Heimdal82 | 12.11.2012 18:29 | Was meinst du mit Resten?
Okay, beides durchlaufen lassen
Hier die Logfile vom Fix Code:
All processes killed
========== FILES ==========
C:\ProgramData\lovjsdlcndbzehj folder moved successfully.
File\Folder C:\Users\All Users\lovjsdlcndbzehj not found.
C:\Users\Master of Desaster\Downloads\SoftonicDownloader_fuer_corel-videostudio-pro-x4.exe moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Master of Desaster
->Temp folder emptied: 247441 bytes
->Temporary Internet Files folder emptied: 576050 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 136488702 bytes
->Opera cache emptied: 19362981 bytes
->Flash cache emptied: 9924 bytes
User: Public
->Temp folder emptied: 0 bytes
User: UpdatusUser
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 2941001 bytes
Total Files Cleaned = 152.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 11122012_181241
Files\Folders moved on Reboot...
PendingFileRenameOperations files...
Registry entries deleted on Reboot... Und die andere OTL-Logfile
OTL Logfile: Code:
OTL logfile created on: 12/11/2012 18:19:20 - Run 9
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Master of Desaster\Desktop\TR ATRAPS.Gen
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: Großbritannien | Language: ENG | Date Format: dd/MM/yyyy
3.00 Gb Total Physical Memory | 2.04 Gb Available Physical Memory | 68.15% Memory free
6.22 Gb Paging File | 5.27 Gb Available in Paging File | 84.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 97.66 Gb Total Space | 34.12 Gb Free Space | 34.94% Space Free | Partition Type: NTFS
Drive D: | 368.10 Gb Total Space | 46.14 Gb Free Space | 12.53% Space Free | Partition Type: NTFS
Drive E: | 3.84 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive F: | 7.11 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
Drive L: | 465.65 Gb Total Space | 151.20 Gb Free Space | 32.47% Space Free | Partition Type: FAT32
Computer Name: HORT-DES-CHAOS | User Name: Master of Desaster | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012/11/09 08:04:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Master of Desaster\Desktop\TR ATRAPS.Gen\OTL.exe
PRC - [2012/11/09 07:33:44 | 003,084,176 | ---- | M] (Emsisoft GmbH) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe
PRC - [2012/10/20 07:25:15 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- D:\Programme\SASCORE.EXE
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- d:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/09/28 09:25:56 | 000,586,904 | ---- | M] (PandoraTV) -- C:\Programme\PANDORA.TV\PanService\PanProcess.exe
PRC - [2012/09/28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) -- C:\Programme\PANDORA.TV\PanService\PandoraService.exe
PRC - [2012/08/12 19:36:52 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/06/03 22:19:12 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- D:\Programme\Update\realsched.exe
PRC - [2012/05/09 14:20:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012/05/09 14:20:35 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012/05/09 14:20:35 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- D:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012/02/29 21:58:46 | 000,857,408 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\NvXDSync.exe
PRC - [2012/02/29 21:58:36 | 001,820,480 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvtray.exe
PRC - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
PRC - [2009/08/18 11:29:22 | 000,183,152 | ---- | M] (Microsoft Corporation) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/01/26 14:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- D:\Programme\Spybot - Search & Destroy\SDWinSec.exe
PRC - [2008/01/21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe
PRC - [2008/01/21 03:25:33 | 000,202,240 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnscfg.exe
PRC - [2007/05/31 15:21:28 | 000,648,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\WindowsMobile\wmdcBase.exe
PRC - [2007/03/06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) -- C:\Programme\Common Files\InterVideo\DeviceService\DevSvc.exe
