Bundespolizei Ihr Computer wurde gesterrt - Entsperren Sie mit Ukash Hallo und guten Morgen Forum !
Habe mir heute Nacht den Ukash Trojaner eingefangen und mit Malwarebytes http://www.trojaner-board.de/51187-a...i-malware.html einen Schädling gefunden und entfernt . Leider habe ich von diesem Scan nicht die Log Datei gespeichert . Nach einem erneuten Scan fand er diesen nicht mehr aber das Problem mit Ukash ist im normalen Modus immer noch vorhanden :(
Ich hoffe mir kann hier geholfen werden !
hier die Log-Dateien von Malware und OTL :
Malware : Code:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Datenbank Version: v2012.09.07.13
Windows Vista Service Pack 2 x86 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Mineor :: MINEOR-PC [Administrator]
26.09.2012 01:11:24
mbam-log-2012-09-26 (01-11-24).txt
Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 442306
Laufzeit: 57 Minute(n), 29 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) OTL Extra : Code:
OTL Extras logfile created on: 26.09.2012 07:03:13 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Mineor\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 68,76% Memory free
6,74 Gb Paging File | 5,88 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,28 Gb Total Space | 77,58 Gb Free Space | 66,15% Space Free | Partition Type: NTFS
Drive D: | 83,01 Gb Total Space | 31,99 Gb Free Space | 38,54% Space Free | Partition Type: NTFS
Drive E: | 32,59 Gb Total Space | 6,53 Gb Free Space | 20,05% Space Free | Partition Type: NTFS
Computer Name: MINEOR-PC | User Name: Mineor | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05109B9B-7879-4142-A692-158D9758D221}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{0D347DBD-D291-4989-97C0-D917FA59366E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{17402E63-10DC-4BF3-9FD1-742198730AFB}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{4BFFD5F6-8B1C-4A27-BB30-880F24E05FEC}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xii.sp2c\rpcagentsrv.exe |
"{5CF2D844-F0BE-4B96-AF91-BBDA616A409C}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xii.sp2c\wnt500x86\rpcsandrasrv.exe |
"{9CFE1779-7FDE-4554-AD5E-5BAE0784172D}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{AC90B5E7-C3B9-4C97-853E-C62498AF14F2}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xii.sp2c\wnt500x86\rpcsandrasrv.exe |
"{C73B1063-5F64-4DA4-B96E-6BCA4FA3E324}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{CDC7FA6D-4471-4F26-BCCF-9E3DF346F05D}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite xii.sp2c\wnt500x86\rpcsandrasrv.exe |
"{D0458AEA-82FF-4AD9-9AB5-5D6FB98A6951}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{E1078FB2-CC13-4429-8EEB-FE51F57D20B8}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{E610EB80-A34A-41D0-8300-61B56D8F0170}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06029946-16DD-4093-ADFF-2A88E632B1D7}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{1CC91CF0-83D2-44C3-81BA-99B708C19F7A}" = protocol=17 | dir=in | app=d:\i am alive\iamalive_launcher.exe |
"{1D1D3080-AA5B-46D8-8A1F-797BEFE5DD3A}" = protocol=17 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{22128179-6D7E-4E3C-BBDD-144C6CCC3625}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{246ACB19-080B-4431-8C6F-51A182E990E0}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{2D903187-E066-4B17-AACA-0D2D4FF03796}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{38B5E6C7-C627-4A81-84F8-59A391A96A92}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{3F53132E-E215-4088-A87A-0054A9ADF7B2}" = protocol=17 | dir=in | app=d:\i am alive\src\system\iamalive_game.exe |
"{438646BD-C86E-45C6-A418-30A9195F7DE8}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{478FB532-3B3C-4D68-BEE6-5AD2A394BADB}" = protocol=17 | dir=in | app=d:\steam\steam.exe |
"{4AF9C0F2-FAA0-42A1-BB20-8065F2C088A6}" = protocol=6 | dir=in | app=d:\i am alive\iamalive_launcher.exe |
"{4D5A7FCA-D0C8-4640-AF15-EE23FEA05430}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{556E5CAF-0859-4357-9505-5CCCD50D3177}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{5DEF4EF5-74D8-479E-B3D2-A5080B7F7502}" = protocol=6 | dir=in | app=c:\program files\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{62DD8354-B398-4573-A06D-2D5C7307CE9D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{694E2716-75D9-407A-83D4-AC792CD80615}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{6D5ACBAE-EF15-4F07-BDF4-1B0EADE3D2D0}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe |
"{6E3398BD-C3D2-4A4F-B792-56933AC0A0C8}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{71B95B0A-909B-4250-8A20-89B10D895322}" = protocol=6 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{728BFFFE-E7CE-49EA-9864-4BA6C9713ECA}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{735EC965-A275-4124-828B-836EDC386774}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{739B7C80-8326-4ECB-900B-C91FDEFD8409}" = protocol=6 | dir=in | app=d:\i am alive\src\system\iamalive_game.exe |
"{86990445-D24E-445C-8381-DC855EFF7CE5}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstra.exe |
