orezjunk | 06.04.2013 14:35 | Ja hab ich gemacht und jetzt hab ich hall beim wiedergeben von Musik kannst du mir sagen warum?AdwCleaner Logfile: Code:
# AdwCleaner v2.200 - Datei am 06/04/2013 um 15:11:41 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Professional (32 bits)
# Benutzer : Peter - PETER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Peter\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\1cg1rmfu.default\searchplugins\daemon-search.xml
Ordner Gelöscht : C:\Program Files\DAEMON Tools Toolbar
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Peter\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Peter\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\1cg1rmfu.default\extensions\ffxtlbr@babylon.com
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
***** [Internet Browser] *****
-\\ Internet Explorer v8.0.7600.16385
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.daemon-search.com/startpage --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://search.babylon.com/?babsrc=hp_ss&affid=100489&mntrid=5467cf35000000000000000000000000 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.babylon.com/?babsrc=NT_ss&affID=100489&mntrId=5467cf35000000000000000000000000 --> hxxp://www.google.com
-\\ Mozilla Firefox v3.5.2 (de)
Datei : C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\1cg1rmfu.default\prefs.js
Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.daemon-search.com/startpage");
-\\ Opera v11.51.1087.0
Datei : C:\Users\Peter\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [2715 octets] - [06/04/2013 15:11:41]
########## EOF - C:\AdwCleaner[S1].txt - [2775 octets] ########## --- --- ---
Combo Fix.txt ist unauffindbar...OTL Logfile: Code:
OTL logfile created on: 06.04.2013 15:38:54 - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peter\Desktop\Virus stuff
Professional (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 2,13 Gb Available Physical Memory | 70,92% Memory free
6,00 Gb Paging File | 4,83 Gb Available in Paging File | 80,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 46,58 Gb Total Space | 31,75 Gb Free Space | 68,17% Space Free | Partition Type: NTFS
Drive D: | 41,92 Gb Total Space | 41,29 Gb Free Space | 98,50% Space Free | Partition Type: NTFS
Drive E: | 377,26 Gb Total Space | 339,38 Gb Free Space | 89,96% Space Free | Partition Type: NTFS
Drive F: | 100,00 Mb Total Space | 86,25 Mb Free Space | 86,25% Space Free | Partition Type: NTFS
Drive G: | 78,03 Gb Total Space | 1,68 Gb Free Space | 2,15% Space Free | Partition Type: NTFS
Drive H: | 390,62 Gb Total Space | 222,86 Gb Free Space | 57,05% Space Free | Partition Type: NTFS
Drive I: | 462,76 Gb Total Space | 42,59 Gb Free Space | 9,20% Space Free | Partition Type: NTFS
Drive K: | 148,22 Gb Total Space | 2,62 Gb Free Space | 1,77% Space Free | Partition Type: FAT32
Drive L: | 5,13 Gb Total Space | 0,16 Gb Free Space | 3,18% Space Free | Partition Type: NTFS
Computer Name: PETER-PC | User Name: Peter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.04.05 16:30:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peter\Desktop\Virus stuff\OTL.exe
PRC - [2012.05.02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.02 00:31:38 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.04.24 02:11:59 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2011.09.15 13:36:37 | 001,800,464 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011.09.15 13:36:37 | 000,723,632 | ---- | M] (COMODO) -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011.09.11 14:25:45 | 000,947,056 | ---- | M] (Opera Software) -- C:\Programme\Opera\opera.exe
PRC - [2011.06.30 20:30:10 | 001,595,520 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Winamp\winamp.exe
PRC - [2011.06.30 20:29:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Programme\Winamp\winampa.exe
PRC - [2009.09.25 15:38:16 | 000,312,784 | ---- | M] () -- C:\Programme\XSManager\WTGService.exe
PRC - [2009.09.17 18:37:48 | 000,157,968 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\starter4g.exe
PRC - [2009.09.17 18:37:04 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) -- C:\Windows\service4g.exe
PRC - [2009.07.14 03:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 03:14:15 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