========== Modules (No Company Name) ==========
========== Services (SafeList) ==========
SRV - File not found [Auto | Running] -- D:\Programme\Spybot -- (SBSDWSCService)
SRV - File not found [On_Demand | Stopped] -- C:\Program Files\NOS\bin\getPlus_Helper_3004.dll -- (nosGetPlusHelper)
SRV - [2012/11/09 07:33:44 | 003,084,176 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Programme\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012/10/27 16:29:21 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/20 07:25:15 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\Programme\SASCORE.EXE -- (!SASCORE)
SRV - [2012/10/09 07:35:13 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- d:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- d:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/28 09:25:54 | 000,625,304 | ---- | M] (Pandora.TV) [Auto | Running] -- C:\Programme\PANDORA.TV\PanService\PandoraService.exe -- (PanService)
SRV - [2012/07/27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/05/09 14:20:36 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012/05/09 14:20:35 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- D:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012/03/01 00:59:00 | 002,348,352 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/02/29 13:26:46 | 000,382,272 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2010/09/30 19:34:21 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2009/08/18 11:29:22 | 001,529,728 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2008/01/21 03:25:33 | 000,896,512 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
SRV - [2008/01/21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 15:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 15:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
SRV - [2007/03/06 09:35:02 | 000,198,168 | ---- | M] (InterVideo Inc.) [Auto | Running] -- C:\Programme\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service)
SRV - [2005/11/17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- d:\Program Files\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2003/07/28 11:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\vsdatant.win7.sys -- (vsdatant7)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | Auto | Stopped] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\MASTER~1\AppData\Local\Temp\gUSBSTOi.sys -- (gUSBSTOi)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\MASTER~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/07/03 15:25:14 | 000,054,072 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Stopped] -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys -- (a2acc)
DRV - [2012/05/09 14:20:36 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012/05/09 14:20:36 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012/03/01 00:59:00 | 010,819,392 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2011/12/15 15:00:00 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programme\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\Programme\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/05/19 13:10:34 | 000,017,904 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys -- (A2DDA)
DRV - [2011/02/09 15:44:55 | 000,075,264 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\SSHDRV79.sys -- (SSHDRV79)
DRV - [2010/11/16 09:22:21 | 000,281,760 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\atksgt.sys -- (atksgt)
DRV - [2010/11/16 09:22:09 | 000,025,888 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\lirsgt.sys -- (lirsgt)
DRV - [2010/06/17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/02/24 11:22:10 | 000,185,472 | ---- | M] (Protect Software GmbH) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\acedrv11.sys -- (acedrv11)
DRV - [2009/04/11 05:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (winusb)
DRV - [2009/02/03 16:45:07 | 000,059,520 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfsync04.sys -- (sfsync04)
DRV - [2009/02/03 16:36:58 | 000,059,000 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfdrv01.sys -- (sfdrv01)