"{97B4A9F1-B5C5-4D31-B677-E9714AA6A8BD}" = protocol=17 | dir=in | app=d:\civ4\civilization4.exe |
"{9CDAB533-713F-4514-9086-BE3BE4914EB9}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) |
"{9E28A74C-C65E-46E9-8937-7943F6103279}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) |
"{A4985047-8D83-4283-9DE0-F6547D6D20EC}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{A4E49996-68E7-4F78-BF42-3600CB5E677B}" = protocol=17 | dir=in | app=d:\civ4\warlords\civ4warlords.exe |
"{AA3E9C29-AC77-4191-A0F0-18424E72809A}" = protocol=17 | dir=in | app=d:\civ4\beyond the sword\civ4beyondsword.exe |
"{AB8244F0-7A46-4DD4-A618-95FBE33FFF8A}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{B2F2904F-E5A8-4A60-812F-8D89091582E6}" = protocol=6 | dir=in | app=d:\steam\steam.exe |
"{B36FEDC3-B095-4BAB-BCCC-E7ADA1A04C77}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{B5663D08-3FD1-4E25-A049-A99782D9BB31}" = protocol=6 | dir=in | app=d:\civ4\warlords\civ4warlords.exe |
"{BEB2DECB-27BB-4FA6-8314-466EE5371B8E}" = protocol=17 | dir=in | app=c:\windows\system32\pnkbstrb.exe |
"{D1B4ED40-7CBA-438D-9970-93D48A7B889B}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe |
"{D8702C19-8F75-4371-8238-1C62647EF617}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{EAFF23C6-6383-4426-BAD1-927B0754E4BB}" = protocol=6 | dir=in | app=d:\civ4\civilization4.exe |
"{F452CF2C-6BEC-4769-8942-A8EECB6E3BD1}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\sid meier's civilization v sdk\sid meier's civilization v sdk.exe |
"{F5871539-3CB1-4695-AC03-C917DB25EB67}" = protocol=6 | dir=in | app=d:\civ4\beyond the sword\civ4beyondsword.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02DFF6B1-1654-411C-8D7B-FD6052EF016F}" = Apple Software Update
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{08CA9554-B5FE-4313-938F-D4A417B81175}" = QuickTime
"{09298F26-A95C-31E2-9D95-2C60F586F075}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{1DEEB744-7F1F-4473-993D-13DE2F989577}" = Logitech CallCentral
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.7.4
"{1EAC1D02-C6AC-4FA6-9A44-96258C37C813}_is1" = World of Warplanes
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F77C418-2C90-459C-BD33-B56A4182B9FA}" = System Requirements Lab CYRI
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}" = Sid Meier's Civilization 4 Complete
"{32E4F0D2-C135-475E-A841-1D59A0D22989}" = Sid Meier's Civilization 4 - Beyond the Sword
"{3B11D799-48E0-48ED-BFD7-EA655676D8BB}" = Star Wars: The Old Republic
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{520CD4F0-9DAC-4C5C-8CA1-D0210CFF6062}" = Media Go
"{5335DADB-34BA-4AE8-A519-648D78498846}" = Skype™ 5.3
"{54F5EAE1-2B88-4F4A-8706-12787E1E34BF}" = calibre
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}" = NCsoft Launcher
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62952508-8C6F-4D31-9802-099FC67B41C3}" = I Am Alive
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{768F22DC-2D20-4F52-A9A1-5E231FB7F752}" = Logitech Gaming Software 5.04
"{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}" = ICQ7M
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{80B917EF-75C7-46F0-87D9-DE90A309ACB5}" = Fate of the World
"{83C9E961-1A33-444E-B3A9-5CE3B941888A}" = Six Updater
"{8635EC47-3ED6-44B3-8394-A22C8EB01FC2}" = Fate of the World DLC: Denial
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E49C988-C8F1-4197-AA6B-94E49751F5D7}" = Microsoft IntelliType Pro 6.3
"{8FB1B528-E260-451E-9B55-E9152F94B80B}" = Microsoft Games for Windows - LIVE Redistributable
"{90110407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{92482FB3-C05B-41C6-89E7-75D985602A6E}" = System Requirements Lab
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96E3AED5-3D0B-4BB0-84C2-1EDADB204487}" = FlashFXP v3
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{999A2E61-63EE-61BF-26E4-0C7B8B2A0BE2}" = Media Go Video Playback Engine 1.8.108.02120
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D182C-35C7-4791-8484-4304EBC9101A}" = Windows 7 Upgrade Advisor
"{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite
"{9BC97E7F-8E26-44B8-841A-C5262754FC89}" = LG United Mobile Drivers
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C6C0D2A-E2C0-4160-B139-5951A72EC80F}" = WOT Statistics
"{9EBDAF91-DADA-47CE-94F2-F5B004007934}" = System Requirements Lab
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}" = Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B480BD2A-F1BA-4FE6-8C8E-34C6111B72C9}" = ElsterFormular 2007/2008
"{B54313C5-B581-434E-84BB-D87BBE5AB08A}" = Fate of the World DLC: Migration
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Toolbars
"{B8FA4B2B-67A0-18D0-77DD-F08405016F37}" = ATI Catalyst Install Manager
"{BEF726DD-4037-4214-8C6A-E625C02D2870}" = Logitech Audio Echo Cancellation Component
"{C221B517-EC02-4DD3-95A6-958C02DD86F2}_is1" = SP_Mod_1
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2196}_is1" = SiSoftware Sandra Lite XII.SP2c
"{C5C1C0F0-D62F-4DBF-81D4-D7EF397C228B}" = NVIDIA PhysX
"{C7DDA8E7-AD3D-4F51-AC1E-B0FF57002192}" = Microsoft IntelliPoint 6.3