========== Modules (No Company Name) ==========
MOD - [2013.04.06 15:32:16 | 000,204,800 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\winamp.lng
MOD - [2013.04.06 15:32:16 | 000,155,648 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\vis_milk2.lng
MOD - [2013.04.06 15:32:16 | 000,088,064 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\vis_avs.lng
MOD - [2013.04.06 15:32:16 | 000,039,424 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\pmp_wifi.lng
MOD - [2013.04.06 15:32:16 | 000,036,864 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\pmp_ipod.lng
MOD - [2013.04.06 15:32:16 | 000,011,776 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\pmp_usb.lng
MOD - [2013.04.06 15:32:16 | 000,007,680 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\vis_nsfs.lng
MOD - [2013.04.06 15:32:16 | 000,006,144 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\tagz.lng
MOD - [2013.04.06 15:32:16 | 000,004,096 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\winampa.lng
MOD - [2013.04.06 15:32:16 | 000,004,096 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\pmp_p4s.lng
MOD - [2013.04.06 15:32:16 | 000,003,584 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\pmp_njb.lng
MOD - [2013.04.06 15:32:15 | 000,047,104 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_pmp.lng
MOD - [2013.04.06 15:32:15 | 000,036,352 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ombrowser.lng
MOD - [2013.04.06 15:32:15 | 000,020,480 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\pmp_android.lng
MOD - [2013.04.06 15:32:15 | 000,016,384 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\out_ds.lng
MOD - [2013.04.06 15:32:15 | 000,014,848 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_wire.lng
MOD - [2013.04.06 15:32:15 | 000,008,192 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_transcode.lng
MOD - [2013.04.06 15:32:15 | 000,007,680 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\out_wave.lng
MOD - [2013.04.06 15:32:15 | 000,006,144 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\out_disk.lng
MOD - [2013.04.06 15:32:15 | 000,005,120 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_rg.lng
MOD - [2013.04.06 15:32:15 | 000,004,608 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\pmp_activesync.lng
MOD - [2013.04.06 15:32:15 | 000,003,072 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\playlist.lng
MOD - [2013.04.06 15:32:14 | 000,056,320 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_local.lng
MOD - [2013.04.06 15:32:14 | 000,047,616 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_disc.lng
MOD - [2013.04.06 15:32:14 | 000,034,816 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_plg.lng
MOD - [2013.04.06 15:32:14 | 000,015,360 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_wm.lng
MOD - [2013.04.06 15:32:14 | 000,014,336 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_online.lng
MOD - [2013.04.06 15:32:14 | 000,012,800 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_playlists.lng
MOD - [2013.04.06 15:32:14 | 000,011,776 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_nsv.lng
MOD - [2013.04.06 15:32:14 | 000,011,264 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_vorbis.lng
MOD - [2013.04.06 15:32:14 | 000,009,728 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_downloads.lng
MOD - [2013.04.06 15:32:14 | 000,008,704 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_history.lng
MOD - [2013.04.06 15:32:14 | 000,008,704 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_devices.lng
MOD - [2013.04.06 15:32:14 | 000,006,656 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_autotag.lng
MOD - [2013.04.06 15:32:14 | 000,006,656 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_wav.lng
MOD - [2013.04.06 15:32:14 | 000,005,632 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_wave.lng
MOD - [2013.04.06 15:32:14 | 000,005,120 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_impex.lng
MOD - [2013.04.06 15:32:14 | 000,005,120 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_bookmarks.lng
MOD - [2013.04.06 15:32:14 | 000,004,608 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_enqplay.lng
MOD - [2013.04.06 15:32:14 | 000,004,608 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_wv.lng
