WDBridge.sys -- (Bridge0)

DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 21:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009.06.10 21:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)

DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.04.07 07:33:08 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)

DRV:64bit: - [2008.08.06 13:32:16 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV:64bit: - [2007.09.17 14:53:34 | 000,029,184 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)

DRV - [2011.07.22 17:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)

DRV - [2011.07.12 22:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)

DRV - [2010.06.14 08:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)

DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = 

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "hxxp://www.einsatz.bundeswehr.de/portal/a/einsatzbw/kcxml/04_Sj9SPykssy0xPLMnMz0vM0Y_QjzKLN_SJdw0xB8lB2EGu-pFw0aCUVH1fj_zcVH1v_QD9gtyIckdHRUUAFEVdhA!!/delta/base64xml/L3dJdyEvd0ZNQUFzQUMvNElVRS82XzFMX0VTMQ!!"

FF - prefs.js..network.proxy.type: 0

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=5.0: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\msntoolbar@msn.com: C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\Firefox [2011.05.10 13:04:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.05.10 13:04:06 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011.05.10 13:04:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.11.10 18:28:17 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

 

[2011.05.20 22:49:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Extensions

[2011.11.09 22:27:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions

[2011.11.09 22:27:45 | 000,000,000 | ---D | M] (PriceGong) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}

[2011.10.05 21:18:14 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2011.12.21 19:34:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\UserXY\AppData\Roaming\mozilla\Firefox\Profiles\0gjsybmo.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}

[2011.11.10 18:28:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011.05.21 16:44:53 | 000,000,000 | ---D | M] (Skype extension) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

File not found (No name found) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF

File not found (No name found) -- C:\USERS\BJÃ¶RN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{A5475360-A7EA-437B-9A79-29208F476940}.XPI

File not found (No name found) -- C:\USERS\BJÃ¶RN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\0GJSYBMO.DEFAULT\EXTENSIONS\{EEE6C361-6118-11DC-9C72-001320C79847}

[2011.11.10 18:28:16 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.02 10:08:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.10.02 10:08:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.10.02 10:08:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.10.02 10:08:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

 
 ========== Chrome  ==========

 

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\gcswf32.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.63\pdf.dll

CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll

CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll

CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: Default Plug-in (Enabled) = default_plugin

CHR - Extension: PriceGong = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.5.0_0\

CHR - Extension: YouTube = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.2_0\

CHR - Extension: Google-Suche = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.16_0\

CHR - Extension: Google Mail = C:\Users\UserXY\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.4_0\

 

O1 HOSTS File: ([2011.12.26 13:23:54 | 000,000,909 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O4:64bit: - HKLM..\Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe (Lenovo (Beijing) Limited)

O4:64bit: - HKLM..\Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\utility.exe (Lenovo(beijing) Limited)

O4:64bit: - HKLM..\Run: [OnekeyStudio] C:\Program Files (x86)\Lenovo\Onekey Theater\OnekeyStudio.exe (Lenovo)

O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [SynBtnAsst] C:\Program Files\Synaptics\SynTP\SynBtnAsst.exe (Synaptics Incorporated)

O4 - HKLM..\Run: [332BigDog] C:\Program Files (x86)\USB Camera2\VM332_STI.EXE (Vimicro)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [Ferret Gaming Mouse] C:\Program Files (x86)\SPEEDLINK Ferret Gaming Mouse\GMouse.exe ()

O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [Lenovo SlideNav2] C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlideNavVDM.exe (Lenovo)

O4 - HKLM..\Run: [Lenovo SplitScreen] C:\Program Files\Lenovo\Lenovo SplitScreen\SplitScreen\AutoRunSpS.exe (Lenovo)

O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)

O4 - HKLM..\Run: [MuteSync] C:\Program Files (x86)\Lenovo\Lenovo MuteSync\MuteSync.exe (Lenovo)

O4 - HKLM..\Run: [NPSStartup]  File not found

O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)

O4 - HKLM..\Run: [UCam_Menu] c:\Program Files (x86)\Lenovo\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdateP2GShortCut] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [VeriFaceManager] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe (Lenovo)

O4 - HKLM..\Run: [YouCam Mirror Tray icon] c:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe (CyberLink Corp.)