"{C911A0C2-2236-3164-AA47-F2566C01AE5E}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D60924D0-86C6-441B-BD39-BA3037508976}" = NVIDIA PhysX Unreal Tournament 3 Mods
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{E1640DA5-89B4-4F52-B15D-5DA3D14F29D4}" = LG USB Modem Drivers
"{EA450D5D-95EA-4FD0-B8B0-6D8E68FBE2C7}" = Impulse
"{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1" = PantsOff 2.0
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.094
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F97E3841-CA9D-4964-9D64-26066241D26F}" = Microsoft Games for Windows - LIVE
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"7-Zip" = 7-Zip 4.65
"AC3Filter_is1" = AC3Filter 1.63b
"ACDLabs in e__ACDFREE12_" = ACD/Labs Software in e:\ACDFREE12\
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Alt.Binz" = Alt.Binz 0.25.0
"ArtMoney SE_is1" = ArtMoney SE v7.31
"Ask Toolbar_is1" = Ask Toolbar
"Avira AntiVir Desktop" = Avira Free Antivirus
"BASE 1.5" = BASE 1.5
"BLASC 2.0" = BLASC 2.0
"CCleaner" = CCleaner
"CD Audio Reader Filter" = CD Audio Reader Filter (remove only)
"DCoder Image Source" = DCoder Image Source (remove only)
"DD4F47DF-6540-4BDA-BEAD-2B19250B0C48_is1" = FLAC to MP3 Converter 6.1.9
"DivX Setup.divx.com" = DivX-Setup
"DScaler 5 Mpeg Decoders_is1" = DScaler 5 Mpeg Decoders
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.0.0 Home Edition
"Eraser 5.3" = Eraser 5.3
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"Explorer Suite_is1" = Explorer Suite III
"FFMPEG Core Files" = FFMPEG Core Files (remove only)
"Foxit Reader" = Foxit Reader
"Fraps" = Fraps (remove only)
"Free Download Manager_is1" = Free Download Manager 3.9
"Free Studio_is1" = Free Studio version 5.2.1
"Free Video to MP3 Converter_is1" = Free Video to MP3 Converter version 4.2.16
"Free YouTube Download_is1" = Free YouTube Download 2.2
"Free YouTube to Mp3 Converter_is1" = Free YouTube to Mp3 Converter version 3.1
"Generic Mod Manager_is1" = Fallout Mod Manager 0.13.21
"GrabIt_is1" = GrabIt 1.7.2 Beta 6 (build 1008)
"Hattrick Control_is1" = Hattrick Control 2.02
"Hattrick Organizer" = Hattrick Organizer (remove only)
"Hearts of Iron 2 Doomsday Armageddon_is1" = HOI2 Doomsday Armageddon 1.2
"Impulse" = Impulse
"InstallShield_{050C1C8E-4A4D-4C2F-B9AE-67E60EE91B7F}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.3 Patch
"InstallShield_{3BD633E0-4BF8-4499-9149-88F0767D449C}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch
"InstallShield_{62952508-8C6F-4D31-9802-099FC67B41C3}" = I Am Alive
"InstallShield_{8503C901-85D7-4262-88D2-8D8B2A7B08B8}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch
"InstallShield_{8A15B7D9-908A-4EF9-BA84-5AEDE61743EE}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch
"InstallShield_{931C37FC-594D-43A9-B10F-A2F2B1F03498}" = Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch
"Jagged Alliance 2" = Jagged Alliance 2
"KLiteCodecPack_is1" = K-Lite Mega Codec Pack 6.0.4
"LVoIPDrv" = Logitech® VoIP-Treiber
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Marvell Miniport Driver" = Marvell Miniport Driver
"McAfee Security Scan" = McAfee Security Scan Plus
"Medion GoPal Assistant" = Medion GoPal Assistant 4.00.0042
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.4.0c
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"OpenAL" = OpenAL
"OpenSource AVI Splitter" = OpenSource AVI Splitter (remove only)
"OpenSource DTS/AC3/DD+ Source Filter" = OpenSource DTS/AC3/DD+ Source Filter (remove only)
"PC Wizard 2008_is1" = PC Wizard 2008.1.83
"ProtectDisc Driver 11" = ProtectDisc Driver, Version 11
"PunkBusterSvc" = PunkBuster Services
"QuickPar" = QuickPar 0.9
"RADVideo" = RAD Video Tools
"Rossmann Fotoservice_is1" = Rossmann Fotoservice 2.6
"Secunia PSI" = Secunia PSI (3.0.0.2004)
"SHOUTcast Source" = SHOUTcast Source (remove only)
"SP6" = Logitech SetPoint 6.0
"Steam App 16830" = Sid Meier's Civilization V SDK
"Streamripper" = Streamripper (Remove only)
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Engine" = Sony Ericsson Update Engine
"VLC media player" = VLC media player 2.0.2
"voxware_is1" = Voxware Audio decoder 1.6
"Winamp" = Winamp
"WinRAR archiver" = WinRAR
"WinUHA_is1" = WinUHA 2.0 RC1 (2005.02.27)
"WMV9_VCM" = Microsoft Windows Media Video 9 VCM
"X3 Bonuspaket_is1" = X3 Bonuspaket 3.1.07
"XBCD" = XBCD 1.07
"XMedia Recode" = XMedia Recode 3.0.9.4
"xp-AntiSpy" = xp-AntiSpy 3.96-6
"Xvid_is1" = Xvid 1.2.2 final uninstall
"ZoneAlarm" = ZoneAlarm
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"UnityWebPlayer" = Unity Web Player
"World War 2 Time of Wrath" = World War 2 Time of Wrath
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.09.2012 19:41:48 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.09.2012 19:41:49 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.09.2012 19:41:49 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.09.2012 19:41:49 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.09.2012 19:41:49 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.09.2012 19:41:49 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.09.2012 19:41:49 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 24.09.2012 19:41:49 | Computer Name = Mineor-PC | Source = Windows Search Service | ID = 3013