MOD - [2013.04.06 15:32:14 | 000,004,096 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_orb.lng
MOD - [2013.04.06 15:32:14 | 000,003,584 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_nowplaying.lng
MOD - [2013.04.06 15:32:14 | 000,003,584 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\ml_addons.lng
MOD - [2013.04.06 15:32:14 | 000,003,584 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_swf.lng
MOD - [2013.04.06 15:32:13 | 000,041,984 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_jumpex.lng
MOD - [2013.04.06 15:32:13 | 000,023,040 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_mp3.lng
MOD - [2013.04.06 15:32:13 | 000,021,504 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_ml.lng
MOD - [2013.04.06 15:32:13 | 000,020,480 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_midi.lng
MOD - [2013.04.06 15:32:13 | 000,018,944 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_mod.lng
MOD - [2013.04.06 15:32:13 | 000,014,336 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_cdda.lng
MOD - [2013.04.06 15:32:13 | 000,011,776 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_skinmanager.lng
MOD - [2013.04.06 15:32:13 | 000,011,264 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_hotkeys.lng
MOD - [2013.04.06 15:32:13 | 000,010,752 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_undo.lng
MOD - [2013.04.06 15:32:13 | 000,010,240 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_timerestore.lng
MOD - [2013.04.06 15:32:13 | 000,009,216 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_nopro.lng
MOD - [2013.04.06 15:32:13 | 000,008,192 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_tray.lng
MOD - [2013.04.06 15:32:13 | 000,007,168 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_orgler.lng
MOD - [2013.04.06 15:32:13 | 000,006,656 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_dshow.lng
MOD - [2013.04.06 15:32:13 | 000,005,632 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_flac.lng
MOD - [2013.04.06 15:32:13 | 000,005,120 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_mp4.lng
MOD - [2013.04.06 15:32:13 | 000,005,120 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_avi.lng
MOD - [2013.04.06 15:32:13 | 000,004,608 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_mkv.lng
MOD - [2013.04.06 15:32:13 | 000,003,584 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_linein.lng
MOD - [2013.04.06 15:32:13 | 000,003,584 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\in_flv.lng
MOD - [2013.04.06 15:32:12 | 000,069,120 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\burnlib.lng
MOD - [2013.04.06 15:32:12 | 000,023,552 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_classicart.lng
MOD - [2013.04.06 15:32:12 | 000,023,040 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_ff.lng
MOD - [2013.04.06 15:32:12 | 000,013,824 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\dsp_sps.lng
MOD - [2013.04.06 15:32:12 | 000,010,752 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\auth.lng
MOD - [2013.04.06 15:32:12 | 000,007,168 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_crasher.lng
MOD - [2013.04.06 15:32:12 | 000,006,656 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\enc_fhgaac.lng
MOD - [2013.04.06 15:32:12 | 000,006,144 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\enc_wma.lng
MOD - [2013.04.06 15:32:12 | 000,005,632 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\enc_lame.lng
MOD - [2013.04.06 15:32:12 | 000,004,096 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\gen_find_on_disk.lng
MOD - [2013.04.06 15:32:12 | 000,004,096 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\enc_wav.lng
MOD - [2013.04.06 15:32:12 | 000,004,096 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\enc_vorbis.lng
MOD - [2013.04.06 15:32:12 | 000,004,096 | ---- | M] () -- C:\Users\Peter\AppData\Local\Temp\WLZC9F2.tmp\enc_flac.lng
MOD - [2013.04.06 15:31:14 | 000,090,112 | ---- | M] () -- C:\Programme\Winamp\System\xml.w5s
MOD - [2013.04.06 15:31:14 | 000,083,968 | ---- | M] () -- C:\Programme\Winamp\tataki.dll
MOD - [2013.04.06 15:31:14 | 000,047,616 | ---- | M] () -- C:\Programme\Winamp\zlib.dll
MOD - [2013.04.06 15:31:13 | 000,103,936 | ---- | M] () -- C:\Programme\Winamp\System\png.w5s
