koala_89 | 08.01.2013 19:17 | hallo
also hier ist jetzt das logfile von malwarebites und auch nocheinmal die anderen logfiles, so gepostet wie in der anleitung beschrieben.
es tut mir leid, dass ich das falsch gemacht hab, aber irgendwo ist gestanden, dass man das so machen soll. Code:
Malwarebytes Anti-Malware (Test) 1.65.1.1000
www.malwarebytes.org
Datenbank Version: v2012.12.19.06
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Barbara neu :: BARBARA-PC [Administrator]
Schutz: Aktiviert
19.12.2012 18:22:13
mbam-log-2012-12-19 (18-22-13).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 222756
Laufzeit: 8 Minute(n), 51 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 1
C:\Program Files\RelevantKnowledge (PUP.Spyware.MarketScore) -> Erfolgreich gelöscht und in Quarantäne gestellt.
Infizierte Dateien: 2
C:\Users\Barbara neu\Downloads\SoftonicDownloader_fuer_ibm-spss-statistics.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Barbara neu\Downloads\SoftonicDownloader_fuer_spss.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.
(Ende)
das logfile von defogger Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:55 on 06/01/2013 (Barbara neu)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Unable to read mbamswissarmy.sys
-=E.O.F=-
OTL
OTL Logfile: Code:
OTL logfile created on: 06.01.2013 17:58:31 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Barbara neu\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000C07 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
2,90 Gb Total Physical Memory | 1,58 Gb Available Physical Memory | 54,49% Memory free
6,01 Gb Paging File | 4,70 Gb Available in Paging File | 78,08% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 288,32 Gb Total Space | 128,37 Gb Free Space | 44,52% Space Free | Partition Type: NTFS
Computer Name: BARBARA-PC | User Name: Barbara neu | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.01.06 17:57:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Barbara neu\Desktop\OTL.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2009.06.14 21:12:28 | 000,348,160 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2009.06.14 21:12:00 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2009.05.15 21:39:46 | 000,707,104 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
PRC - [2009.05.15 21:39:46 | 000,703,008 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
PRC - [2009.05.15 21:39:44 | 000,453,152 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
PRC - [2009.04.29 18:56:28 | 000,176,128 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
PRC - [2009.04.29 16:32:32 | 000,118,784 | ---- | M] (Acer Incorporated) -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
PRC - [2009.04.13 10:21:26 | 000,791,840 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
PRC - [2009.04.13 10:21:26 | 000,578,848 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
PRC - [2009.04.11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.02.12 01:38:40 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2009.02.12 01:38:38 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2008.07.29 18:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2007.09.14 02:50:00 | 001,603,152 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
========== Modules (No Company Name) ==========
MOD - [2012.08.31 12:02:46 | 003,194,880 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.08.31 12:01:10 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012.04.23 12:01:12 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012.03.22 12:02:38 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2011.12.27 03:51:23 | 005,251,072 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2010.09.20 16:36:39 | 000,339,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3452.36786__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:39 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3452.36806__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010.09.20 16:36:39 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3452.36800__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010.09.20 16:36:38 | 001,732,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3452.36805__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
MOD - [2010.09.20 16:36:38 | 000,077,824 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3452.36857__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:38 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3452.36829__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:38 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3452.36795__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:37 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3452.36876__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010.09.20 16:36:37 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3452.36795__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:37 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3452.36838__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:36 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3452.36877__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:35 | 000,331,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3452.36843__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:35 | 000,118,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3452.36875__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:35 | 000,102,400 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3452.36885__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:35 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3452.36844__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010.09.20 16:36:35 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3452.36843__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:35 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossFireX.Graphics.Dashboard\2.0.3452.36900__90ba9c70f846762e\CLI.Aspect.CrossFireX.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:35 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3452.36875__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:35 | 000,019,968 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3452.36885__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:33 | 000,409,600 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3452.36851__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