Description =
Error - 25.09.2012 17:52:15 | Computer Name = Mineor-PC | Source = EventSystem | ID = 4609
Description =
Error - 25.09.2012 18:51:16 | Computer Name = Mineor-PC | Source = EventSystem | ID = 4609
Description =
[ System Events ]
Error - 25.09.2012 18:50:34 | Computer Name = Mineor-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 26.09.2012 um 00:48:06 unerwartet heruntergefahren.
Error - 25.09.2012 18:51:06 | Computer Name = Mineor-PC | Source = DCOM | ID = 10005
Description =
Error - 25.09.2012 18:51:06 | Computer Name = Mineor-PC | Source = DCOM | ID = 10005
Description =
Error - 25.09.2012 18:51:06 | Computer Name = Mineor-PC | Source = LSM | ID = 1048
Description =
Error - 25.09.2012 18:51:16 | Computer Name = Mineor-PC | Source = DCOM | ID = 10005
Description =
Error - 25.09.2012 18:51:20 | Computer Name = Mineor-PC | Source = DCOM | ID = 10005
Description =
Error - 25.09.2012 18:51:26 | Computer Name = Mineor-PC | Source = DCOM | ID = 10005
Description =
Error - 25.09.2012 18:51:27 | Computer Name = Mineor-PC | Source = DCOM | ID = 10005
Description =
Error - 25.09.2012 18:51:39 | Computer Name = Mineor-PC | Source = Service Control Manager | ID = 7001
Description =
Error - 25.09.2012 18:51:39 | Computer Name = Mineor-PC | Source = Service Control Manager | ID = 7026
Description =
< End of report > OTL Logfile Code:
OTL logfile created on: 26.09.2012 07:03:13 - Run 1
OTL by OldTimer - Version 3.2.68.0 Folder = C:\Users\Mineor\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,25 Gb Total Physical Memory | 2,23 Gb Available Physical Memory | 68,76% Memory free
6,74 Gb Paging File | 5,88 Gb Available in Paging File | 87,22% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 117,28 Gb Total Space | 77,58 Gb Free Space | 66,15% Space Free | Partition Type: NTFS
Drive D: | 83,01 Gb Total Space | 31,99 Gb Free Space | 38,54% Space Free | Partition Type: NTFS
Drive E: | 32,59 Gb Total Space | 6,53 Gb Free Space | 20,05% Space Free | Partition Type: NTFS
Computer Name: MINEOR-PC | User Name: Mineor | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.09.26 01:00:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mineor\Desktop\OTL.exe
PRC - [2009.11.22 16:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) -- C:\Windows\System32\ZoneLabs\vsmon.exe
PRC - [2009.04.11 00:27:38 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008.01.19 00:33:40 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
========== Modules (No Company Name) ==========
MOD - [2007.09.20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
========== Services (SafeList) ==========
SRV - [2012.09.16 07:45:07 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.07.14 02:17:12 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.27 09:25:06 | 001,326,176 | ---- | M] (Secunia) [On_Demand | Stopped] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2012.06.27 09:25:04 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2012.05.08 19:00:10 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.08 19:00:10 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.01.18 14:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Programme\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.05.25 05:03:26 | 000,176,128 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.04.21 19:46:17 | 000,373,760 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.01.29 23:17:14 | 000,292,944 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)
SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
SRV - [2009.11.22 16:44:16 | 002,384,240 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Windows\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2009.04.11 00:28:18 | 000,052,224 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2008.04.22 18:23:02 | 000,098,488 | ---- | M] (SiSoftware) [Auto | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2008.01.19 00:38:26 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2008.01.19 00:36:50 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2008.01.19 00:36:16 | 000,167,936 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2008.01.19 00:33:40 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2007.07.31 16:33:36 | 000,141,848 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Programme\Common Files\LogiShrd\SrvLnch\SrvLnch.exe -- (LVSrvLauncher)
SRV - [2007.07.31 16:29:48 | 000,186,904 | ---- | M] (Logitech Inc.) [Auto | Stopped] -- C:\Programme\Common Files\LogiShrd\LVCOMSER\LVComSer.exe -- (LVCOMSer)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7)
DRV - File not found [Kernel | Boot | Stopped] -- system32\DRIVERS\PxHelp20.sys -- (PxHelp20)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\PdiPorts.sys -- (PdiPorts)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\amdiox86.sys -- (amdiox86)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (a1qhlcnc)