O4 - HKCU..\Run: [AutoStartNPSAgent] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - Startup: C:\Users\UserXY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Free YouTube Download - C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra Button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\Lenovo\Bluetooth Software\btsendto_ie.htm ()

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (Reg Error: Key error.)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = xxx.xxx.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{31151D60-D04C-4C60-AC9C-5CE4955C99C4}: DhcpNameServer = xxx.xxx.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3BA91CBA-DC8C-43FF-9C36-49994A0F6F56}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{82CADA82-B818-4FE4-B28F-3CDA6D559DA7}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B5605E6-C357-478E-9252-0BC3D7DF10CD}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E7276388-C15C-4634-B5AE-C23E6D14E15E}: NameServer = xxx.xxx.244.225 xxx.xxx.244.206

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0EE1716-A8A0-4357-995A-AC2B02165EF4}: DhcpNameServer = xxx.xxx.178.1

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) -C:\windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2011.12.26 13:41:42 | 001,918,464 | ---- | C] (AVAST Software) -- C:\Users\UserXY\Desktop\aswMBR.exe

[2011.12.26 12:24:35 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E29D4E3E-A243-4215-866E-6CA66356AE6F}

[2011.12.26 12:24:25 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EC35307F-EE00-4103-B7A7-B8B3E0B2267E}

[2011.12.26 12:24:15 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D3BCCF37-9EFE-443D-B91E-83A239B11B21}

[2011.12.26 12:23:54 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F653607B-7D90-441E-A442-0742E15454B3}

[2011.12.26 08:59:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe

[2011.12.26 00:23:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{1B418F35-C0CE-4E40-A23F-73F79040B309}

[2011.12.26 00:23:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CA3D505A-7682-4ADF-9AFC-0839445AFAD0}

[2011.12.25 20:20:55 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\Avira

[2011.12.25 20:15:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

[2011.12.25 20:15:18 | 000,130,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys

[2011.12.25 20:15:18 | 000,097,312 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys

[2011.12.25 20:15:18 | 000,027,760 | ---- | C] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys

[2011.12.25 20:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira

[2011.12.25 20:15:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira

[2011.12.25 13:29:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\SUPERAntiSpyware.com

[2011.12.25 13:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

[2011.12.25 13:29:17 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com

[2011.12.25 13:29:17 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware

[2011.12.25 12:32:53 | 000,000,000 | ---D | C] -- C:\_OTL

[2011.12.25 12:22:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0AFDD35E-755A-46AF-967F-3152575906D0}

[2011.12.25 12:21:55 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{505C299C-AE15-4640-9D7C-F3724E1FA8D5}

[2011.12.24 18:12:48 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8E0AB30B-C568-4F79-82DF-4932D0881A54}

[2011.12.24 03:06:02 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{45BBB487-1CB5-488D-9BB5-271B846C8DC7}

[2011.12.23 19:46:18 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner

[2011.12.23 13:05:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Roaming\Malwarebytes

[2011.12.23 13:04:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2011.12.23 13:04:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2011.12.23 13:04:35 | 000,025,416 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys

[2011.12.23 13:04:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2011.12.23 11:17:21 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F0F9E42B-D95B-4E4B-BA4E-4987735B32FE}

[2011.12.22 21:17:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E761172F-4A41-4248-9381-30A816C3EDCF}

[2011.12.22 21:17:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DE4A941F-C868-4DD6-B85A-FD7280DF3FB2}

[2011.12.22 07:10:43 | 000,000,000 | -HSD | C] -- C:\windows\SysNative\%APPDATA%

[2011.12.21 22:54:24 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe

[2011.12.21 22:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clean Virus MSN

[2011.12.21 22:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AxBx

[2011.12.21 20:28:24 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{23820886-A6F5-4B53-B0E6-A283BF248B94}

[2011.12.21 20:28:06 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{58F3DF79-C147-4721-BA61-623A52F6F513}

[2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy

[2011.12.21 19:01:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy

[2011.12.21 07:28:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CEB77FAC-EE8E-4437-A963-E3BEF9002E86}

[2011.12.21 07:28:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBB24A00-D4F9-445E-8071-7C0091E08119}

[2011.12.21 06:34:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5E8DB4A2-19F5-4F3F-BE7F-ECAA46A6BBA3}

[2011.12.20 18:33:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EC66862A-2DF5-490F-9508-5AEEAC431E21}

[2011.12.20 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{697BB127-4524-4453-AB01-275367CA3951}