MOD - [2010.09.20 16:36:32 | 000,950,272 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3452.36901__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:32 | 000,782,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3452.36831__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:32 | 000,573,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3452.36807__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:32 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3452.36806__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:32 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3452.36836__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:32 | 000,081,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3452.36830__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:32 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3452.36836__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:31 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3452.36830__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:31 | 000,360,448 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3452.36825__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:31 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3452.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:31 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3452.36811__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
MOD - [2010.09.20 16:36:31 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3452.36829__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:31 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3452.36810__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:31 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3452.36837__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:30 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010.09.20 16:36:30 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3452.36830__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
MOD - [2010.09.20 16:36:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010.09.20 16:36:30 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3428.28302__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010.09.20 16:36:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010.09.20 16:36:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3428.28329__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010.09.20 16:36:30 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3428.28311__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
MOD - [2010.09.20 16:36:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010.09.20 16:36:29 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3428.28327__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010.09.20 16:36:29 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010.09.20 16:36:28 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3428.28296__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010.09.20 16:36:28 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3428.28297__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010.09.20 16:36:28 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3428.28310__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010.09.20 16:36:27 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010.09.20 16:36:27 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3428.28354__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.dll
MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3428.28324__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010.09.20 16:36:27 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010.09.20 16:36:26 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3428.28298__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010.09.20 16:36:26 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3428.28304__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010.09.20 16:36:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010.09.20 16:36:26 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3428.28302__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010.09.20 16:36:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3428.28303__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010.09.20 16:36:26 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010.09.20 16:36:25 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3428.28305__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010.09.20 16:36:25 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010.09.20 16:36:25 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3428.28324__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010.09.20 16:36:25 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3428.28328__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll
MOD - [2010.09.20 16:36:25 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010.09.20 16:36:24 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3428.28323__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3428.28316__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3428.28315__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3428.28309__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3428.28313__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3428.28311__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3428.28314__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
MOD - [2010.09.20 16:36:23 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3428.28312__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010.09.20 16:36:22 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3428.28310__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010.09.20 16:36:22 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3428.28304__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010.09.20 16:36:21 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3452.36881__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010.09.20 16:36:21 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3452.36782__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010.09.20 16:36:20 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3452.36871__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010.09.20 16:36:20 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3452.36869__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010.09.20 16:36:20 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010.09.20 16:36:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3428.28303__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010.09.20 16:36:20 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3428.28310__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010.09.20 