DRV - [2012.05.08 19:00:10 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.05.08 19:00:10 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.05.06 23:17:44 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2012.05.06 23:17:44 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2011.12.16 16:19:54 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)
DRV - [2011.09.16 17:09:17 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.07.29 13:54:56 | 000,014,216 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2011.07.29 13:54:56 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2011.05.25 06:25:48 | 007,800,832 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011.05.25 06:25:48 | 007,800,832 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011.05.25 04:25:20 | 000,245,760 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2010.12.02 05:34:32 | 000,052,096 | ---- | M] (Generic USB smartcard reader) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\MHIKEY10.sys -- (MHIKEY10)
DRV - [2010.06.17 15:27:22 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.06.09 14:19:21 | 000,279,712 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010.06.09 14:19:21 | 000,025,888 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010.02.24 12:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009.11.22 16:44:20 | 000,446,664 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\System32\drivers\vsdatant.sys -- (Vsdatant)
DRV - [2009.11.10 13:55:32 | 000,028,560 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2009.11.10 13:55:24 | 000,079,504 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouKE.Sys -- (LMouKE)
DRV - [2009.11.10 13:55:08 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009.11.10 13:54:52 | 000,035,984 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009.11.10 13:54:04 | 000,063,248 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042mou.Sys -- (L8042mou)
DRV - [2009.11.10 13:53:56 | 000,020,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L8042Kbd.sys -- (L8042Kbd)
DRV - [2009.09.29 09:11:22 | 000,012,160 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgbtport.sys -- (LgBttPort)
DRV - [2009.09.29 09:11:20 | 000,012,928 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgvmodem.sys -- (LGVMODEM)
DRV - [2009.09.29 09:11:20 | 000,010,496 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lgbtbus.sys -- (lgbusenum)
DRV - [2009.04.10 22:42:54 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009.02.20 07:17:50 | 000,095,760 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.01.13 19:13:52 | 000,049,160 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmXlCore.sys -- (WmXlCore)
DRV - [2009.01.13 19:13:44 | 000,014,728 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmVirHid.sys -- (WmVirHid)
DRV - [2009.01.13 19:13:28 | 000,029,192 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\WmFilter.sys -- (WmFilter)
DRV - [2009.01.13 19:13:20 | 000,019,336 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WmBEnum.sys -- (WmBEnum)
DRV - [2008.12.20 02:08:28 | 000,030,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\point32k.sys -- (Point32)
DRV - [2008.11.19 18:09:10 | 000,024,832 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2008.11.19 18:09:08 | 000,019,968 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2008.11.19 18:09:08 | 000,013,056 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2008.10.29 17:29:54 | 000,043,520 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Rtnicxp.sys -- (RTL8023xp)
DRV - [2008.03.10 19:30:36 | 000,021,408 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite XII.SP2c\WNt500x86\sandra.sys -- (SANDRA)
DRV - [2008.02.22 15:54:52 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2007.07.31 16:29:04 | 002,109,592 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Lvckap.sys -- (LVcKap)
DRV - [2006.11.15 16:24:54 | 000,048,128 | ---- | M] (Attansic Technology corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atl01v32.sys -- (AtcL001)
DRV - [2006.10.18 07:44:48 | 000,007,680 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.daemonsearch.com/intl/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.6
FF - prefs.js..extensions.enabledItems: {fd048119-78ee-487f-8fb1-1668d3a6859b}:2.6.1
FF - prefs.js..extensions.enabledItems: {9d1f059c-cada-4111-9696-41a62d64e3ba}:0.5.3.4
FF - prefs.js..extensions.enabledItems: moveplayer@movenetworks.com:1.0.0.071303000004
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:5.3.0.7280
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI1933~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: File not found
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.732: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Mineor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.07.23 06:35:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.07.21 14:51:02 | 000,000,000 | ---D | M]
[2008.10.12 15:54:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mineor\AppData\Roaming\Mozilla\Extensions
[2012.09.25 23:38:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions
[2011.02.07 23:54:09 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010.01.06 13:16:06 | 000,000,000 | ---D | M] ("PsicoTSI") -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}
[2008.06.24 15:46:07 | 000,000,000 | ---D | M] ("SkillRaise Tool") -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\{90ab4b7a-dfc8-420b-a205-eae16593e719}
[2012.09.25 23:38:00 | 000,000,000 | ---D | M] (FoxTrick) -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}
[2011.10.20 21:54:26 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2009.07.24 08:11:44 | 000,000,000 | ---D | M] (Alltid Hattrick Statistics) -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\{fd048119-78ee-487f-8fb1-1668d3a6859b}
[2009.04.21 20:46:58 | 000,000,000 | ---D | M] (Move Media Player) -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\moveplayer@movenetworks.com
[2011.09.07 00:01:50 | 000,089,442 | ---- | M] () (No name found) -- C:\Users\Mineor\AppData\Roaming\Mozilla\Firefox\Profiles\daqvfycw.default\extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi
[2012.07.23 06:35:08 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.03 21:39:41 | 000,000,000 | ---D | M] (Skype extension) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.21 14:51:06 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (AskBar BHO) - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Free Download Manager) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Programme\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashFXP Helper for Internet Explorer) - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programme\FlashFXP\IEFlash.dll (IniCom Networks, Inc.)
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O3 - HKCU\..\Toolbar\WebBrowser: (Ask Toolbar) - {3041D03E-FD4B-44E0-B742-2D9B88305F98} - C:\Programme\AskBarDis\bar\bin\askBar.dll (Ask.com)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [Logitech CallCentral] C:\Program Files\Logitech\CallCentral\CallCentral.exe ()
O4 - HKLM..\Run: [LogitechCommunicationsManager] C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe ()
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [DAEMON Tools] C:\Program Files\DAEMON Tools\daemon.exe (DT Soft Ltd.)
O4 - HKCU..\Run: [fekoklhqhdukcyv] C:\ProgramData\fekoklhq.exe ()
O4 - HKCU..\Run: [PlayNC Launcher] File not found
O4 - HKCU..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKCU..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O8 - Extra context menu item: Alles mit FDM herunterladen - C:\Program Files\Free Download Manager\dlall.htm ()
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Auswahl mit FDM herunterladen - C:\Program Files\Free Download Manager\dlselected.htm ()
O8 - Extra context menu item: Datei mit FDM herunterladen - C:\Program Files\Free Download Manager\dllink.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Mineor\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Mineor\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - E:\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://E:\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Videos mit FDM herunterladen - C:\Program Files\Free Download Manager\dlfvideo.htm ()
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - d:\ICQ7M\ICQ.exe File not found
O9 - Extra 'Tools' menuitem : ICQ7M - {781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - d:\ICQ7M\ICQ.exe File not found
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: blank ([]about in Computer)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.7.0_05)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2F85BDFF-5784-407C-AF42-95A442EFB587}: DhcpNameServer = 192.168.0.1
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Mineor\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\Mineor\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 23:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{2782d385-b8c3-11de-9f75-001d602f414c}\Shell - "" = AutoRun
O33 - MountPoints2\{2782d385-b8c3-11de-9f75-001d602f414c}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{385f6d89-e74d-11df-bce8-001d602f414c}\Shell - "" = AutoRun
O33 - MountPoints2\{385f6d89-e74d-11df-bce8-001d602f414c}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{42406e2c-1a27-11e0-b805-001d602f414c}\Shell - "" = AutoRun
O33 - MountPoints2\{6701f21f-add3-11dd-bb59-001d602f414c}\Shell - "" = AutoRun
O33 - MountPoints2\{6bd826ca-a2a2-11dd-82d6-001d602f414c}\Shell - "" = AutoRun
O33 - MountPoints2\{6bd826ca-a2a2-11dd-82d6-001d602f414c}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{7cdbbc66-3e5b-11e0-8616-001d602f414c}\Shell - "" = AutoRun
O33 - MountPoints2\{7cdbbc66-3e5b-11e0-8616-001d602f414c}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\{beefae9f-1bfb-11df-8baf-001d602f414c}\Shell - "" = AutoRun
O33 - MountPoints2\{beefae9f-1bfb-11df-8baf-001d602f414c}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\H\Shell - "" = AutoRun
O33 - MountPoints2\H\Shell\AutoRun\command - "" = H:\cdstart.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.26 01:00:57 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Mineor\Desktop\OTL.exe