[2011.12.20 18:33:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{41B42598-67BF-4517-919A-73358311B963}

[2011.12.20 06:32:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{54C49EB5-0534-4A39-8050-23E75C07E051}

[2011.12.20 06:32:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D7CA888B-E28B-4AE2-BFFF-C6B5A8416F25}

[2011.12.20 06:31:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{1D5BE593-FF20-4559-A367-F955538BA7A1}

[2011.12.19 18:31:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C0BB5707-38ED-4C52-84CE-51748F9F25D0}

[2011.12.19 18:30:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4C406F28-C620-407D-9319-A689B740C5E4}

[2011.12.19 18:30:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7817153-F764-4A96-A721-6FADCBEF8169}

[2011.12.19 06:29:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B2131290-3AE3-4142-AFF5-A43F71CC52D9}

[2011.12.19 06:27:38 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F9453BA-8A62-41C1-B88F-81AF254418E7}

[2011.12.18 11:45:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93ABE7DE-35BF-4EF7-9E20-FC1940FB9B24}

[2011.12.18 11:45:32 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3F5C1D84-500F-44DC-AEF1-7B5C26B74827}

[2011.12.18 11:45:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E2CA1C26-4E1A-4E5C-A7CD-352365EC5145}

[2011.12.18 11:44:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{807A31A5-76AB-4F78-A333-3367D7D5021D}

[2011.12.17 23:45:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305DA6BA-C871-4E75-B63C-1E2A22683FBB}

[2011.12.17 23:44:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6A554F19-A490-463C-8C20-9D0048D39F3D}

[2011.12.17 11:17:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05A9C5E3-EE3E-4B4A-94F7-4E2DB2F6FA69}

[2011.12.17 11:16:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{19DB6FA2-1699-4B0E-A56F-C16BFB239EE5}

[2011.12.17 11:15:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{21F762EB-F5F2-4C88-89A4-C15C6FAEC545}

[2011.12.16 12:02:04 | 000,000,000 | ---D | C] -- C:\34dbc5b24e8377ada30ef2a4a1

[2011.12.16 11:59:10 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll

[2011.12.16 11:59:10 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll

[2011.12.16 11:59:07 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll

[2011.12.16 11:59:07 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll

[2011.12.16 11:59:05 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll

[2011.12.16 11:59:05 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll

[2011.12.16 11:59:02 | 001,427,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl

[2011.12.16 11:59:01 | 002,309,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll

[2011.12.16 11:59:01 | 001,493,504 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl

[2011.12.16 11:59:00 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll

[2011.12.16 11:58:59 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll

[2011.12.16 06:25:03 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5C13D8F7-4F45-4244-8D1B-6C077F0F89C0}

[2011.12.15 23:10:48 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\csrsrv.dll

[2011.12.15 23:10:44 | 000,723,456 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\EncDec.dll

[2011.12.15 23:10:43 | 000,534,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\EncDec.dll

[2011.12.15 17:42:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{970AA118-FC0B-445B-B464-AA5B2EB42BE3}

[2011.12.13 22:39:00 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{EE0B5AD9-33D6-4130-8B1F-AF190BC67732}

[2011.12.13 22:38:49 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{88D8C8BC-FD1B-40F1-A81C-B1FFFF200EC0}

[2011.12.13 22:38:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CACFBB0E-87C6-49F1-82EE-577645099B4A}

[2011.12.13 10:37:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6AF9EC01-09AD-4412-BBD5-2FDE8EE7A028}

[2011.12.13 10:37:30 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{31722CC3-4C73-4AA1-9526-B2FD1BF9EA92}

[2011.12.13 10:37:09 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{97474F36-0DE5-445D-A7D7-436AC47745B0}

[2011.12.12 22:36:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0E593BE1-CABE-4429-B207-BD944441BA1D}

[2011.12.12 22:36:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{113B489D-6A9A-4359-A5D5-5646D07099FC}

[2011.12.12 22:35:51 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{13D31F98-0CD1-44C2-8772-E43EA81B99E8}

[2011.12.12 10:35:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{5AABA16F-A2EB-41E0-91D3-EA69DA35EFEA}

[2011.12.12 10:34:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74A83997-9CE3-40B2-9881-B5DB808D96F2}

[2011.12.11 23:38:48 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{74BD2357-8232-4C8B-BF0E-D9D48C282298}