16:36:19 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3452.36800__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010.09.20 16:36:19 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3452.36786__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010.09.20 16:36:19 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3452.36784__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010.09.20 16:36:19 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010.09.20 16:36:19 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3428.28301__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010.09.20 16:36:19 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3428.28311__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010.09.20 16:36:18 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3428.28309__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010.09.20 16:36:17 | 001,212,416 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3452.36791__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010.09.20 16:36:17 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3452.36784__90ba9c70f846762e\APM.Server.dll
MOD - [2010.09.20 16:36:17 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3452.36782__90ba9c70f846762e\AEM.Server.dll
MOD - [2010.09.20 16:36:17 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3428.28308__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010.09.20 16:36:17 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010.09.20 16:36:17 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3428.28316__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010.09.20 16:36:17 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3452.36870__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2009.06.19 09:49:16 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009.04.13 10:09:00 | 000,126,976 | ---- | M] () -- C:\Program Files\WIDCOMM\Bluetooth Software\BTKeyInd.dll
MOD - [2009.03.30 05:42:20 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2009.03.30 05:42:19 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2009.03.30 05:42:17 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.03.30 05:42:12 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2009.03.30 05:42:12 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll
MOD - [2009.03.30 05:42:11 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.03.30 05:42:10 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2008.07.29 18:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe
========== Services (SafeList) ==========
SRV - [2012.12.14 12:43:34 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.07 20:11:48 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009.06.14 21:12:00 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2009.05.15 21:39:46 | 000,703,008 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2009.04.29 16:32:32 | 000,118,784 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe -- (ODDPwrSvc)
SRV - [2009.04.13 10:21:26 | 000,578,848 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2009.02.12 01:38:40 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON)
SRV - [2008.01.21 03:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tscusb2a.sys -- (TASCAM_US122L_MK2_WDM)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tscusb2m.sys -- (TASCAM_US122L_MK2_MIDI)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\tascusb2.sys -- (TASCAM_US122144)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - [2012.10.30 23:51:58 | 000,738,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2012.10.30 23:51:58 | 000,361,032 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2012.10.30 23:51:58 | 000,054,232 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2012.10.30 23:51:58 | 000,035,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr.sys -- (AswRdr)
DRV - [2012.10.30 23:51:57 | 000,058,680 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2012.10.30 23:51:56 | 000,021,256 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009.06.19 20:31:06 | 005,958,144 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NETw1v32.sys -- (NETw1v32)
DRV - [2009.06.14 21:47:20 | 004,989,952 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atipmdag.sys -- (amdkmdag)
DRV - [2009.06.14 20:23:10 | 000,106,496 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2009.06.14 20:09:50 | 004,740,096 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\igdpmd32.sys -- (intelkmd)
DRV - [2009.04.01 20:54:44 | 000,050,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C60x86.sys -- (L1C)
DRV - [2009.02.20 17:10:00 | 000,153,952 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\RtHDMIV.sys -- (RTHDMIAzAudService)
DRV - [2008.06.18 16:49:16 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0809&m=aspire_5810t
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKLM\..\SearchScopes,DefaultScope = {EEE6C360-6118-11DC-9C72-001320C79847}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0c07&s=2&o=vp32&d=0809&m=aspire_5810t
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811}
IE - HKCU\..\SearchScopes,DefaultScope = {DE0205D4-196A-469C-9A75-F89FF121F80D}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=ddrnw&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{CEF49D59-2551-42BC-814E-C12913537CD7}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=214BE686-6759-4B17-8842-769D8690E4A9&apn_sauid=3DE1E432-AF7A-499B-84CE-77B8F2C62331
IE - HKCU\..\SearchScopes\{DE0205D4-196A-469C-9A75-F89FF121F80D}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaulturl: ""
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.suggest.enabled: false
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:blank"
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:14.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.3
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: {ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.4.53: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.4.53: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Media Software and Services Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.12 21:07:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 20:11:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.07 20:11:49 | 000,000,000 | ---D | M]
[2010.01.27 00:06:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\Extensions
[2013.01.04 09:04:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\Firefox\Profiles\4mq0wbaf.default\extensions