[2012.09.25 23:44:31 | 000,000,000 | ---D | C] -- C:\ProgramData\ateisktyhgbvliw
[2012.09.25 10:40:03 | 000,000,000 | ---D | C] -- C:\Users\Mineor\AppData\Local\DOSBox
[2012.09.24 23:20:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
[2012.09.06 16:42:52 | 000,000,000 | ---D | C] -- C:\Users\Mineor\Documents\IAmAlive
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.09.26 01:00:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Mineor\Desktop\OTL.exe
[2012.09.26 00:50:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.26 00:46:20 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.26 00:46:20 | 000,003,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.26 00:07:32 | 000,000,906 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.25 23:44:30 | 000,076,346 | ---- | M] () -- C:\ProgramData\hjabjdlnztwiqna
[2012.09.25 23:44:24 | 000,088,064 | ---- | M] () -- C:\ProgramData\fekoklhq.exe
[2012.09.25 10:39:57 | 000,000,024 | ---- | M] () -- C:\Windows\.conf
[2012.09.24 23:20:41 | 000,000,564 | ---- | M] () -- C:\Users\Public\Desktop\World of Warplanes.lnk
[2012.09.24 11:43:23 | 000,162,816 | ---- | M] () -- C:\Users\Mineor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.21 21:39:08 | 000,731,246 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.21 21:39:08 | 000,681,400 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.21 21:39:08 | 000,164,970 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.21 21:39:08 | 000,135,734 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.09.06 16:41:59 | 000,000,702 | ---- | M] () -- C:\Users\Mineor\Desktop\IAmAlive_game - Verknüpfung.lnk
[2012.09.02 18:31:44 | 000,002,175 | ---- | M] () -- C:\Users\Mineor\Desktop\WOT Statistics.lnk
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[5 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.09.26 00:07:32 | 000,000,906 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.25 23:44:29 | 000,088,064 | ---- | C] () -- C:\ProgramData\fekoklhq.exe
[2012.09.25 23:44:25 | 000,076,346 | ---- | C] () -- C:\ProgramData\hjabjdlnztwiqna
[2012.09.25 10:39:56 | 000,000,024 | ---- | C] () -- C:\Windows\.conf
[2012.09.24 23:20:41 | 000,000,564 | ---- | C] () -- C:\Users\Public\Desktop\World of Warplanes.lnk
[2012.09.06 16:41:59 | 000,000,702 | ---- | C] () -- C:\Users\Mineor\Desktop\IAmAlive_game - Verknüpfung.lnk
[2012.03.15 11:14:28 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2012.02.23 21:16:22 | 001,236,992 | ---- | C] () -- C:\Windows\System32\spk.dll
[2011.10.06 22:30:48 | 000,056,832 | ---- | C] () -- C:\Windows\System32\OpenVideo.dll
[2011.08.22 16:22:17 | 002,469,248 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2011.08.22 16:22:17 | 000,086,408 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2011.08.22 16:22:17 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2011.08.22 16:22:17 | 000,014,216 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2011.08.22 16:22:17 | 000,008,456 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2011.07.23 20:41:26 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe
[2011.07.23 20:41:26 | 000,001,320 | ---- | C] () -- C:\Windows\unins000.dat
[2011.07.13 22:07:54 | 000,022,252 | ---- | C] () -- C:\Users\Mineor\ESt2010_Harms_Arne_und_Harms_Stefanie.elfo
[2011.06.03 21:40:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.25 04:24:16 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\System32\OVDecode.dll
[2011.04.20 18:30:06 | 000,233,765 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2011.03.17 19:51:44 | 000,003,929 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011.01.08 22:04:36 | 000,027,648 | ---- | C] () -- C:\Windows\System32\AVSredirect.dll
[2010.10.05 01:59:32 | 000,005,632 | ---- | C] () -- C:\Windows\System32\StarOpen.sys
[2009.12.02 13:33:06 | 000,000,760 | ---- | C] () -- C:\Users\Mineor\AppData\Roaming\setup_ldm.iss
[2008.12.19 00:22:20 | 000,000,442 | ---- | C] () -- C:\Users\Mineor\AppData\Roaming\mdbu.bin
[2008.06.17 16:26:32 | 000,000,020 | ---- | C] () -- C:\Users\Mineor\AppData\Roaming\AVSDVDPlayer.m3u
[2008.06.01 23:55:48 | 007,118,848 | ---- | C] () -- C:\ProgramData\sandra.mda
[2007.12.19 13:59:38 | 000,000,094 | ---- | C] () -- C:\Users\Mineor\AppData\Local\fusioncache.dat
[2007.12.15 22:33:46 | 000,000,010 | ---- | C] () -- C:\Users\Mineor\ho.dir
[2007.12.15 22:31:23 | 000,000,305 | ---- | C] () -- C:\ProgramData\addr_file.html
[2007.12.15 21:57:07 | 000,162,816 | ---- | C] () -- C:\Users\Mineor\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007.12.15 21:13:45 | 000,139,152 | ---- | C] () -- C:\Users\Mineor\AppData\Roaming\PnkBstrK.sys
[2007.12.15 18:44:38 | 000,001,356 | ---- | C] () -- C:\Users\Mineor\AppData\Local\d3d9caps.dat
[2005.04.08 04:16:43 | 000,092,573 | -H-- | C] () -- C:\Users\Mineor\AppData\Roaming\Mineorlog.dat
========== ZeroAccess Check ==========
[2006.11.02 14:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 00:28:20 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 00:28:26 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.10.28 23:29:51 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\4113C8D3B5AFC42F58618C8B41F8027C