MOD - [2013.04.06 15:31:13 | 000,084,480 | ---- | M] () -- C:\Programme\Winamp\System\playlist.w5s
MOD - [2013.04.06 15:31:13 | 000,035,328 | ---- | M] () -- C:\Programme\Winamp\System\timer.w5s
MOD - [2013.04.06 15:31:13 | 000,021,504 | ---- | M] () -- C:\Programme\Winamp\System\tagz.w5s
MOD - [2013.04.06 15:31:13 | 000,013,824 | ---- | M] () -- C:\Programme\Winamp\System\primo.w5s
MOD - [2013.04.06 15:31:12 | 000,623,616 | ---- | M] () -- C:\Programme\Winamp\System\jnetlib.w5s
MOD - [2013.04.06 15:31:12 | 000,174,080 | ---- | M] () -- C:\Programme\Winamp\System\auth.w5s
MOD - [2013.04.06 15:31:12 | 000,154,624 | ---- | M] () -- C:\Programme\Winamp\System\jpeg.w5s
MOD - [2013.04.06 15:31:12 | 000,044,544 | ---- | M] () -- C:\Programme\Winamp\System\devices.w5s
MOD - [2013.04.06 15:31:12 | 000,019,456 | ---- | M] () -- C:\Programme\Winamp\System\gif.w5s
MOD - [2013.04.06 15:31:12 | 000,019,456 | ---- | M] () -- C:\Programme\Winamp\System\bmp.w5s
MOD - [2013.04.06 15:31:12 | 000,016,896 | ---- | M] () -- C:\Programme\Winamp\System\dlmgr.w5s
MOD - [2013.04.06 15:31:12 | 000,016,384 | ---- | M] () -- C:\Programme\Winamp\System\gracenote.w5s
MOD - [2013.04.06 15:31:12 | 000,014,336 | ---- | M] () -- C:\Programme\Winamp\System\filereader.w5s
MOD - [2013.04.06 15:31:11 | 000,118,272 | ---- | M] () -- C:\Programme\Winamp\Plugins\pmp_p4s.dll
MOD - [2013.04.06 15:31:11 | 000,113,152 | ---- | M] () -- C:\Programme\Winamp\Plugins\pmp_wifi.dll
MOD - [2013.04.06 15:31:11 | 000,053,760 | ---- | M] () -- C:\Programme\Winamp\Plugins\pmp_usb.dll
MOD - [2013.04.06 15:31:11 | 000,023,040 | ---- | M] () -- C:\Programme\Winamp\System\albumart.w5s
MOD - [2013.04.06 15:31:11 | 000,020,480 | ---- | M] () -- C:\Programme\Winamp\Plugins\pmp_njb.dll
MOD - [2013.04.06 15:31:10 | 000,313,344 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_wm.dll
MOD - [2013.04.06 15:31:10 | 000,293,376 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_local.dll
MOD - [2013.04.06 15:31:10 | 000,285,696 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_mp3.dll
MOD - [2013.04.06 15:31:10 | 000,252,416 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_vorbis.dll
MOD - [2013.04.06 15:31:10 | 000,250,368 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_devices.dll
MOD - [2013.04.06 15:31:10 | 000,241,152 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_pmp.dll
MOD - [2013.04.06 15:31:10 | 000,200,704 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_disc.dll
MOD - [2013.04.06 15:31:10 | 000,170,496 | ---- | M] () -- C:\Programme\Winamp\Plugins\pmp_ipod.dll
MOD - [2013.04.06 15:31:10 | 000,165,376 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_mod.dll
MOD - [2013.04.06 15:31:10 | 000,125,440 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_online.dll
MOD - [2013.04.06 15:31:10 | 000,109,568 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_midi.dll
MOD - [2013.04.06 15:31:10 | 000,083,456 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_plg.dll
MOD - [2013.04.06 15:31:10 | 000,082,944 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_playlists.dll
MOD - [2013.04.06 15:31:10 | 000,074,752 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_nsv.dll
MOD - [2013.04.06 15:31:10 | 000,060,928 | ---- | M] () -- C:\Programme\Winamp\Plugins\pmp_android.dll
MOD - [2013.04.06 15:31:10 | 000,057,344 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_impex.dll
MOD - [2013.04.06 15:31:10 | 000,052,224 | ---- | M] () -- C:\Programme\Winamp\Plugins\out_ds.dll
MOD - [2013.04.06 15:31:10 | 000,052,224 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_history.dll
MOD - [2013.04.06 15:31:10 | 000,050,688 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_mp4.dll
MOD - [2013.04.06 15:31:10 | 000,049,152 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_mkv.dll
MOD - [2013.04.06 15:31:10 | 000,043,008 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_flv.dll
MOD - [2013.04.06 15:31:10 | 000,033,792 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_rg.dll
MOD - [2013.04.06 15:31:10 | 000,031,744 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_transcode.dll
MOD - [2013.04.06 15:31:10 | 000,028,672 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_autotag.dll
MOD - [2013.04.06 15:31:10 | 000,027,648 | ---- | M] () -- C:\Programme\Winamp\Plugins\ml_bookmarks.dll