[2011.03.25 00:12:13 | 000,330,316 | ---- | M] () (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\firefox\profiles\4mq0wbaf.default\extensions\personas@christopher.beard.xpi
[2012.11.23 15:47:58 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Barbara neu\AppData\Roaming\mozilla\firefox\profiles\4mq0wbaf.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.04 21:30:07 | 000,001,610 | ---- | M] () -- C:\Users\Barbara neu\AppData\Roaming\mozilla\firefox\profiles\4mq0wbaf.default\searchplugins\ixquick---deutsch.xml
[2012.12.17 14:25:28 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2012.11.12 21:07:42 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2012.12.07 20:11:49 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.25 14:10:09 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.25 14:10:09 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.25 14:10:09 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.25 14:10:09 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.25 14:10:09 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.25 14:10:09 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811}
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={24416447-55EA-11E2-9170-001F16AD6811}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Download Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpplugin.dll
CHR - Extension: Google Drive = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: avast! WebRep = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Google Mail = C:\Users\Barbara neu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2006.09.18 22:41:30 | 000,000,761 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No CLSID value found.
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O2 - BHO: (smartdownloader Class) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - C:\Program Files\SockshareDownloader\smarterdownloader.dll File not found
O3 - HKLM\..\Toolbar: (no name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [Acer ePower Management] C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)
O4 - HKLM..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation)
O4 - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated)
O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\SkyTel.exe (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Barbara neu\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O13 - gopher Prefix: missing
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10FAFB6D-C08D-4BF5-AC21-787996885DD4}: DhcpNameServer = 195.34.133.21 212.186.211.21
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF8F8509-B831-43C6-A805-B58C160372CB}: DhcpNameServer = 195.34.133.21 212.186.211.21
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Barbara neu\Pictures\Canon EOS 60D\20110817 - Lichtspiel\IMG_4956.JPG
O24 - Desktop BackupWallPaper: C:\Users\Barbara neu\Pictures\Canon EOS 60D\20110817 - Lichtspiel\IMG_4956.JPG
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{1a0f21d1-b9d1-11e1-b212-001f16ad6811}\Shell - "" = AutoRun
O33 - MountPoints2\{1a0f21d1-b9d1-11e1-b212-001f16ad6811}\Shell\AutoRun\command - "" = E:\Startme.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
========== Files/Folders - Created Within 30 Days ==========
[2013.01.06 17:57:29 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Barbara neu\Desktop\OTL.exe
[2013.01.04 10:25:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.01.03 22:10:47 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Local\PutLockerDownloader
[2013.01.03 22:10:38 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SockshareDownloader.com
[2012.12.19 18:42:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2012.12.19 18:42:03 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft
[2012.12.19 18:20:00 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Roaming\Malwarebytes
[2012.12.19 18:19:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.12.19 18:19:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.12.19 18:19:42 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.19 18:19:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.12.17 19:43:16 | 000,000,000 | -H-D | C] -- C:\ProgramData\{64300630-5B75-49F3-904F-EA6A0C434430}
[2012.12.17 19:43:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UPC Fiber Power Optimizer
[2012.12.16 15:12:30 | 000,000,000 | ---D | C] -- C:\Program Files\UPC Fiber Power Optimizer
[2012.12.14 20:49:04 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Local\TVU Networks
[2012.12.14 20:49:04 | 000,000,000 | ---D | C] -- C:\ProgramData\TVU Networks
[2012.12.14 20:45:47 | 000,000,000 | ---D | C] -- C:\Users\Barbara neu\AppData\Local\Zattoo
[2012.12.14 20:45:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zattoo4
[2012.12.14 20:45:39 | 000,000,000 | ---D | C] -- C:\Program Files\Zattoo4
[2012.12.07 20:11:36 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
========== Files - Modified Within 30 Days ==========
[2013.01.06 18:10:00 | 000,000,426 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{5DD97CF1-442C-45FF-9906-8EEE2E1F9D73}.job
[2013.01.06 18:04:00 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.06 17:57:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Barbara neu\Desktop\OTL.exe
[2013.01.06 17:55:34 | 000,000,000 | ---- | M] () -- C:\Users\Barbara neu\defogger_reenable
[2013.01.06 17:53:35 | 000,050,477 | ---- | M] () -- C:\Users\Barbara neu\Desktop\Defogger.exe
[2013.01.06 17:41:05 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.06 17:04:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.06 16:53:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.06 16:53:22 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.06 15:07:02 | 000,000,390 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateXML_Barbara neu.job
[2013.01.06 14:53:53 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Barbara neu.job
[2013.01.06 14:53:28 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013.01.06 14:53:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.06 14:53:14 | 3119,292,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.05 21:14:55 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2013.01.04 20:03:03 | 000,000,394 | ---- | M] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Barbara neu.job
[2012.12.27 15:29:00 | 000,030,706 | ---- | M] () -- C:\Users\Barbara neu\Desktop\Telefonliste.pdf
[2012.12.21 22:45:29 | 003,740,288 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.18 20:44:47 | 000,002,591 | ---- | M] () -- C:\Users\Barbara neu\Desktop\Microsoft Office Word 2007.lnk