DRV - [2008/01/21 03:23:25 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/11/21 10:35:06 | 000,569,344 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr28u.sys -- (netr28u)
DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2007/04/03 09:43:28 | 001,131,136 | ---- | M] (Philips Semiconductors GmbH) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Ph3xIB32.sys -- (Ph3xIB32)
DRV - [2007/02/08 18:44:43 | 000,083,320 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfvfs02.sys -- (sfvfs02)
DRV - [2006/11/30 14:18:18 | 000,027,416 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\x10ufx2.sys -- (XUIF)
DRV - [2006/06/14 15:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Master of Desaster\Desktop\Malle
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.web.de/
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 58 AA B0 CB 3D A9 CC 01 [binary data]
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultthis.engineName: ""
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://web.de/"
FF - prefs.js..extensions.enabledAddons: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - prefs.js..extensions.enabledAddons: firefox@ghostery.com:2.8.3
FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120926
FF - prefs.js..extensions.enabledAddons: toolbar@web.de:2.3.3
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.7
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}:6.0.25
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}:6.0.29
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: d:\Programme\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: d:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: D:\Program Files\Java\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: d:\programme\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.4.53: d:\programme\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: d:\programme\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/07/02 15:32:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: D:\Program Files\Mozilla Firefox\components [2012/10/27 16:29:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: D:\Program Files\Mozilla Firefox\plugins [2012/10/27 16:29:17 | 000,000,000 | ---D | M]
[2011/03/07 07:11:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\Extensions
[2012/10/23 07:08:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\Firefox\Profiles\74ro8g6q.default\extensions
[2011/04/19 16:55:07 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\Firefox\Profiles\74ro8g6q.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2012/10/03 17:36:36 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\Firefox\Profiles\74ro8g6q.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2012/09/26 09:20:49 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\Firefox\Profiles\74ro8g6q.default\extensions\firefox@ghostery.com
[2012/09/16 22:14:42 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\Firefox\Profiles\74ro8g6q.default\extensions\ich@maltegoetz.de
[2012/07/05 17:22:01 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\extensions\elemhidehelper@adblockplus.org.xpi
[2012/10/10 20:50:24 | 000,565,762 | ---- | M] () (No name found) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\extensions\toolbar@web.de.xpi
[2012/04/26 08:13:59 | 000,097,169 | ---- | M] () (No name found) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}.xpi
[2012/07/26 16:38:08 | 000,741,958 | ---- | M] () (No name found) -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012/10/10 20:50:27 | 000,002,273 | ---- | M] () -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\searchplugins\englische-ergebnisse.xml
[2012/10/10 20:50:27 | 000,010,563 | ---- | M] () -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\searchplugins\gmx-suche.xml
[2012/10/10 20:50:27 | 000,002,432 | ---- | M] () -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\searchplugins\lastminute.xml
[2012/10/10 20:50:27 | 000,005,545 | ---- | M] () -- C:\Users\Master of Desaster\AppData\Roaming\mozilla\firefox\profiles\74ro8g6q.default\searchplugins\webde-suche.xml
O1 HOSTS File: ([2012/11/11 12:33:58 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll File not found