[2011.12.11 08:25:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{BAB85B9E-8E61-4C8E-B696-ECF926D35427}

[2011.12.10 20:24:53 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C3BFF58D-9D89-4A9B-9EF4-8BC52C042533}

[2011.12.10 20:24:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6E5FD438-4B12-4F5C-A6A5-A4D0806AF4E4}

[2011.12.10 20:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F810C697-14B5-47B4-8DA2-FBFE26159E90}

[2011.12.10 11:23:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F9D64CC6-D057-47BF-B634-6E25D361A12C}

[2011.12.10 11:19:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{305BBCB9-598F-4A3C-987D-4CA19205AF39}

[2011.12.09 06:19:18 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0FC2882B-FDFA-4F75-8EAE-FD08C2B0308D}

[2011.12.08 18:18:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{491EFE69-1C81-4800-BFEA-7ACC72E6FD37}

[2011.12.08 06:17:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{8F1098C5-6BC3-4702-8F42-576FB6F5D929}

[2011.12.07 18:16:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{0EA8698C-DD91-46A2-B961-1122783E121E}

[2011.12.07 18:16:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E07A583F-30F9-4590-B9A4-BB647CE512C6}

[2011.12.07 06:39:12 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars

[2011.12.07 06:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars

[2011.12.07 06:38:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars

[2011.12.07 06:15:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9EE2AD73-4899-4594-83C2-660A46C4B24D}

[2011.12.07 06:13:43 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\PokerStars.NET

[2011.12.07 06:13:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PokerStars.NET

[2011.12.06 18:19:08 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2AC2E61A-8864-47AA-8987-827074C124EE}

[2011.12.06 18:18:56 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C7D362AE-8706-49B8-8EB0-10C772C88EFA}

[2011.12.06 18:18:15 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{85ECF006-D851-402E-BF00-1F3C36543F66}

[2011.12.06 06:17:59 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{865A431B-ED15-48E2-A596-3B2FE317CC99}

[2011.12.06 06:17:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2676B89B-4E29-4343-99A6-3C72B7146D28}

[2011.12.06 06:17:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{CBA9598D-A0A6-4114-B8F3-2EC895C38E8C}

[2011.12.05 18:16:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{DD852F19-28B5-4A75-B1EF-46CCC9528C33}

[2011.12.05 18:15:41 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{B93CD67A-A7A9-4593-BDBE-0FE89665D5FB}

[2011.12.05 18:15:20 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C44382B1-CE69-4830-8F75-E329B19210FE}

[2011.12.05 06:18:34 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{C18C5B99-81F6-41D3-8524-7098AA903B05}

[2011.12.05 06:15:04 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{60521F1E-8875-4202-BB39-5E396956AAC5}

[2011.12.04 13:18:50 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F847F304-0115-4DA5-AAEB-3D4FE2A5B8F0}

[2011.12.04 13:18:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{93A035A6-6C33-44C6-951D-CA21195C8711}

[2011.12.04 13:18:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2A62B45E-C20C-4BC8-ADAE-14C86F08AF86}

[2011.12.04 13:18:17 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6DC57428-F417-41E7-97CA-8FCEE0C9FBDC}

[2011.12.03 15:21:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2011.12.03 15:19:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2011.12.03 11:12:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{40814D1B-AF76-4E88-88C4-652B229BAD67}

[2011.12.03 11:11:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{287CAAE8-EFA7-4D6F-8843-90934BE26E14}

[2011.12.03 11:07:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{F7CCBB42-0054-4ADE-B2E5-BC88BF3EED72}

[2011.12.02 17:39:14 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{D3CEB3C2-486C-4DB2-A6B2-6AD4E951536B}

[2011.12.02 17:38:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{51BA23A8-0542-4EEB-AA67-A16114A18E1D}

[2011.12.02 12:14:52 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A9787D1-8646-45AF-A34D-676526BB1CEE}

[2011.12.02 06:41:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4793DBCB-66A8-4FB0-B07B-D9580B955078}

[2011.12.01 18:40:39 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{073684C9-669F-441E-91CF-9C6F0EC160E2}

[2011.12.01 18:40:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{560D7B62-CB23-498B-A449-5E312FA063A9}

[2011.12.01 18:39:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{551C8537-084C-4940-A72C-4D5E793A477A}

[2011.12.01 18:39:36 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{058CCC41-4A4E-43D8-8A40-246C18BE1B46}