[2012.12.17 19:58:13 | 000,002,070 | ---- | M] () -- C:\Users\Barbara neu\Documents\cc_20121217_195809.reg
[2012.12.17 19:24:16 | 000,101,040 | ---- | M] () -- C:\Users\Barbara neu\Documents\cc_20121217_192406.reg
[2012.12.16 13:55:03 | 000,623,280 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.16 13:55:03 | 000,591,320 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.16 13:55:03 | 000,125,378 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.16 13:55:03 | 000,103,194 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.14 20:46:17 | 000,017,408 | ---- | M] () -- C:\Users\Barbara neu\AppData\Local\WebpageIcons.db
[2012.12.14 16:49:28 | 000,021,104 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.12.13 22:08:49 | 000,000,016 | -H-- | M] () -- C:\Windows\System32\servdat.slm
========== Files Created - No Company Name ==========
[2013.01.06 17:55:34 | 000,000,000 | ---- | C] () -- C:\Users\Barbara neu\defogger_reenable
[2013.01.06 17:53:11 | 000,050,477 | ---- | C] () -- C:\Users\Barbara neu\Desktop\Defogger.exe
[2012.12.27 15:29:00 | 000,030,706 | ---- | C] () -- C:\Users\Barbara neu\Desktop\Telefonliste.pdf
[2012.12.17 19:58:12 | 000,002,070 | ---- | C] () -- C:\Users\Barbara neu\Documents\cc_20121217_195809.reg
[2012.12.17 19:24:09 | 000,101,040 | ---- | C] () -- C:\Users\Barbara neu\Documents\cc_20121217_192406.reg
[2012.12.17 14:13:19 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\RNUpgradeHelperLogonPrompt_Barbara neu.job
[2012.12.17 14:12:58 | 000,000,394 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateFiles_Barbara neu.job
[2012.12.17 14:12:51 | 000,000,390 | ---- | C] () -- C:\Windows\tasks\ReclaimerUpdateXML_Barbara neu.job
[2012.12.14 20:45:46 | 000,017,408 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\WebpageIcons.db
[2012.12.14 12:47:31 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.12.14 12:47:31 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.20 00:59:32 | 000,000,385 | ---- | C] () -- C:\Windows\hpwmdl27.dat.temp
[2012.11.05 21:52:30 | 000,000,000 | ---- | C] () -- C:\Windows\System32\ssprs.dll
[2011.06.19 10:09:17 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth2.dll
[2011.06.19 10:09:17 | 000,001,024 | ---- | C] () -- C:\Windows\System32\clauth1.dll
[2011.06.19 10:09:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth2.dll
[2011.06.19 10:09:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\serauth1.dll
[2011.06.19 10:09:17 | 000,000,000 | ---- | C] () -- C:\Windows\System32\nsprs.dll
[2011.06.19 10:03:10 | 000,001,025 | ---- | C] () -- C:\Windows\System32\sysprs7.dll
[2011.06.19 10:03:10 | 000,000,205 | ---- | C] () -- C:\Windows\System32\lsprst7.dll
[2010.10.26 21:58:56 | 000,000,000 | ---- | C] () -- C:\Users\Barbara neu\AppData\Roaming\wklnhst.dat
[2010.08.10 16:51:13 | 000,000,331 | ---- | C] () -- C:\Users\Barbara neu\Desktop - Verknüpfung.lnk
[2010.06.26 16:22:50 | 000,001,429 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\RecConfig.xml
[2010.04.05 12:15:35 | 000,001,356 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\d3d9caps.dat
[2010.01.26 23:53:38 | 000,166,912 | ---- | C] () -- C:\Users\Barbara neu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009.11.17 12:34:30 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
========== ZeroAccess Check ==========
[2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2010.08.10 16:39:16 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Acer
[2009.04.09 14:21:52 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Acer GameZone Console
[2010.05.18 16:08:13 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\cacaoweb
[2011.04.07 07:19:44 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Canon
[2011.01.27 23:34:52 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2012.03.11 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.12.20 23:48:16 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Dropbox
[2012.12.17 15:01:30 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\DVDVideoSoft
[2011.10.28 09:01:12 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\DVDVideoSoftIEHelpers
[2010.02.16 22:07:33 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\EA
[2011.06.25 14:04:02 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\GrabPro
[2011.08.10 13:19:19 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\HartlauerFotoService3
[2010.02.15 15:02:32 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\iWin
[2010.07.06 09:18:03 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\NCH Swift Sound
[2010.05.24 22:06:29 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\OLYMPUS
[2011.07.21 09:19:14 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Orbit
[2010.02.15 16:09:56 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\PlayFirst
[2011.03.21 13:43:09 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\ProgSense
[2012.03.11 11:40:18 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Quark
[2012.05.29 17:46:13 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Scribus
[2011.06.25 13:12:28 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Software Informer
[2012.09.02 05:16:03 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Sony
[2011.01.28 20:53:00 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2010.06.26 16:41:31 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Sytexis
[2010.07.05 20:18:04 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\Sytexis Software
[2012.10.28 22:49:25 | 000,000,000 | ---D | M] -- C:\Users\Barbara neu\AppData\Roaming\TuneUp Software
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 134 bytes -> C:\ProgramData\TEMP:814B9485
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:CDFF58FE
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:ADE16379
@Alternate Data Stream - 129 bytes -> C:\ProgramData\TEMP:ABE89FFE
@Alternate Data Stream - 128 bytes -> C:\ProgramData\TEMP:3B3A35EC
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:798A3728
@Alternate Data Stream - 123 bytes -> C:\ProgramData\TEMP:41099CE9
@Alternate Data Stream - 120 bytes -> C:\ProgramData\TEMP:3064D21D
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:35759C73
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:B623B5B8
@Alternate Data Stream - 114 bytes -> C:\ProgramData\TEMP:CE0A077E
@Alternate Data Stream - 113 bytes -> C:\ProgramData\TEMP:9E22BBE8
@Alternate Data Stream - 110 bytes -> C:\ProgramData\TEMP:8750DCE4
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:B203B914
@Alternate Data Stream - 105 bytes -> C:\ProgramData\TEMP:131C0EE9
< End of report > --- --- ---
[/CODE] |