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Programme\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] D:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [TkBellExe] D:\Programme\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdcBase.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1800057530-444976485-2819642141-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1800057530-444976485-2819642141-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An vorhandenes PDF anfügen - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: In Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - D:\Programme\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://d:\Programme\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html File not found
O9 - Extra Button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programme\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {B60CEFE7-2DD0-4B78-951A-509D951DB1F0} hxxp://www.smartphoto.de/ExtraFilmUploader6.cab (ExtraFilm Uploader Control)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8429BA10-518A-4778-AC94-966DB9F88E55}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Programme\Common Files\microsoft shared\Web Components\10\OWC10.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (D:\Programme\SASWINLO.DLL) - D:\Programme\SASWINLO.DLL (SUPERAntiSpyware.com)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img35.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - D:\Programme\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/07/23 06:55:00 | 000,206,152 | R--- | M] () - E:\AutoStarter.exe -- [ CDFS ]
O32 - AutoRun File - [2010/05/26 09:53:00 | 000,002,237 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O32 - AutoRun File - [2010/07/23 06:55:16 | 000,000,000 | ---D | M] - E:\autostarter -- [ CDFS ]
O32 - AutoRun File - [2006/01/11 06:29:34 | 000,000,041 | R--- | M] () - F:\Autorun.inf -- [ UDF ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2012/11/12 18:12:41 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/11/11 14:43:36 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012/11/11 12:35:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/11/11 12:35:32 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\AppData\Local\temp
[2012/11/11 12:26:23 | 000,000,000 | ---D | C] -- C:\ComboFix
[2012/11/11 12:22:45 | 004,998,937 | R--- | C] (Swearware) -- C:\Users\Master of Desaster\Desktop\ComboFix.exe
[2012/11/10 18:38:58 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/11/10 09:30:58 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Desktop\zeugs
[2012/11/10 09:30:51 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Desktop\Stick
[2012/11/10 09:30:24 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Desktop\Auswertung
[2012/11/10 07:48:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PANDORATV
[2012/11/10 07:48:19 | 000,000,000 | ---D | C] -- C:\Program Files\PANDORA.TV
[2012/11/10 07:48:14 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
[2012/11/09 11:43:43 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\AppData\Local\SAS
[2012/11/09 11:42:31 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2012/11/09 11:41:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JMP 10
[2012/11/09 06:57:45 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Desktop\TR ATRAPS.Gen
[2012/11/06 11:32:13 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Desktop\für Statistik
[2012/10/30 23:45:38 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Documents\Shiner
[2012/10/30 10:05:35 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\AppData\Local\Audible
[2012/10/25 07:41:12 | 000,255,352 | ---- | C] (Audible, Inc.) -- C:\Windows\System32\awrdscdc.ax
[2012/10/25 07:41:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudibleManager
[2012/10/25 07:39:41 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Audible
[2012/10/25 07:39:41 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Documents\Audible
[2012/10/25 07:38:42 | 001,730,272 | ---- | C] (Audible Inc.) -- C:\Users\Master of Desaster\Desktop\ActiveSetupN.exe