[2011.12.01 06:38:57 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E1D6E61E-19D7-4160-98D7-B363AC86FE24}

[2011.12.01 06:38:46 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9A608524-F609-4FC9-B009-D3D08B635FCD}

[2011.12.01 06:38:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4CAE9F50-BF07-4177-BFFD-0B14A7AF6C4E}

[2011.11.30 18:37:40 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4EB76B30-BA11-4D00-91DD-111950A7362F}

[2011.11.30 18:37:26 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{32C1EABC-BD75-4CFF-81B7-B35E34032172}

[2011.11.30 18:37:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{098F093B-D328-4C6F-A24A-B070339875C5}

[2011.11.30 06:36:27 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{06EB71A9-9AD0-43F0-BFCE-8556CD5BD646}

[2011.11.30 06:35:01 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{510135DB-2FA0-4D2D-A9A9-E2D59D5CF3FA}

[2011.11.29 17:26:29 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{4A364C7A-B7D8-4BDD-902D-8EC4095948D6}

[2011.11.29 05:41:45 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{AA088DCA-72AC-4DD5-879A-BB2B11845959}

[2011.11.29 05:28:19 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3CEBDD1D-3563-494F-870F-0A375A3474FC}

[2011.11.28 12:07:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{73FE2BCA-E1B0-4CF7-B065-0382560973DE}

[2011.11.28 12:06:44 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{E3BE7BB0-FA64-4891-8668-B5EE519D4575}

[2011.11.28 12:06:23 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3FC2D951-AD94-49C1-87F3-6F183F38C1D1}

[2011.11.28 12:06:02 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{9F121627-F028-4593-A91B-D2B582616B4E}

[2011.11.28 00:05:05 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{A82A9321-AB02-4633-85FB-6AFEC96C0A1F}

[2011.11.28 00:04:07 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{05D885C5-39C2-4071-BC4C-34D9C985F235}

[2011.11.27 23:06:37 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{3B2832DD-C063-462B-B08A-91059C8115EE}

[2011.11.27 10:02:58 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{2F3C11DA-A800-421F-B788-200D352AA354}

[2011.11.27 10:02:33 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{6206C6DE-F5D9-4330-9371-98052D88A512}

[2011.11.27 10:02:22 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{650C1E02-7A27-4702-8D68-1E73BE44673A}

[2011.11.27 10:02:11 | 000,000,000 | ---D | C] -- C:\Users\UserXY\AppData\Local\{401740B1-B4D1-4089-83F8-82DA06FF7FFE}

 
 ========== Files - Modified Within 30 Days ==========

 

[2011.12.26 16:11:01 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job

[2011.12.26 16:01:49 | 000,000,512 | ---- | M] () -- C:\Users\UserXY\Desktop\MBR.dat

[2011.12.26 15:20:14 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2011.12.26 15:20:14 | 000,013,424 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2011.12.26 15:11:46 | 000,001,104 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job

[2011.12.26 15:11:21 | 000,067,584 | ---- | M] () -- C:\windows\bootstat.dat

[2011.12.26 15:11:19 | 639,425,588 | ---- | M] () -- C:\windows\MEMORY.DMP

[2011.12.26 15:11:12 | 3168,190,464 | -HS- | M] () -- C:\hiberfil.sys

[2011.12.26 13:44:19 | 001,498,742 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI

[2011.12.26 13:44:19 | 000,654,400 | ---- | M] () -- C:\windows\SysNative\perfh007.dat

[2011.12.26 13:44:19 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat

[2011.12.26 13:44:19 | 000,130,240 | ---- | M] () -- C:\windows\SysNative\perfc007.dat

[2011.12.26 13:44:19 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat

[2011.12.26 13:41:54 | 001,918,464 | ---- | M] (AVAST Software) -- C:\Users\UserXY\Desktop\aswMBR.exe

[2011.12.26 13:23:54 | 000,000,909 | ---- | M] () -- C:\windows\SysNative\drivers\etc\hosts

[2011.12.26 09:00:44 | 000,001,974 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011.12.25 20:15:31 | 000,001,954 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2011.12.25 13:29:22 | 000,001,808 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.24 11:18:43 | 000,112,028 | ---- | M] () -- C:\Users\UserXY\cc_20111224_111832.reg

[2011.12.21 22:50:17 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\UserXY\Desktop\OTL.exe