MOD - [2013.04.06 15:31:10 | 000,023,552 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_swf.dll
MOD - [2013.04.06 15:31:10 | 000,022,528 | ---- | M] () -- C:\Programme\Winamp\Plugins\out_disk.dll
MOD - [2013.04.06 15:31:10 | 000,018,432 | ---- | M] () -- C:\Programme\Winamp\Plugins\out_wave.dll
MOD - [2013.04.06 15:31:10 | 000,016,896 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_wave.dll
MOD - [2013.04.06 15:31:10 | 000,007,168 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_linein.dll
MOD - [2013.04.06 15:31:09 | 001,737,728 | ---- | M] () -- C:\Programme\Winamp\Plugins\gen_ff.dll
MOD - [2013.04.06 15:31:09 | 000,410,624 | ---- | M] () -- C:\Programme\Winamp\nsutil.dll
MOD - [2013.04.06 15:31:09 | 000,340,992 | ---- | M] () -- C:\Programme\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
MOD - [2013.04.06 15:31:09 | 000,312,832 | ---- | M] () -- C:\Programme\Winamp\Plugins\gen_ml.dll
MOD - [2013.04.06 15:31:09 | 000,253,440 | ---- | M] () -- C:\Programme\Winamp\libsndfile.dll
MOD - [2013.04.06 15:31:09 | 000,183,808 | ---- | M] () -- C:\Programme\Winamp\Plugins\gen_jumpex.dll
MOD - [2013.04.06 15:31:09 | 000,102,400 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_cdda.dll
MOD - [2013.04.06 15:31:09 | 000,078,848 | ---- | M] () -- C:\Programme\Winamp\nde.dll
MOD - [2013.04.06 15:31:09 | 000,072,192 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_dshow.dll
MOD - [2013.04.06 15:31:09 | 000,068,608 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_avi.dll
MOD - [2013.04.06 15:31:09 | 000,060,928 | ---- | M] () -- C:\Programme\Winamp\Plugins\in_flac.dll
MOD - [2013.04.06 15:31:09 | 000,057,344 | ---- | M] () -- C:\Programme\Winamp\Plugins\gen_orgler.dll
MOD - [2013.04.06 15:31:09 | 000,027,648 | ---- | M] () -- C:\Programme\Winamp\Plugins\gen_hotkeys.dll
MOD - [2013.04.06 15:31:09 | 000,025,600 | ---- | M] () -- C:\Programme\Winamp\Plugins\gen_tray.dll
MOD - [2011.09.15 13:36:37 | 000,274,704 | ---- | M] () -- C:\Programme\COMODO\COMODO Internet Security\cavshell.dll
MOD - [2009.08.16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll
MOD - [2008.10.05 05:24:02 | 003,695,008 | ---- | M] () -- C:\Windows\System32\Macromed\Flash\NPSWF32.dll
========== Services (SafeList) ==========
SRV - [2012.05.02 01:42:31 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.02 00:34:37 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.09.15 13:36:37 | 000,723,632 | ---- | M] (COMODO) [Auto | Running] -- C:\Programme\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2009.09.25 15:38:16 | 000,312,784 | ---- | M] () [Auto | Running] -- C:\Programme\XSManager\WTGService.exe -- (WTGService)
SRV - [2009.09.17 18:37:04 | 000,125,200 | R--- | M] (4G Systems GmbH & Co. KG) [Auto | Running] -- C:\Windows\service4g.exe -- (XS Stick Service)
SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2009.07.14 03:14:47 | 001,121,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)
========== Driver Services (SafeList) ==========
DRV - [2013.04.05 14:27:58 | 000,552,960 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2012.04.27 10:20:04 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.04.25 00:32:27 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.04.16 21:18:01 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.15 13:36:37 | 000,127,864 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\System32\drivers\cmdguard.sys -- (cmdGuard)
DRV - [2011.09.15 13:36:37 | 000,074,328 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\inspect.sys -- (inspect)
DRV - [2011.09.15 13:36:37 | 000,029,520 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\Windows\System32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011.08.30 13:00:24 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2009.07.14 03:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 03:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 03:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 01:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 01:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009.06.10 23:19:48 | 009,853,248 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2008.10.31 16:19:38 | 000,103,424 | ---- | M] (Mobile Connector) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\cmnsusbser.sys -- (cmnsusbser)