[2012/10/24 18:24:14 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Desktop\Grünes Band
[2012/10/15 10:26:10 | 000,000,000 | ---D | C] -- C:\Users\Master of Desaster\Desktop\MALLES ZEUG
========== Files - Modified Within 30 Days ==========
[2012/11/12 18:20:53 | 000,632,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012/11/12 18:20:53 | 000,598,978 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/11/12 18:20:53 | 000,127,542 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012/11/12 18:20:53 | 000,104,992 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/11/12 18:15:16 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/11/12 18:15:16 | 000,003,712 | ---- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/11/12 18:15:16 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/11/12 18:14:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/11/12 17:48:02 | 000,001,122 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/11/12 17:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/11/12 10:53:37 | 000,004,096 | ---- | M] () -- C:\Users\Master of Desaster\AppData\Local\keyfile3.drm
[2012/11/12 07:48:03 | 000,881,833 | ---- | M] () -- C:\Users\Master of Desaster\Desktop\SecurityCheck.exe
[2012/11/11 12:33:58 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2012/11/11 12:23:41 | 004,998,937 | R--- | M] (Swearware) -- C:\Users\Master of Desaster\Desktop\ComboFix.exe
[2012/11/10 07:48:14 | 000,000,671 | ---- | M] () -- C:\Users\Master of Desaster\Desktop\KMPlayer.lnk
[2012/11/10 07:45:56 | 025,499,208 | ---- | M] () -- C:\Users\Master of Desaster\Desktop\KMPlayer_3.4.0.59_00_20121108085356.exe
[2012/11/10 07:40:55 | 000,000,064 | ---- | M] () -- C:\Users\Master of Desaster\Documents\PDVD_MediaDisc.PlayList
[2012/11/09 11:41:30 | 000,000,627 | ---- | M] () -- C:\Users\Public\Desktop\JMP 10.lnk
[2012/11/08 22:14:18 | 535,785,472 | ---- | M] () -- C:\Users\Master of Desaster\Desktop\JMP10Trial.exe
[2012/11/08 19:11:38 | 000,005,572 | ---- | M] () -- C:\Users\Master of Desaster\Documents\.RData
[2012/11/08 19:11:38 | 000,001,153 | ---- | M] () -- C:\Users\Master of Desaster\Documents\.Rhistory
[2012/10/30 17:58:23 | 000,000,216 | ---- | M] () -- C:\Users\Master of Desaster\Desktop\Orcs Must Die! 2.url
[2012/10/25 07:41:17 | 000,000,773 | ---- | M] () -- C:\Users\Master of Desaster\Desktop\Audible Manager.lnk
[2012/10/25 07:41:12 | 000,255,352 | ---- | M] (Audible, Inc.) -- C:\Windows\System32\awrdscdc.ax
[2012/10/25 07:38:50 | 001,730,272 | ---- | M] (Audible Inc.) -- C:\Users\Master of Desaster\Desktop\ActiveSetupN.exe
[2012/10/24 07:23:39 | 000,285,824 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012/10/19 12:39:04 | 000,004,096 | ---- | M] () -- C:\Users\Public\Documents\000015B3.LCS
========== Files Created - No Company Name ==========
[2012/11/12 07:47:55 | 000,881,833 | ---- | C] () -- C:\Users\Master of Desaster\Desktop\SecurityCheck.exe
[2012/11/10 07:48:14 | 000,000,671 | ---- | C] () -- C:\Users\Master of Desaster\Desktop\KMPlayer.lnk
[2012/11/10 07:43:35 | 025,499,208 | ---- | C] () -- C:\Users\Master of Desaster\Desktop\KMPlayer_3.4.0.59_00_20121108085356.exe
[2012/11/09 11:41:30 | 000,000,627 | ---- | C] () -- C:\Users\Public\Desktop\JMP 10.lnk
[2012/11/08 19:41:38 | 535,785,472 | ---- | C] () -- C:\Users\Master of Desaster\Desktop\JMP10Trial.exe
[2012/11/08 19:11:38 | 000,005,572 | ---- | C] () -- C:\Users\Master of Desaster\Documents\.RData
[2012/11/08 19:11:38 | 000,001,153 | ---- | C] () -- C:\Users\Master of Desaster\Documents\.Rhistory
[2012/10/30 17:58:23 | 000,000,216 | ---- | C] () -- C:\Users\Master of Desaster\Desktop\Orcs Must Die! 2.url
[2012/10/25 07:41:17 | 000,000,773 | ---- | C] () -- C:\Users\Master of Desaster\Desktop\Audible Manager.lnk
[2012/02/29 13:26:56 | 000,416,064 | ---- | C] () -- C:\Windows\System32\nvStreaming.exe
[2012/01/18 21:05:41 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/01/18 21:05:41 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/01/18 21:05:41 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/01/18 21:05:41 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/01/18 21:05:41 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011/11/21 21:52:25 | 000,000,000 | ---- | C] () -- C:\Users\Master of Desaster\defogger_reenable