[2011.12.21 22:47:53 | 000,001,056 | ---- | M] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk

[2011.12.17 11:13:35 | 000,453,560 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT

[2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avkmgr.sys

[2011.12.15 14:59:59 | 000,130,760 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avipbb.sys

[2011.12.15 14:59:59 | 000,097,312 | ---- | M] (Avira GmbH) -- C:\windows\SysNative\drivers\avgntflt.sys

[2011.12.07 06:38:57 | 000,001,025 | ---- | M] () -- C:\Users\Public\Desktop\PokerStars.lnk

[2011.12.01 06:46:02 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt

[2011.11.28 19:01:14 | 000,256,960 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe

[2011.11.28 16:04:22 | 000,012,956 | ---- | M] () -- C:\Users\UserXY\Bilder\Documents\X.odt

 
 ========== Files Created - No Company Name ==========

 

[2011.12.26 16:01:49 | 000,000,512 | ---- | C] () -- C:\Users\UserXY\Desktop\MBR.dat

[2011.12.26 14:29:28 | 639,425,588 | ---- | C] () -- C:\windows\MEMORY.DMP

[2011.12.26 08:59:44 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk

[2011.12.26 08:59:44 | 000,001,974 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk

[2011.12.25 20:15:31 | 000,001,954 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk

[2011.12.25 13:29:22 | 000,001,808 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

[2011.12.24 11:18:38 | 000,112,028 | ---- | C] () -- C:\Users\UserXY\cc_20111224_111832.reg

[2011.12.21 22:47:53 | 000,001,056 | ---- | C] () -- C:\Users\UserXY\Desktop\Clean Virus MSN.lnk

[2011.12.07 06:38:57 | 000,001,025 | ---- | C] () -- C:\Users\Public\Desktop\PokerStars.lnk

[2011.12.02 20:15:27 | 000,012,800 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\X.odt

[2011.11.28 16:03:33 | 000,012,956 | ---- | C] () -- C:\Users\UserXY\Bilder\Documents\X.odt

[2011.10.06 19:30:32 | 000,004,608 | ---- | C] () -- C:\Users\UserXY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011.07.02 19:42:26 | 000,000,306 | RHS- | C] () -- C:\ProgramData\ntuser.pol

[2011.07.01 08:06:48 | 001,526,948 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI

[2011.05.21 16:46:00 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011.05.21 09:33:59 | 000,000,088 | ---- | C] () -- C:\ProgramData\profile.xml

[2011.05.10 13:09:25 | 000,016,648 | R--- | C] () -- C:\windows\SysWow64\LogAPI.dll

[2011.05.10 12:54:12 | 002,110,816 | ---- | C] () -- C:\windows\SysWow64\Apblend.dll

[2011.05.10 12:54:12 | 001,171,456 | ---- | C] () -- C:\windows\SysWow64\PicNotify.dll

[2011.05.10 12:54:05 | 001,044,480 | ---- | C] () -- C:\windows\SysWow64\3DImageRenderer.dll

[2011.05.10 12:36:01 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin

[2010.08.09 09:28:09 | 000,002,857 | ---- | C] () -- C:\windows\SysWow64\atipblag.dat

[2010.07.06 02:54:55 | 000,001,341 | ---- | C] () -- C:\windows\vm332Rmv.ini

[2009.07.14 06:38:36 | 000,067,584 | ---- | C] () -- C:\windows\bootstat.dat

[2009.07.14 03:35:51 | 000,000,741 | ---- | C] () -- C:\windows\SysWow64\NOISE.DAT

[2009.07.14 03:34:42 | 000,215,943 | ---- | C] () -- C:\windows\SysWow64\dssec.dat

[2009.07.14 01:10:29 | 000,043,131 | ---- | C] () -- C:\windows\mib.bin

[2009.07.14 00:42:10 | 000,064,000 | ---- | C] () -- C:\windows\SysWow64\BWContextHandler.dll

[2009.07.13 22:59:36 | 000,982,196 | ---- | C] () -- C:\windows\SysWow64\igkrng500.bin

[2009.07.13 22:59:36 | 000,139,824 | ---- | C] () -- C:\windows\SysWow64\igfcg500.bin

[2009.07.13 22:59:36 | 000,097,448 | ---- | C] () -- C:\windows\SysWow64\igfcg500m.bin

[2009.07.13 22:59:35 | 000,417,344 | ---- | C] () -- C:\windows\SysWow64\igcompkrng500.bin