DRV - [2007.04.19 22:12:58 | 000,102,696 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011.08.26 11:24:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.06 15:30:11 | 000,000,000 | ---D | M]
[2011.08.26 11:24:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Extensions
[2013.04.06 15:11:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peter\AppData\Roaming\mozilla\Firefox\Profiles\1cg1rmfu.default\extensions
[2011.08.26 11:24:38 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2011.06.30 20:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2009.07.31 00:59:14 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2009.07.31 00:59:14 | 000,002,344 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2009.07.31 00:59:14 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2009.07.31 00:59:14 | 000,000,986 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2009.07.31 00:59:14 | 000,000,801 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [F5D7050v3] C:\Program Files\Belkin\F5D7050v3\Belkinwcui.exe File not found
O4 - HKLM..\Run: [starter4g] C:\Windows\starter4g.exe (4G Systems GmbH & Co. KG)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0BD116D7-E990-46E6-A0D1-A8FBEDD07288}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{94B14B8F-5A2B-4C6E-A0D3-7B8EDCE07D27}: NameServer = 156.154.70.25,156.154.71.25
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - G:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006.12.30 01:26:40 | 000,000,000 | ---- | M] () - K:\AUTOEXEC.BAT -- [ FAT32 ]
O33 - MountPoints2\{8d096f29-cf3c-11e0-9411-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{8d096f29-cf3c-11e0-9411-806e6f6e6963}\Shell\AutoRun\command - "" = F:\Setup.EXE
O33 - MountPoints2\{fc6f6d5b-cfc3-11e0-80b7-002197857c3c}\Shell - "" = AutoRun
O33 - MountPoints2\{fc6f6d5b-cfc3-11e0-80b7-002197857c3c}\Shell\AutoRun\command - "" = H:\autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKCU\...exe [@ = exefile] -- Reg Error: Key error. File not found
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.04.06 15:31:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013.04.06 15:30:11 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2013.04.06 15:30:11 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp Detect
[2013.04.06 15:29:52 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Winamp
[2013.04.06 15:29:52 | 000,000,000 | ---D | C] -- C:\Program Files\Winamp
[2013.04.06 15:29:52 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\OpenCandy
[2013.04.06 15:23:09 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.04.06 15:15:15 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.04.06 15:14:56 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.04.06 15:14:54 | 000,000,000 | --SD | C] -- C:\32788R22FWJFW
[2013.04.06 15:10:43 | 005,047,402 | R--- | C] (Swearware) -- C:\Users\Peter\Desktop\ComboFix.exe
[2013.04.05 18:08:01 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2013.04.05 17:26:55 | 000,000,000 | ---D | C] -- C:\Users\Peter\Desktop\Virus stuff
[2013.04.05 14:45:45 | 000,000,000 | ---D | C] -- C:\Users\Peter\Documents\Cubase Projects
[2013.04.05 14:45:13 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\VST3 Presets
[2013.04.05 14:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Steinberg
[2013.04.05 14:37:25 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Avira
[2013.04.05 14:36:15 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASIO4ALL v2
[2013.04.05 14:36:15 | 000,000,000 | ---D | C] -- C:\Program Files\ASIO4ALL v2
[2013.04.05 14:35:47 | 002,395,648 | ---- | C] (AD © 2009) -- C:\Windows\System32\SYNSOEMU.DLL
[2013.04.05 14:34:53 | 016,138,240 | ---- | C] (Steinberg Media Technologies) -- C:\HALionOne.dll
[2013.04.05 14:34:42 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VST3
[2013.04.05 14:31:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.04.05 14:30:53 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
[2013.04.05 14:30:51 | 000,137,928 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
[2013.04.05 14:30:51 | 000,083,392 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.04.05 14:30:51 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.04.05 14:30:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.04.05 14:30:50 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