[2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/09/25 17:16:12 | 000,073,424 | ---- | C] () -- C:\Windows\War3Unin.dat
[2011/08/15 10:31:11 | 000,017,408 | ---- | C] () -- C:\Users\Master of Desaster\AppData\Local\WebpageIcons.db
[2011/05/04 15:01:23 | 000,004,096 | ---- | C] () -- C:\Users\Master of Desaster\AppData\Local\keyfile3.drm
[2011/04/07 09:26:53 | 000,000,023 | ---- | C] () -- C:\Windows\BlendSettings.ini
[2011/04/03 11:18:54 | 000,000,081 | ---- | C] () -- C:\Users\Master of Desaster\AppData\Roaming\clipcatcher.ini
[2011/04/01 11:37:15 | 000,120,200 | ---- | C] () -- C:\Windows\System32\DLLDEV32i.dll
[2011/04/01 11:36:02 | 000,006,768 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2011/03/07 07:11:36 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2011/02/09 15:44:55 | 000,075,264 | ---- | C] () -- C:\Windows\System32\drivers\SSHDRV79.sys
[2011/01/24 20:12:00 | 000,000,032 | ---- | C] () -- C:\Windows\Menu.INI
[2010/11/16 09:22:10 | 000,281,760 | ---- | C] () -- C:\Windows\System32\drivers\atksgt.sys
[2010/11/16 09:22:09 | 000,025,888 | ---- | C] () -- C:\Windows\System32\drivers\lirsgt.sys
[2010/10/01 08:07:42 | 000,166,912 | ---- | C] () -- C:\Users\Master of Desaster\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/30 20:53:03 | 000,001,024 | ---- | C] () -- C:\Users\Master of Desaster\.rnd
[2010/09/30 16:20:37 | 000,000,680 | ---- | C] () -- C:\Users\Master of Desaster\AppData\Local\d3d9caps.dat
========== ZeroAccess Check ==========
[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== Custom Scans ==========
< C:\ProgramData\*. >
[2012/09/14 10:08:27 | 000,000,000 | ---D | M] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/07 08:14:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Adobe
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Anwendungsdaten
[2011/10/21 14:29:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple
[2010/10/01 06:58:55 | 000,000,000 | ---D | M] -- C:\ProgramData\Apple Computer
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Application Data
[2012/01/24 17:24:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Avira
[2012/05/25 19:45:26 | 000,000,000 | ---D | M] -- C:\ProgramData\Battle.net
[2011/11/15 20:40:02 | 000,000,000 | ---D | M] -- C:\ProgramData\Canneverbe Limited
[2010/09/30 16:41:51 | 000,000,000 | ---D | M] -- C:\ProgramData\CanonBJ
[2010/09/30 18:41:21 | 000,000,000 | ---D | M] -- C:\ProgramData\CheckPoint
[2010/09/30 19:11:16 | 000,000,000 | ---D | M] -- C:\ProgramData\CyberLink
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Desktop
[2010/09/30 21:10:18 | 000,000,000 | ---D | M] -- C:\ProgramData\DivX
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Documents
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Dokumente
[2011/11/28 12:31:30 | 000,000,000 | -HSD | M] -- C:\ProgramData\DSS
[2012/09/26 12:48:36 | 000,000,000 | ---D | M] -- C:\ProgramData\eSellerate
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favoriten
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Favorites
[2010/09/30 19:34:24 | 000,000,000 | ---D | M] -- C:\ProgramData\FLEXnet
[2011/12/08 20:49:30 | 000,000,000 | ---D | M] -- C:\ProgramData\Freemake
[2012/09/04 18:31:28 | 000,000,000 | ---D | M] -- C:\ProgramData\Google
[2011/12/16 10:33:08 | 000,000,000 | ---D | M] -- C:\ProgramData\hps
[2010/09/30 16:23:05 | 000,000,000 | ---D | M] -- C:\ProgramData\InstallShield
[2012/07/02 16:37:23 | 000,000,000 | ---D | M] -- C:\ProgramData\Kaspersky Lab
[2011/04/01 11:40:30 | 000,000,000 | ---D | M] -- C:\ProgramData\MAGIX
[2011/11/22 10:28:33 | 000,000,000 | ---D | M] -- C:\ProgramData\Malwarebytes
[2011/11/28 11:52:01 | 000,000,000 | --SD | M] -- C:\ProgramData\Microsoft
[2012/04/26 08:02:52 | 000,000,000 | ---D | M] -- C:\ProgramData\Mozilla
[2010/09/30 20:51:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Nero
[2011/02/17 11:47:05 | 000,000,000 | ---D | M] -- C:\ProgramData\NOS
[2012/11/12 18:15:12 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA
[2011/06/07 13:12:19 | 000,000,000 | ---D | M] -- C:\ProgramData\NVIDIA Corporation
[2011/02/19 12:14:18 | 000,000,000 | ---D | M] -- C:\ProgramData\PC Drivers HeadQuarters
[2012/09/24 18:36:47 | 000,000,000 | ---D | M] -- C:\ProgramData\Pendulo Studios
[2011/05/05 21:52:18 | 000,000,000 | ---D | M] -- C:\ProgramData\PopCap Games
[2012/09/26 12:51:38 | 000,000,000 | ---D | M] -- C:\ProgramData\Protexis
[2010/12/06 08:44:09 | 000,000,000 | ---D | M] -- C:\ProgramData\Real
[2012/09/26 12:48:42 | 000,000,000 | ---D | M] -- C:\ProgramData\SmartSound Software Inc
[2012/07/09 06:45:22 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\ProgramData\Start Menu
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Startmenü
[2011/05/05 21:33:46 | 000,000,000 | ---D | M] -- C:\ProgramData\Steam
[2011/01/31 20:43:05 | 000,000,000 | ---D | M] -- C:\ProgramData\Sun
[2012/01/19 23:16:49 | 000,000,000 | ---D | M] -- C:\ProgramData\SUPERAntiSpyware.com
[2011/07/04 19:58:41 | 000,000,000 | ---D | M] -- C:\ProgramData\Tages
[2006/11/02 14:02:04 | 000,000,000 | -HSD | M] -- C:\ProgramData\Templates
[2012/08/28 14:33:53 | 000,000,000 | ---D | M] -- C:\ProgramData\Thomson.ResearchSoft.Installers
[2012/08/05 21:20:30 | 000,000,000 | ---D | M] -- C:\ProgramData\tmp
[2011/03/06 19:49:42 | 000,000,000 | ---D | M] -- C:\ProgramData\Ubisoft
[2012/09/26 08:51:16 | 000,000,000 | ---D | M] -- C:\ProgramData\Ulead Systems
[2010/09/30 19:58:58 | 000,000,000 | ---D | M] -- C:\ProgramData\VistaCodecs
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\ProgramData\Vorlagen
[2011/02/19 12:09:14 | 000,000,000 | ---D | M] -- C:\ProgramData\WinZip
[2010/10/01 06:59:15 | 000,000,000 | ---D | M] -- C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
< C:\Users\All Users\*. >
[2012/09/14 10:08:27 | 000,000,000 | ---D | M] -- C:\Users\All Users\188F1432-103A-4ffb-80F1-36B633C5C9E1
[2012/09/07 08:14:22 | 000,000,000 | ---D | M] -- C:\Users\All Users\Adobe
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Anwendungsdaten
[2011/10/21 14:29:02 | 000,000,000 | ---D | M] -- C:\Users\All Users\Apple
[2010/10/01 06:58:55 | 000,000,000 | ---D | M] -- C:\Users\All Users\Apple Computer
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Application Data
[2012/01/24 17:24:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\Avira
[2012/05/25 19:45:26 | 000,000,000 | ---D | M] -- C:\Users\All Users\Battle.net
[2011/11/15 20:40:02 | 000,000,000 | ---D | M] -- C:\Users\All Users\Canneverbe Limited
[2010/09/30 16:41:51 | 000,000,000 | ---D | M] -- C:\Users\All Users\CanonBJ
[2010/09/30 18:41:21 | 000,000,000 | ---D | M] -- C:\Users\All Users\CheckPoint
[2010/09/30 19:11:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\CyberLink
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Desktop
[2010/09/30 21:10:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\DivX
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Documents
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Dokumente
[2011/11/28 12:31:30 | 000,000,000 | -HSD | M] -- C:\Users\All Users\DSS
[2012/09/26 12:48:36 | 000,000,000 | ---D | M] -- C:\Users\All Users\eSellerate
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favoriten
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Favorites
[2010/09/30 19:34:24 | 000,000,000 | ---D | M] -- C:\Users\All Users\FLEXnet
[2011/12/08 20:49:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\Freemake
[2012/09/04 18:31:28 | 000,000,000 | ---D | M] -- C:\Users\All Users\Google
[2011/12/16 10:33:08 | 000,000,000 | ---D | M] -- C:\Users\All Users\hps
[2010/09/30 16:23:05 | 000,000,000 | ---D | M] -- C:\Users\All Users\InstallShield
[2012/07/02 16:37:23 | 000,000,000 | ---D | M] -- C:\Users\All Users\Kaspersky Lab
[2011/04/01 11:40:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\MAGIX
[2011/11/22 10:28:33 | 000,000,000 | ---D | M] -- C:\Users\All Users\Malwarebytes
[2011/11/28 11:52:01 | 000,000,000 | --SD | M] -- C:\Users\All Users\Microsoft
[2012/04/26 08:02:52 | 000,000,000 | ---D | M] -- C:\Users\All Users\Mozilla
[2010/09/30 20:51:22 | 000,000,000 | ---D | M] -- C:\Users\All Users\Nero
[2011/02/17 11:47:05 | 000,000,000 | ---D | M] -- C:\Users\All Users\NOS