[2009.07.13 22:03:59 | 000,364,544 | ---- | C] () -- C:\windows\SysWow64\msjetoledb40.dll

[2009.06.10 22:26:10 | 000,673,088 | ---- | C] () -- C:\windows\SysWow64\mlang.dat

[2008.10.07 08:13:30 | 000,197,912 | ---- | C] () -- C:\windows\SysWow64\physxcudart_20.dll

[2008.10.07 08:13:22 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelTraditionalChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSwedish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSpanish.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelSimplifiedChinese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelPortugese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelKorean.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelJapanese.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelGerman.dll

[2008.10.07 08:13:20 | 000,058,648 | ---- | C] () -- C:\windows\SysWow64\AgCPanelFrench.dll

[2008.06.23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4

[2008.05.23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml

[2007.10.25 16:26:10 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys

 
 ========== LOP Check ==========

 

[2011.05.21 09:37:40 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\ArcSyncConfig

[2011.12.23 20:54:06 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Azureus

[2011.12.23 20:54:07 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\DAEMON Tools Lite

[2011.10.05 21:18:21 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\DVDVideoSoft

[2011.10.05 21:18:13 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.12.18 19:07:40 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\ICQ

[2011.05.20 22:18:26 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Lenovo

[2011.05.22 08:22:59 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\OpenOffice.org

[2011.09.09 21:00:44 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\PC Suite

[2011.09.09 20:58:06 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Samsung

[2011.08.12 09:40:39 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\SoftGrid Client

[2011.07.01 08:07:51 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\TP

[2011.10.24 16:38:38 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Ubisoft

[2011.05.21 15:51:39 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Verbindungsassistent

[2011.10.04 15:08:49 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Vodafone

[2011.05.24 11:33:01 | 000,000,000 | ---D | M] -- C:\Users\UserXY\AppData\Roaming\Windows Live Writer

[2011.11.14 05:59:01 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 
 

< End of report >

komischerweise wurde keine Extra.txt ausgeworfen

aswMBR.txt

Code:

aswMBR version 0.9.9.1120 Copyright(c) 2011 AVAST Software

Run date: 2011-12-26 15:13:18

-----------------------------

15:13:18.158    OS Version: Windows x64 6.1.7601 Service Pack 1

15:13:18.158    Number of processors: 8 586 0x1E05

15:13:18.158    ComputerName: Userxy-PC  UserName: Userxy

15:13:22.978    Initialize success

15:14:03.086    AVAST engine defs: 11122501

15:14:07.454    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

15:14:07.454    Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3

15:14:07.516    Disk 0 MBR read successfully

15:14:07.516    Disk 0 MBR scan

15:14:07.579    Disk 0 Windows 7 default MBR code

15:14:07.594    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          200 MB offset 2048

15:14:07.719    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       430420 MB offset 411648

15:14:07.766    Disk 0 Partition - 00     0F Extended LBA             31210 MB offset 881911808

15:14:09.544    Disk 0 Partition 3 00     12  Compaq diag NTFS        15109 MB offset 945829888

15:14:11.291    Disk 0 Partition 4 00     07    HPFS/NTFS NTFS        31209 MB offset 881913856

15:14:11.557    Service scanning

15:14:16.549    Modules scanning

15:14:16.549    Disk 0 trace - called modules:

15:14:16.954    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll 

15:14:16.954    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004e25790]

15:14:16.970    3 CLASSPNP.SYS[fffff88001b6543f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004b97050]

15:14:20.776    AVAST engine scan C:\windows

15:14:35.456    AVAST engine scan C:\windows\system32

15:20:14.613    AVAST engine scan C:\windows\system32\drivers

15:20:38.793    AVAST engine scan C:\Users\Userxy

15:45:35.801    AVAST engine scan C:\ProgramData

15:47:20.272    Scan finished successfully

16:01:49.867    Disk 0 MBR has been saved successfully to "C:\Users\Userxy\Desktop\MBR.dat"

16:01:49.878    The log file has been saved successfully to "C:\Users\Userxy\Desktop\aswMBR.txt"

Wie es aussieht hat es super funktioniert! Es werden soweit ich es beurteilen kann keine Spams mehr von meinem Account versendent.

Muss ich nun vorsorglich noch etwas beachten?

Besten Gruß und vielen Dank bis dahin!