[2013.04.05 14:28:58 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steinberg Cubase 5
[2013.04.05 14:28:58 | 000,000,000 | ---D | C] -- C:\Users\Peter\AppData\Roaming\Steinberg
[2013.04.05 14:28:58 | 000,000,000 | ---D | C] -- C:\Program Files\Steinberg
[2013.04.05 14:28:17 | 000,552,960 | ---- | C] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr73.sys
[2013.04.05 14:28:17 | 000,221,184 | ---- | C] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2013.04.05 14:28:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin
[2013.04.05 14:28:15 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information
[2013.04.05 14:28:05 | 000,000,000 | ---D | C] -- C:\Program Files\Belkin
[2011.08.30 13:25:55 | 000,233,472 | ---- | C] (Propellerhead Software AB) -- C:\Users\Peter\AppData\Roaming\REX Shared Library.dll
[2011.08.30 13:25:55 | 000,225,280 | ---- | C] (Propellerhead Software AB) -- C:\Users\Peter\AppData\Roaming\Rewire.dll
========== Files - Modified Within 30 Days ==========
[2013.04.06 15:32:44 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2013.04.06 15:31:09 | 000,000,937 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.04.06 15:30:11 | 000,035,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 15:30:11 | 000,035,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.06 15:27:13 | 000,758,620 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.06 15:27:13 | 000,639,664 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.06 15:27:13 | 000,160,988 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.06 15:27:13 | 000,134,506 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.06 15:22:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.06 15:22:48 | 2415,357,952 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.06 15:11:02 | 005,047,402 | R--- | M] (Swearware) -- C:\Users\Peter\Desktop\ComboFix.exe
[2013.04.05 14:36:18 | 000,001,051 | ---- | M] () -- C:\Users\Peter\Desktop\ASIO4ALL v2 Anleitung.lnk
[2013.04.05 14:31:49 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.04.05 14:29:24 | 000,002,016 | ---- | M] () -- C:\Users\Peter\Desktop\Cubase 5.lnk
[2013.04.05 14:27:58 | 000,552,960 | ---- | M] (Ralink Technology, Corp.) -- C:\Windows\System32\drivers\netr73.sys
[2013.04.05 14:27:58 | 000,221,184 | ---- | M] (Ralink Technology, Inc.) -- C:\Windows\System32\RaCoInst.dll
[2013.04.04 15:53:52 | 003,078,234 | ---- | M] () -- C:\Users\Peter\Desktop\Fick ins gesicht.mp3
========== Files Created - No Company Name ==========
[2013.04.06 15:31:09 | 000,000,937 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.04.05 15:39:41 | 003,078,234 | ---- | C] () -- C:\Users\Peter\Desktop\Fick ins gesicht.mp3
[2013.04.05 14:36:18 | 000,001,051 | ---- | C] () -- C:\Users\Peter\Desktop\ASIO4ALL v2 Anleitung.lnk
[2013.04.05 14:31:49 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.04.05 14:29:24 | 000,002,016 | ---- | C] () -- C:\Users\Peter\Desktop\Cubase 5.lnk
[2013.04.05 14:28:16 | 000,200,704 | ---- | C] () -- C:\Windows\System32\UpdateDriver.exe
[2013.04.05 14:28:15 | 000,005,224 | ---- | C] () -- C:\Windows\System32\ucuiinfo.ini
[2011.09.15 13:34:35 | 000,001,321 | ---- | C] () -- C:\Windows\System32\.ini
[2011.08.26 11:38:36 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
========== ZeroAccess Check ==========
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009.07.14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2011.08.30 13:23:10 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\DAEMON Tools Lite
[2013.04.06 15:30:05 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\OpenCandy
[2011.08.30 19:57:46 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\OpenOffice.org
[2011.09.11 14:25:49 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Opera
[2011.08.30 13:36:37 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Propellerhead Software
[2013.04.05 14:45:13 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\Steinberg
[2013.04.05 14:45:13 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\VST3 Presets
[2011.09.01 12:49:42 | 000,000,000 | ---D | M] -- C:\Users\Peter\AppData\Roaming\XSManager
========== Purity Check ==========
< End of report > --- --- --- |