[2012/11/12 18:15:12 | 000,000,000 | ---D | M] -- C:\Users\All Users\NVIDIA
[2011/06/07 13:12:19 | 000,000,000 | ---D | M] -- C:\Users\All Users\NVIDIA Corporation
[2011/02/19 12:14:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\PC Drivers HeadQuarters
[2012/09/24 18:36:47 | 000,000,000 | ---D | M] -- C:\Users\All Users\Pendulo Studios
[2011/05/05 21:52:18 | 000,000,000 | ---D | M] -- C:\Users\All Users\PopCap Games
[2012/09/26 12:51:38 | 000,000,000 | ---D | M] -- C:\Users\All Users\Protexis
[2010/12/06 08:44:09 | 000,000,000 | ---D | M] -- C:\Users\All Users\Real
[2012/09/26 12:48:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\SmartSound Software Inc
[2012/07/09 06:45:22 | 000,000,000 | ---D | M] -- C:\Users\All Users\Spybot - Search & Destroy
[2006/11/02 14:02:03 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Start Menu
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Startmenü
[2011/05/05 21:33:46 | 000,000,000 | ---D | M] -- C:\Users\All Users\Steam
[2011/01/31 20:43:05 | 000,000,000 | ---D | M] -- C:\Users\All Users\Sun
[2012/01/19 23:16:49 | 000,000,000 | ---D | M] -- C:\Users\All Users\SUPERAntiSpyware.com
[2011/07/04 19:58:41 | 000,000,000 | ---D | M] -- C:\Users\All Users\Tages
[2006/11/02 14:02:04 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Templates
[2012/08/28 14:33:53 | 000,000,000 | ---D | M] -- C:\Users\All Users\Thomson.ResearchSoft.Installers
[2012/08/05 21:20:30 | 000,000,000 | ---D | M] -- C:\Users\All Users\tmp
[2011/03/06 19:49:42 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ubisoft
[2012/09/26 08:51:16 | 000,000,000 | ---D | M] -- C:\Users\All Users\Ulead Systems
[2010/09/30 19:58:58 | 000,000,000 | ---D | M] -- C:\Users\All Users\VistaCodecs
[2010/09/30 16:18:44 | 000,000,000 | -HSD | M] -- C:\Users\All Users\Vorlagen
[2011/02/19 12:09:14 | 000,000,000 | ---D | M] -- C:\Users\All Users\WinZip
[2010/10/01 06:59:15 | 000,000,000 | ---D | M] -- C:\Users\All Users\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
< c:\users\Master of Desaster\*. >
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Anwendungsdaten
[2010/09/30 16:20:49 | 000,000,000 | ---D | M] -- c:\users\Master of Desaster\AppData
[2010/10/01 09:01:11 | 000,000,000 | ---D | M] -- c:\users\Master of Desaster\Application Data
[2010/09/30 16:20:40 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Contacts
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Cookies
[2012/11/12 18:15:41 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Desktop
[2012/11/08 19:11:38 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Documents
[2012/11/12 18:12:42 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Downloads
[2012/05/16 07:22:27 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Dropbox
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Druckumgebung
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Eigene Dateien
[2012/01/31 08:50:32 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Favorites
[2011/05/04 17:46:46 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Links
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Lokale Einstellungen
[2012/10/30 19:07:27 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Music
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Netzwerkumgebung
[2012/08/08 19:32:51 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Pictures
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Recent
[2011/12/14 22:44:35 | 000,000,000 | ---D | M] -- c:\users\Master of Desaster\restore
[2012/03/14 12:01:54 | 000,000,000 | ---D | M] -- c:\users\Master of Desaster\ris
[2010/11/16 09:25:24 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Saved Games
[2010/09/30 16:20:49 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Searches
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\SendTo
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Startmenü
[2012/02/05 11:04:02 | 000,000,000 | R--D | M] -- c:\users\Master of Desaster\Videos
[2010/09/30 16:20:37 | 000,000,000 | -HSD | M] -- c:\users\Master of Desaster\Vorlagen
< End of report > --- --- ---
[/code]
Liebe Grüße
Holger |