[2008.12.01 12:11:58 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Acreon
[2009.11.19 17:17:09 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Advanced Chemistry Development
[2011.10.15 08:53:17 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Ashampoo
[2012.01.23 09:41:24 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Auslogics
[2010.11.26 21:00:25 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\calibre
[2012.07.11 18:02:02 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Canneverbe Limited
[2011.08.12 16:48:25 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Code Force Limited
[2008.02.28 13:31:03 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\CommunicaEtor
[2010.03.02 21:00:30 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Der Planer 4
[2010.10.28 15:19:51 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\DisplayTune
[2011.10.22 09:27:17 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Dropbox
[2012.07.26 19:57:14 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\DVDVideoSoft
[2011.10.20 21:54:25 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.12.24 18:10:13 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Echidna LLC
[2012.07.20 11:01:30 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\EoN
[2009.06.21 14:30:58 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\FFSJ
[2010.04.21 22:45:37 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\FileZilla
[2012.06.21 15:43:18 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\FLAC to MP3 Converter
[2012.06.02 16:07:11 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\fotw
[2012.03.27 15:12:40 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Foxit Software
[2012.07.12 17:55:11 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Free Download Manager
[2010.08.30 10:29:02 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\FreeOrion
[2011.07.03 00:03:40 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\GetRightToGo
[2008.06.27 20:16:16 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\GoPal Assistant
[2011.09.04 13:39:56 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\GrabIt
[2012.06.13 07:31:40 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\ICQ
[2010.07.16 12:31:11 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Imperium Romanum
[2012.06.02 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Kalypso Media
[2009.12.02 13:33:10 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Leadertech
[2011.01.08 00:44:30 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\ML
[2008.06.17 16:32:29 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\MPEG Streamclip
[2010.02.28 14:26:37 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\MudTV
[2009.10.25 18:21:01 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\NationRed
[2008.03.08 13:56:52 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Newsbin
[2009.10.08 16:45:29 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\OpenOffice.org
[2010.09.01 08:46:02 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\ProtectDISC
[2009.01.25 19:47:21 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Silver Style Entertainment
[2012.06.14 13:10:39 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\six-updater
[2012.06.14 13:10:20 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\six-zsync
[2012.06.02 11:43:28 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\SKD
[2008.02.24 20:11:01 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Soldat
[2010.05.14 12:14:17 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Sony
[2010.05.14 12:06:11 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Sony Setup
[2008.10.20 12:27:30 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Stardock
[2009.07.10 14:08:23 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\streamripper
[2012.04.03 19:33:42 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\The Creative Assembly
[2009.02.08 12:36:38 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Tobit
[2012.01.26 08:47:11 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\TS3Client
[2011.09.28 08:48:33 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\ts3overlay
[2007.12.19 14:48:50 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Turbine
[2012.07.18 07:57:41 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Unity
[2011.09.06 23:24:16 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\Unzbin
[2012.09.24 23:21:47 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\wargaming.net
[2012.08.11 12:00:55 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\WOT Statistics
[2012.04.29 09:36:43 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\XMedia Recode
[2011.08.12 21:25:35 | 000,000,000 | ---D | M] -- C:\Users\Mineor\AppData\Roaming\ZombieDriver
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:05EE1EEF
< End of report >
komisch finde ich , das nix gefunden wird bei einem erneuten Scan von Malwarebytes.. ?!
Gruß
Mineor |